1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 struct tls_crypto_info_keys { 29 union { 30 struct tls12_crypto_info_aes_gcm_128 aes128; 31 struct tls12_crypto_info_chacha20_poly1305 chacha20; 32 }; 33 size_t len; 34 }; 35 36 static void tls_crypto_info_init(uint16_t tls_version, uint16_t cipher_type, 37 struct tls_crypto_info_keys *tls12) 38 { 39 memset(tls12, 0, sizeof(*tls12)); 40 41 switch (cipher_type) { 42 case TLS_CIPHER_CHACHA20_POLY1305: 43 tls12->len = sizeof(struct tls12_crypto_info_chacha20_poly1305); 44 tls12->chacha20.info.version = tls_version; 45 tls12->chacha20.info.cipher_type = cipher_type; 46 break; 47 case TLS_CIPHER_AES_GCM_128: 48 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_128); 49 tls12->aes128.info.version = tls_version; 50 tls12->aes128.info.cipher_type = cipher_type; 51 break; 52 default: 53 break; 54 } 55 } 56 57 static void memrnd(void *s, size_t n) 58 { 59 int *dword = s; 60 char *byte; 61 62 for (; n >= 4; n -= 4) 63 *dword++ = rand(); 64 byte = (void *)dword; 65 while (n--) 66 *byte++ = rand(); 67 } 68 69 FIXTURE(tls_basic) 70 { 71 int fd, cfd; 72 bool notls; 73 }; 74 75 FIXTURE_SETUP(tls_basic) 76 { 77 struct sockaddr_in addr; 78 socklen_t len; 79 int sfd, ret; 80 81 self->notls = false; 82 len = sizeof(addr); 83 84 addr.sin_family = AF_INET; 85 addr.sin_addr.s_addr = htonl(INADDR_ANY); 86 addr.sin_port = 0; 87 88 self->fd = socket(AF_INET, SOCK_STREAM, 0); 89 sfd = socket(AF_INET, SOCK_STREAM, 0); 90 91 ret = bind(sfd, &addr, sizeof(addr)); 92 ASSERT_EQ(ret, 0); 93 ret = listen(sfd, 10); 94 ASSERT_EQ(ret, 0); 95 96 ret = getsockname(sfd, &addr, &len); 97 ASSERT_EQ(ret, 0); 98 99 ret = connect(self->fd, &addr, sizeof(addr)); 100 ASSERT_EQ(ret, 0); 101 102 self->cfd = accept(sfd, &addr, &len); 103 ASSERT_GE(self->cfd, 0); 104 105 close(sfd); 106 107 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 108 if (ret != 0) { 109 ASSERT_EQ(errno, ENOENT); 110 self->notls = true; 111 printf("Failure setting TCP_ULP, testing without tls\n"); 112 return; 113 } 114 115 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 116 ASSERT_EQ(ret, 0); 117 } 118 119 FIXTURE_TEARDOWN(tls_basic) 120 { 121 close(self->fd); 122 close(self->cfd); 123 } 124 125 /* Send some data through with ULP but no keys */ 126 TEST_F(tls_basic, base_base) 127 { 128 char const *test_str = "test_read"; 129 int send_len = 10; 130 char buf[10]; 131 132 ASSERT_EQ(strlen(test_str) + 1, send_len); 133 134 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 135 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 136 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 137 }; 138 139 FIXTURE(tls) 140 { 141 int fd, cfd; 142 bool notls; 143 }; 144 145 FIXTURE_VARIANT(tls) 146 { 147 uint16_t tls_version; 148 uint16_t cipher_type; 149 }; 150 151 FIXTURE_VARIANT_ADD(tls, 12_gcm) 152 { 153 .tls_version = TLS_1_2_VERSION, 154 .cipher_type = TLS_CIPHER_AES_GCM_128, 155 }; 156 157 FIXTURE_VARIANT_ADD(tls, 13_gcm) 158 { 159 .tls_version = TLS_1_3_VERSION, 160 .cipher_type = TLS_CIPHER_AES_GCM_128, 161 }; 162 163 FIXTURE_VARIANT_ADD(tls, 12_chacha) 164 { 165 .tls_version = TLS_1_2_VERSION, 166 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 167 }; 168 169 FIXTURE_VARIANT_ADD(tls, 13_chacha) 170 { 171 .tls_version = TLS_1_3_VERSION, 172 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 173 }; 174 175 FIXTURE_SETUP(tls) 176 { 177 struct tls_crypto_info_keys tls12; 178 struct sockaddr_in addr; 179 socklen_t len; 180 int sfd, ret; 181 182 self->notls = false; 183 len = sizeof(addr); 184 185 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 186 &tls12); 187 188 addr.sin_family = AF_INET; 189 addr.sin_addr.s_addr = htonl(INADDR_ANY); 190 addr.sin_port = 0; 191 192 self->fd = socket(AF_INET, SOCK_STREAM, 0); 193 sfd = socket(AF_INET, SOCK_STREAM, 0); 194 195 ret = bind(sfd, &addr, sizeof(addr)); 196 ASSERT_EQ(ret, 0); 197 ret = listen(sfd, 10); 198 ASSERT_EQ(ret, 0); 199 200 ret = getsockname(sfd, &addr, &len); 201 ASSERT_EQ(ret, 0); 202 203 ret = connect(self->fd, &addr, sizeof(addr)); 204 ASSERT_EQ(ret, 0); 205 206 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 207 if (ret != 0) { 208 self->notls = true; 209 printf("Failure setting TCP_ULP, testing without tls\n"); 210 } 211 212 if (!self->notls) { 213 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 214 tls12.len); 215 ASSERT_EQ(ret, 0); 216 } 217 218 self->cfd = accept(sfd, &addr, &len); 219 ASSERT_GE(self->cfd, 0); 220 221 if (!self->notls) { 222 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 223 sizeof("tls")); 224 ASSERT_EQ(ret, 0); 225 226 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 227 tls12.len); 228 ASSERT_EQ(ret, 0); 229 } 230 231 close(sfd); 232 } 233 234 FIXTURE_TEARDOWN(tls) 235 { 236 close(self->fd); 237 close(self->cfd); 238 } 239 240 TEST_F(tls, sendfile) 241 { 242 int filefd = open("/proc/self/exe", O_RDONLY); 243 struct stat st; 244 245 EXPECT_GE(filefd, 0); 246 fstat(filefd, &st); 247 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 248 } 249 250 TEST_F(tls, send_then_sendfile) 251 { 252 int filefd = open("/proc/self/exe", O_RDONLY); 253 char const *test_str = "test_send"; 254 int to_send = strlen(test_str) + 1; 255 char recv_buf[10]; 256 struct stat st; 257 char *buf; 258 259 EXPECT_GE(filefd, 0); 260 fstat(filefd, &st); 261 buf = (char *)malloc(st.st_size); 262 263 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 264 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 265 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 266 267 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 268 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 269 } 270 271 static void chunked_sendfile(struct __test_metadata *_metadata, 272 struct _test_data_tls *self, 273 uint16_t chunk_size, 274 uint16_t extra_payload_size) 275 { 276 char buf[TLS_PAYLOAD_MAX_LEN]; 277 uint16_t test_payload_size; 278 int size = 0; 279 int ret; 280 char filename[] = "/tmp/mytemp.XXXXXX"; 281 int fd = mkstemp(filename); 282 off_t offset = 0; 283 284 unlink(filename); 285 ASSERT_GE(fd, 0); 286 EXPECT_GE(chunk_size, 1); 287 test_payload_size = chunk_size + extra_payload_size; 288 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 289 memset(buf, 1, test_payload_size); 290 size = write(fd, buf, test_payload_size); 291 EXPECT_EQ(size, test_payload_size); 292 fsync(fd); 293 294 while (size > 0) { 295 ret = sendfile(self->fd, fd, &offset, chunk_size); 296 EXPECT_GE(ret, 0); 297 size -= ret; 298 } 299 300 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 301 test_payload_size); 302 303 close(fd); 304 } 305 306 TEST_F(tls, multi_chunk_sendfile) 307 { 308 chunked_sendfile(_metadata, self, 4096, 4096); 309 chunked_sendfile(_metadata, self, 4096, 0); 310 chunked_sendfile(_metadata, self, 4096, 1); 311 chunked_sendfile(_metadata, self, 4096, 2048); 312 chunked_sendfile(_metadata, self, 8192, 2048); 313 chunked_sendfile(_metadata, self, 4096, 8192); 314 chunked_sendfile(_metadata, self, 8192, 4096); 315 chunked_sendfile(_metadata, self, 12288, 1024); 316 chunked_sendfile(_metadata, self, 12288, 2000); 317 chunked_sendfile(_metadata, self, 15360, 100); 318 chunked_sendfile(_metadata, self, 15360, 300); 319 chunked_sendfile(_metadata, self, 1, 4096); 320 chunked_sendfile(_metadata, self, 2048, 4096); 321 chunked_sendfile(_metadata, self, 2048, 8192); 322 chunked_sendfile(_metadata, self, 4096, 8192); 323 chunked_sendfile(_metadata, self, 1024, 12288); 324 chunked_sendfile(_metadata, self, 2000, 12288); 325 chunked_sendfile(_metadata, self, 100, 15360); 326 chunked_sendfile(_metadata, self, 300, 15360); 327 } 328 329 TEST_F(tls, recv_max) 330 { 331 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 332 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 333 char buf[TLS_PAYLOAD_MAX_LEN]; 334 335 memrnd(buf, sizeof(buf)); 336 337 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 338 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 339 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 340 } 341 342 TEST_F(tls, recv_small) 343 { 344 char const *test_str = "test_read"; 345 int send_len = 10; 346 char buf[10]; 347 348 send_len = strlen(test_str) + 1; 349 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 350 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 351 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 352 } 353 354 TEST_F(tls, msg_more) 355 { 356 char const *test_str = "test_read"; 357 int send_len = 10; 358 char buf[10 * 2]; 359 360 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 361 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 362 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 363 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 364 send_len * 2); 365 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 366 } 367 368 TEST_F(tls, msg_more_unsent) 369 { 370 char const *test_str = "test_read"; 371 int send_len = 10; 372 char buf[10]; 373 374 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 375 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 376 } 377 378 TEST_F(tls, sendmsg_single) 379 { 380 struct msghdr msg; 381 382 char const *test_str = "test_sendmsg"; 383 size_t send_len = 13; 384 struct iovec vec; 385 char buf[13]; 386 387 vec.iov_base = (char *)test_str; 388 vec.iov_len = send_len; 389 memset(&msg, 0, sizeof(struct msghdr)); 390 msg.msg_iov = &vec; 391 msg.msg_iovlen = 1; 392 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 393 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 394 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 395 } 396 397 #define MAX_FRAGS 64 398 #define SEND_LEN 13 399 TEST_F(tls, sendmsg_fragmented) 400 { 401 char const *test_str = "test_sendmsg"; 402 char buf[SEND_LEN * MAX_FRAGS]; 403 struct iovec vec[MAX_FRAGS]; 404 struct msghdr msg; 405 int i, frags; 406 407 for (frags = 1; frags <= MAX_FRAGS; frags++) { 408 for (i = 0; i < frags; i++) { 409 vec[i].iov_base = (char *)test_str; 410 vec[i].iov_len = SEND_LEN; 411 } 412 413 memset(&msg, 0, sizeof(struct msghdr)); 414 msg.msg_iov = vec; 415 msg.msg_iovlen = frags; 416 417 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 418 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 419 SEND_LEN * frags); 420 421 for (i = 0; i < frags; i++) 422 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 423 test_str, SEND_LEN), 0); 424 } 425 } 426 #undef MAX_FRAGS 427 #undef SEND_LEN 428 429 TEST_F(tls, sendmsg_large) 430 { 431 void *mem = malloc(16384); 432 size_t send_len = 16384; 433 size_t sends = 128; 434 struct msghdr msg; 435 size_t recvs = 0; 436 size_t sent = 0; 437 438 memset(&msg, 0, sizeof(struct msghdr)); 439 while (sent++ < sends) { 440 struct iovec vec = { (void *)mem, send_len }; 441 442 msg.msg_iov = &vec; 443 msg.msg_iovlen = 1; 444 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 445 } 446 447 while (recvs++ < sends) { 448 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 449 } 450 451 free(mem); 452 } 453 454 TEST_F(tls, sendmsg_multiple) 455 { 456 char const *test_str = "test_sendmsg_multiple"; 457 struct iovec vec[5]; 458 char *test_strs[5]; 459 struct msghdr msg; 460 int total_len = 0; 461 int len_cmp = 0; 462 int iov_len = 5; 463 char *buf; 464 int i; 465 466 memset(&msg, 0, sizeof(struct msghdr)); 467 for (i = 0; i < iov_len; i++) { 468 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 469 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 470 vec[i].iov_base = (void *)test_strs[i]; 471 vec[i].iov_len = strlen(test_strs[i]) + 1; 472 total_len += vec[i].iov_len; 473 } 474 msg.msg_iov = vec; 475 msg.msg_iovlen = iov_len; 476 477 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 478 buf = malloc(total_len); 479 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 480 for (i = 0; i < iov_len; i++) { 481 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 482 strlen(test_strs[i])), 483 0); 484 len_cmp += strlen(buf + len_cmp) + 1; 485 } 486 for (i = 0; i < iov_len; i++) 487 free(test_strs[i]); 488 free(buf); 489 } 490 491 TEST_F(tls, sendmsg_multiple_stress) 492 { 493 char const *test_str = "abcdefghijklmno"; 494 struct iovec vec[1024]; 495 char *test_strs[1024]; 496 int iov_len = 1024; 497 int total_len = 0; 498 char buf[1 << 14]; 499 struct msghdr msg; 500 int len_cmp = 0; 501 int i; 502 503 memset(&msg, 0, sizeof(struct msghdr)); 504 for (i = 0; i < iov_len; i++) { 505 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 506 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 507 vec[i].iov_base = (void *)test_strs[i]; 508 vec[i].iov_len = strlen(test_strs[i]) + 1; 509 total_len += vec[i].iov_len; 510 } 511 msg.msg_iov = vec; 512 msg.msg_iovlen = iov_len; 513 514 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 515 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 516 517 for (i = 0; i < iov_len; i++) 518 len_cmp += strlen(buf + len_cmp) + 1; 519 520 for (i = 0; i < iov_len; i++) 521 free(test_strs[i]); 522 } 523 524 TEST_F(tls, splice_from_pipe) 525 { 526 int send_len = TLS_PAYLOAD_MAX_LEN; 527 char mem_send[TLS_PAYLOAD_MAX_LEN]; 528 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 529 int p[2]; 530 531 ASSERT_GE(pipe(p), 0); 532 EXPECT_GE(write(p[1], mem_send, send_len), 0); 533 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 534 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 535 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 536 } 537 538 TEST_F(tls, splice_from_pipe2) 539 { 540 int send_len = 16000; 541 char mem_send[16000]; 542 char mem_recv[16000]; 543 int p2[2]; 544 int p[2]; 545 546 ASSERT_GE(pipe(p), 0); 547 ASSERT_GE(pipe(p2), 0); 548 EXPECT_GE(write(p[1], mem_send, 8000), 0); 549 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 550 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 551 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 552 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 553 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 554 } 555 556 TEST_F(tls, send_and_splice) 557 { 558 int send_len = TLS_PAYLOAD_MAX_LEN; 559 char mem_send[TLS_PAYLOAD_MAX_LEN]; 560 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 561 char const *test_str = "test_read"; 562 int send_len2 = 10; 563 char buf[10]; 564 int p[2]; 565 566 ASSERT_GE(pipe(p), 0); 567 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 568 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 569 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 570 571 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 572 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 573 574 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 575 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 576 } 577 578 TEST_F(tls, splice_to_pipe) 579 { 580 int send_len = TLS_PAYLOAD_MAX_LEN; 581 char mem_send[TLS_PAYLOAD_MAX_LEN]; 582 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 583 int p[2]; 584 585 ASSERT_GE(pipe(p), 0); 586 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 587 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 588 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 589 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 590 } 591 592 TEST_F(tls, recvmsg_single) 593 { 594 char const *test_str = "test_recvmsg_single"; 595 int send_len = strlen(test_str) + 1; 596 char buf[20]; 597 struct msghdr hdr; 598 struct iovec vec; 599 600 memset(&hdr, 0, sizeof(hdr)); 601 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 602 vec.iov_base = (char *)buf; 603 vec.iov_len = send_len; 604 hdr.msg_iovlen = 1; 605 hdr.msg_iov = &vec; 606 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 607 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 608 } 609 610 TEST_F(tls, recvmsg_single_max) 611 { 612 int send_len = TLS_PAYLOAD_MAX_LEN; 613 char send_mem[TLS_PAYLOAD_MAX_LEN]; 614 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 615 struct iovec vec; 616 struct msghdr hdr; 617 618 memrnd(send_mem, sizeof(send_mem)); 619 620 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 621 vec.iov_base = (char *)recv_mem; 622 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 623 624 hdr.msg_iovlen = 1; 625 hdr.msg_iov = &vec; 626 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 627 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 628 } 629 630 TEST_F(tls, recvmsg_multiple) 631 { 632 unsigned int msg_iovlen = 1024; 633 unsigned int len_compared = 0; 634 struct iovec vec[1024]; 635 char *iov_base[1024]; 636 unsigned int iov_len = 16; 637 int send_len = 1 << 14; 638 char buf[1 << 14]; 639 struct msghdr hdr; 640 int i; 641 642 memrnd(buf, sizeof(buf)); 643 644 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 645 for (i = 0; i < msg_iovlen; i++) { 646 iov_base[i] = (char *)malloc(iov_len); 647 vec[i].iov_base = iov_base[i]; 648 vec[i].iov_len = iov_len; 649 } 650 651 hdr.msg_iovlen = msg_iovlen; 652 hdr.msg_iov = vec; 653 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 654 for (i = 0; i < msg_iovlen; i++) 655 len_compared += iov_len; 656 657 for (i = 0; i < msg_iovlen; i++) 658 free(iov_base[i]); 659 } 660 661 TEST_F(tls, single_send_multiple_recv) 662 { 663 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 664 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 665 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 666 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 667 668 memrnd(send_mem, sizeof(send_mem)); 669 670 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 671 memset(recv_mem, 0, total_len); 672 673 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 674 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 675 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 676 } 677 678 TEST_F(tls, multiple_send_single_recv) 679 { 680 unsigned int total_len = 2 * 10; 681 unsigned int send_len = 10; 682 char recv_mem[2 * 10]; 683 char send_mem[10]; 684 685 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 686 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 687 memset(recv_mem, 0, total_len); 688 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 689 690 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 691 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 692 } 693 694 TEST_F(tls, single_send_multiple_recv_non_align) 695 { 696 const unsigned int total_len = 15; 697 const unsigned int recv_len = 10; 698 char recv_mem[recv_len * 2]; 699 char send_mem[total_len]; 700 701 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 702 memset(recv_mem, 0, total_len); 703 704 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 705 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 706 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 707 } 708 709 TEST_F(tls, recv_partial) 710 { 711 char const *test_str = "test_read_partial"; 712 char const *test_str_first = "test_read"; 713 char const *test_str_second = "_partial"; 714 int send_len = strlen(test_str) + 1; 715 char recv_mem[18]; 716 717 memset(recv_mem, 0, sizeof(recv_mem)); 718 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 719 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 720 MSG_WAITALL), -1); 721 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 722 memset(recv_mem, 0, sizeof(recv_mem)); 723 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 724 MSG_WAITALL), -1); 725 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 726 0); 727 } 728 729 TEST_F(tls, recv_nonblock) 730 { 731 char buf[4096]; 732 bool err; 733 734 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 735 err = (errno == EAGAIN || errno == EWOULDBLOCK); 736 EXPECT_EQ(err, true); 737 } 738 739 TEST_F(tls, recv_peek) 740 { 741 char const *test_str = "test_read_peek"; 742 int send_len = strlen(test_str) + 1; 743 char buf[15]; 744 745 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 746 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 747 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 748 memset(buf, 0, sizeof(buf)); 749 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 750 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 751 } 752 753 TEST_F(tls, recv_peek_multiple) 754 { 755 char const *test_str = "test_read_peek"; 756 int send_len = strlen(test_str) + 1; 757 unsigned int num_peeks = 100; 758 char buf[15]; 759 int i; 760 761 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 762 for (i = 0; i < num_peeks; i++) { 763 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 764 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 765 memset(buf, 0, sizeof(buf)); 766 } 767 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 768 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 769 } 770 771 TEST_F(tls, recv_peek_multiple_records) 772 { 773 char const *test_str = "test_read_peek_mult_recs"; 774 char const *test_str_first = "test_read_peek"; 775 char const *test_str_second = "_mult_recs"; 776 int len; 777 char buf[64]; 778 779 len = strlen(test_str_first); 780 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 781 782 len = strlen(test_str_second) + 1; 783 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 784 785 len = strlen(test_str_first); 786 memset(buf, 0, len); 787 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 788 789 /* MSG_PEEK can only peek into the current record. */ 790 len = strlen(test_str_first); 791 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 792 793 len = strlen(test_str) + 1; 794 memset(buf, 0, len); 795 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 796 797 /* Non-MSG_PEEK will advance strparser (and therefore record) 798 * however. 799 */ 800 len = strlen(test_str) + 1; 801 EXPECT_EQ(memcmp(test_str, buf, len), 0); 802 803 /* MSG_MORE will hold current record open, so later MSG_PEEK 804 * will see everything. 805 */ 806 len = strlen(test_str_first); 807 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 808 809 len = strlen(test_str_second) + 1; 810 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 811 812 len = strlen(test_str) + 1; 813 memset(buf, 0, len); 814 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 815 816 len = strlen(test_str) + 1; 817 EXPECT_EQ(memcmp(test_str, buf, len), 0); 818 } 819 820 TEST_F(tls, recv_peek_large_buf_mult_recs) 821 { 822 char const *test_str = "test_read_peek_mult_recs"; 823 char const *test_str_first = "test_read_peek"; 824 char const *test_str_second = "_mult_recs"; 825 int len; 826 char buf[64]; 827 828 len = strlen(test_str_first); 829 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 830 831 len = strlen(test_str_second) + 1; 832 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 833 834 len = strlen(test_str) + 1; 835 memset(buf, 0, len); 836 EXPECT_NE((len = recv(self->cfd, buf, len, 837 MSG_PEEK | MSG_WAITALL)), -1); 838 len = strlen(test_str) + 1; 839 EXPECT_EQ(memcmp(test_str, buf, len), 0); 840 } 841 842 TEST_F(tls, recv_lowat) 843 { 844 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 845 char recv_mem[20]; 846 int lowat = 8; 847 848 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 849 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 850 851 memset(recv_mem, 0, 20); 852 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 853 &lowat, sizeof(lowat)), 0); 854 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 855 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 856 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 857 858 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 859 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 860 } 861 862 TEST_F(tls, bidir) 863 { 864 char const *test_str = "test_read"; 865 int send_len = 10; 866 char buf[10]; 867 int ret; 868 869 if (!self->notls) { 870 struct tls_crypto_info_keys tls12; 871 872 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 873 &tls12); 874 875 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 876 tls12.len); 877 ASSERT_EQ(ret, 0); 878 879 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 880 tls12.len); 881 ASSERT_EQ(ret, 0); 882 } 883 884 ASSERT_EQ(strlen(test_str) + 1, send_len); 885 886 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 887 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 888 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 889 890 memset(buf, 0, sizeof(buf)); 891 892 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 893 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 894 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 895 }; 896 897 TEST_F(tls, pollin) 898 { 899 char const *test_str = "test_poll"; 900 struct pollfd fd = { 0, 0, 0 }; 901 char buf[10]; 902 int send_len = 10; 903 904 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 905 fd.fd = self->cfd; 906 fd.events = POLLIN; 907 908 EXPECT_EQ(poll(&fd, 1, 20), 1); 909 EXPECT_EQ(fd.revents & POLLIN, 1); 910 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 911 /* Test timing out */ 912 EXPECT_EQ(poll(&fd, 1, 20), 0); 913 } 914 915 TEST_F(tls, poll_wait) 916 { 917 char const *test_str = "test_poll_wait"; 918 int send_len = strlen(test_str) + 1; 919 struct pollfd fd = { 0, 0, 0 }; 920 char recv_mem[15]; 921 922 fd.fd = self->cfd; 923 fd.events = POLLIN; 924 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 925 /* Set timeout to inf. secs */ 926 EXPECT_EQ(poll(&fd, 1, -1), 1); 927 EXPECT_EQ(fd.revents & POLLIN, 1); 928 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 929 } 930 931 TEST_F(tls, poll_wait_split) 932 { 933 struct pollfd fd = { 0, 0, 0 }; 934 char send_mem[20] = {}; 935 char recv_mem[15]; 936 937 fd.fd = self->cfd; 938 fd.events = POLLIN; 939 /* Send 20 bytes */ 940 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 941 sizeof(send_mem)); 942 /* Poll with inf. timeout */ 943 EXPECT_EQ(poll(&fd, 1, -1), 1); 944 EXPECT_EQ(fd.revents & POLLIN, 1); 945 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 946 sizeof(recv_mem)); 947 948 /* Now the remaining 5 bytes of record data are in TLS ULP */ 949 fd.fd = self->cfd; 950 fd.events = POLLIN; 951 EXPECT_EQ(poll(&fd, 1, -1), 1); 952 EXPECT_EQ(fd.revents & POLLIN, 1); 953 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 954 sizeof(send_mem) - sizeof(recv_mem)); 955 } 956 957 TEST_F(tls, blocking) 958 { 959 size_t data = 100000; 960 int res = fork(); 961 962 EXPECT_NE(res, -1); 963 964 if (res) { 965 /* parent */ 966 size_t left = data; 967 char buf[16384]; 968 int status; 969 int pid2; 970 971 while (left) { 972 int res = send(self->fd, buf, 973 left > 16384 ? 16384 : left, 0); 974 975 EXPECT_GE(res, 0); 976 left -= res; 977 } 978 979 pid2 = wait(&status); 980 EXPECT_EQ(status, 0); 981 EXPECT_EQ(res, pid2); 982 } else { 983 /* child */ 984 size_t left = data; 985 char buf[16384]; 986 987 while (left) { 988 int res = recv(self->cfd, buf, 989 left > 16384 ? 16384 : left, 0); 990 991 EXPECT_GE(res, 0); 992 left -= res; 993 } 994 } 995 } 996 997 TEST_F(tls, nonblocking) 998 { 999 size_t data = 100000; 1000 int sendbuf = 100; 1001 int flags; 1002 int res; 1003 1004 flags = fcntl(self->fd, F_GETFL, 0); 1005 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 1006 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 1007 1008 /* Ensure nonblocking behavior by imposing a small send 1009 * buffer. 1010 */ 1011 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 1012 &sendbuf, sizeof(sendbuf)), 0); 1013 1014 res = fork(); 1015 EXPECT_NE(res, -1); 1016 1017 if (res) { 1018 /* parent */ 1019 bool eagain = false; 1020 size_t left = data; 1021 char buf[16384]; 1022 int status; 1023 int pid2; 1024 1025 while (left) { 1026 int res = send(self->fd, buf, 1027 left > 16384 ? 16384 : left, 0); 1028 1029 if (res == -1 && errno == EAGAIN) { 1030 eagain = true; 1031 usleep(10000); 1032 continue; 1033 } 1034 EXPECT_GE(res, 0); 1035 left -= res; 1036 } 1037 1038 EXPECT_TRUE(eagain); 1039 pid2 = wait(&status); 1040 1041 EXPECT_EQ(status, 0); 1042 EXPECT_EQ(res, pid2); 1043 } else { 1044 /* child */ 1045 bool eagain = false; 1046 size_t left = data; 1047 char buf[16384]; 1048 1049 while (left) { 1050 int res = recv(self->cfd, buf, 1051 left > 16384 ? 16384 : left, 0); 1052 1053 if (res == -1 && errno == EAGAIN) { 1054 eagain = true; 1055 usleep(10000); 1056 continue; 1057 } 1058 EXPECT_GE(res, 0); 1059 left -= res; 1060 } 1061 EXPECT_TRUE(eagain); 1062 } 1063 } 1064 1065 static void 1066 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1067 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1068 { 1069 const unsigned int n_children = n_readers + n_writers; 1070 const size_t data = 6 * 1000 * 1000; 1071 const size_t file_sz = data / 100; 1072 size_t read_bias, write_bias; 1073 int i, fd, child_id; 1074 char buf[file_sz]; 1075 pid_t pid; 1076 1077 /* Only allow multiples for simplicity */ 1078 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1079 read_bias = n_writers / n_readers ?: 1; 1080 write_bias = n_readers / n_writers ?: 1; 1081 1082 /* prep a file to send */ 1083 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1084 ASSERT_GE(fd, 0); 1085 1086 memset(buf, 0xac, file_sz); 1087 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1088 1089 /* spawn children */ 1090 for (child_id = 0; child_id < n_children; child_id++) { 1091 pid = fork(); 1092 ASSERT_NE(pid, -1); 1093 if (!pid) 1094 break; 1095 } 1096 1097 /* parent waits for all children */ 1098 if (pid) { 1099 for (i = 0; i < n_children; i++) { 1100 int status; 1101 1102 wait(&status); 1103 EXPECT_EQ(status, 0); 1104 } 1105 1106 return; 1107 } 1108 1109 /* Split threads for reading and writing */ 1110 if (child_id < n_readers) { 1111 size_t left = data * read_bias; 1112 char rb[8001]; 1113 1114 while (left) { 1115 int res; 1116 1117 res = recv(self->cfd, rb, 1118 left > sizeof(rb) ? sizeof(rb) : left, 0); 1119 1120 EXPECT_GE(res, 0); 1121 left -= res; 1122 } 1123 } else { 1124 size_t left = data * write_bias; 1125 1126 while (left) { 1127 int res; 1128 1129 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1130 if (sendpg) 1131 res = sendfile(self->fd, fd, NULL, 1132 left > file_sz ? file_sz : left); 1133 else 1134 res = send(self->fd, buf, 1135 left > file_sz ? file_sz : left, 0); 1136 1137 EXPECT_GE(res, 0); 1138 left -= res; 1139 } 1140 } 1141 } 1142 1143 TEST_F(tls, mutliproc_even) 1144 { 1145 test_mutliproc(_metadata, self, false, 6, 6); 1146 } 1147 1148 TEST_F(tls, mutliproc_readers) 1149 { 1150 test_mutliproc(_metadata, self, false, 4, 12); 1151 } 1152 1153 TEST_F(tls, mutliproc_writers) 1154 { 1155 test_mutliproc(_metadata, self, false, 10, 2); 1156 } 1157 1158 TEST_F(tls, mutliproc_sendpage_even) 1159 { 1160 test_mutliproc(_metadata, self, true, 6, 6); 1161 } 1162 1163 TEST_F(tls, mutliproc_sendpage_readers) 1164 { 1165 test_mutliproc(_metadata, self, true, 4, 12); 1166 } 1167 1168 TEST_F(tls, mutliproc_sendpage_writers) 1169 { 1170 test_mutliproc(_metadata, self, true, 10, 2); 1171 } 1172 1173 TEST_F(tls, control_msg) 1174 { 1175 if (self->notls) 1176 return; 1177 1178 char cbuf[CMSG_SPACE(sizeof(char))]; 1179 char const *test_str = "test_read"; 1180 int cmsg_len = sizeof(char); 1181 char record_type = 100; 1182 struct cmsghdr *cmsg; 1183 struct msghdr msg; 1184 int send_len = 10; 1185 struct iovec vec; 1186 char buf[10]; 1187 1188 vec.iov_base = (char *)test_str; 1189 vec.iov_len = 10; 1190 memset(&msg, 0, sizeof(struct msghdr)); 1191 msg.msg_iov = &vec; 1192 msg.msg_iovlen = 1; 1193 msg.msg_control = cbuf; 1194 msg.msg_controllen = sizeof(cbuf); 1195 cmsg = CMSG_FIRSTHDR(&msg); 1196 cmsg->cmsg_level = SOL_TLS; 1197 /* test sending non-record types. */ 1198 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 1199 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 1200 *CMSG_DATA(cmsg) = record_type; 1201 msg.msg_controllen = cmsg->cmsg_len; 1202 1203 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 1204 /* Should fail because we didn't provide a control message */ 1205 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1206 1207 vec.iov_base = buf; 1208 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 1209 1210 cmsg = CMSG_FIRSTHDR(&msg); 1211 EXPECT_NE(cmsg, NULL); 1212 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1213 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1214 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1215 EXPECT_EQ(record_type, 100); 1216 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1217 1218 /* Recv the message again without MSG_PEEK */ 1219 record_type = 0; 1220 memset(buf, 0, sizeof(buf)); 1221 1222 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 1223 cmsg = CMSG_FIRSTHDR(&msg); 1224 EXPECT_NE(cmsg, NULL); 1225 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1226 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1227 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1228 EXPECT_EQ(record_type, 100); 1229 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1230 } 1231 1232 TEST_F(tls, shutdown) 1233 { 1234 char const *test_str = "test_read"; 1235 int send_len = 10; 1236 char buf[10]; 1237 1238 ASSERT_EQ(strlen(test_str) + 1, send_len); 1239 1240 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1241 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1242 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1243 1244 shutdown(self->fd, SHUT_RDWR); 1245 shutdown(self->cfd, SHUT_RDWR); 1246 } 1247 1248 TEST_F(tls, shutdown_unsent) 1249 { 1250 char const *test_str = "test_read"; 1251 int send_len = 10; 1252 1253 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1254 1255 shutdown(self->fd, SHUT_RDWR); 1256 shutdown(self->cfd, SHUT_RDWR); 1257 } 1258 1259 TEST_F(tls, shutdown_reuse) 1260 { 1261 struct sockaddr_in addr; 1262 int ret; 1263 1264 shutdown(self->fd, SHUT_RDWR); 1265 shutdown(self->cfd, SHUT_RDWR); 1266 close(self->cfd); 1267 1268 addr.sin_family = AF_INET; 1269 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1270 addr.sin_port = 0; 1271 1272 ret = bind(self->fd, &addr, sizeof(addr)); 1273 EXPECT_EQ(ret, 0); 1274 ret = listen(self->fd, 10); 1275 EXPECT_EQ(ret, -1); 1276 EXPECT_EQ(errno, EINVAL); 1277 1278 ret = connect(self->fd, &addr, sizeof(addr)); 1279 EXPECT_EQ(ret, -1); 1280 EXPECT_EQ(errno, EISCONN); 1281 } 1282 1283 TEST(non_established) { 1284 struct tls12_crypto_info_aes_gcm_256 tls12; 1285 struct sockaddr_in addr; 1286 int sfd, ret, fd; 1287 socklen_t len; 1288 1289 len = sizeof(addr); 1290 1291 memset(&tls12, 0, sizeof(tls12)); 1292 tls12.info.version = TLS_1_2_VERSION; 1293 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1294 1295 addr.sin_family = AF_INET; 1296 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1297 addr.sin_port = 0; 1298 1299 fd = socket(AF_INET, SOCK_STREAM, 0); 1300 sfd = socket(AF_INET, SOCK_STREAM, 0); 1301 1302 ret = bind(sfd, &addr, sizeof(addr)); 1303 ASSERT_EQ(ret, 0); 1304 ret = listen(sfd, 10); 1305 ASSERT_EQ(ret, 0); 1306 1307 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1308 EXPECT_EQ(ret, -1); 1309 /* TLS ULP not supported */ 1310 if (errno == ENOENT) 1311 return; 1312 EXPECT_EQ(errno, ENOTCONN); 1313 1314 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1315 EXPECT_EQ(ret, -1); 1316 EXPECT_EQ(errno, ENOTCONN); 1317 1318 ret = getsockname(sfd, &addr, &len); 1319 ASSERT_EQ(ret, 0); 1320 1321 ret = connect(fd, &addr, sizeof(addr)); 1322 ASSERT_EQ(ret, 0); 1323 1324 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1325 ASSERT_EQ(ret, 0); 1326 1327 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1328 EXPECT_EQ(ret, -1); 1329 EXPECT_EQ(errno, EEXIST); 1330 1331 close(fd); 1332 close(sfd); 1333 } 1334 1335 TEST(keysizes) { 1336 struct tls12_crypto_info_aes_gcm_256 tls12; 1337 struct sockaddr_in addr; 1338 int sfd, ret, fd, cfd; 1339 socklen_t len; 1340 bool notls; 1341 1342 notls = false; 1343 len = sizeof(addr); 1344 1345 memset(&tls12, 0, sizeof(tls12)); 1346 tls12.info.version = TLS_1_2_VERSION; 1347 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1348 1349 addr.sin_family = AF_INET; 1350 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1351 addr.sin_port = 0; 1352 1353 fd = socket(AF_INET, SOCK_STREAM, 0); 1354 sfd = socket(AF_INET, SOCK_STREAM, 0); 1355 1356 ret = bind(sfd, &addr, sizeof(addr)); 1357 ASSERT_EQ(ret, 0); 1358 ret = listen(sfd, 10); 1359 ASSERT_EQ(ret, 0); 1360 1361 ret = getsockname(sfd, &addr, &len); 1362 ASSERT_EQ(ret, 0); 1363 1364 ret = connect(fd, &addr, sizeof(addr)); 1365 ASSERT_EQ(ret, 0); 1366 1367 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1368 if (ret != 0) { 1369 notls = true; 1370 printf("Failure setting TCP_ULP, testing without tls\n"); 1371 } 1372 1373 if (!notls) { 1374 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1375 sizeof(tls12)); 1376 EXPECT_EQ(ret, 0); 1377 } 1378 1379 cfd = accept(sfd, &addr, &len); 1380 ASSERT_GE(cfd, 0); 1381 1382 if (!notls) { 1383 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 1384 sizeof("tls")); 1385 EXPECT_EQ(ret, 0); 1386 1387 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1388 sizeof(tls12)); 1389 EXPECT_EQ(ret, 0); 1390 } 1391 1392 close(sfd); 1393 close(fd); 1394 close(cfd); 1395 } 1396 1397 TEST_HARNESS_MAIN 1398