1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 #ifndef ENOTSUPP 29 #define ENOTSUPP 524 30 #endif 31 32 FIXTURE(tls_basic) 33 { 34 int fd, cfd; 35 bool notls; 36 }; 37 38 FIXTURE_SETUP(tls_basic) 39 { 40 struct sockaddr_in addr; 41 socklen_t len; 42 int sfd, ret; 43 44 self->notls = false; 45 len = sizeof(addr); 46 47 addr.sin_family = AF_INET; 48 addr.sin_addr.s_addr = htonl(INADDR_ANY); 49 addr.sin_port = 0; 50 51 self->fd = socket(AF_INET, SOCK_STREAM, 0); 52 sfd = socket(AF_INET, SOCK_STREAM, 0); 53 54 ret = bind(sfd, &addr, sizeof(addr)); 55 ASSERT_EQ(ret, 0); 56 ret = listen(sfd, 10); 57 ASSERT_EQ(ret, 0); 58 59 ret = getsockname(sfd, &addr, &len); 60 ASSERT_EQ(ret, 0); 61 62 ret = connect(self->fd, &addr, sizeof(addr)); 63 ASSERT_EQ(ret, 0); 64 65 self->cfd = accept(sfd, &addr, &len); 66 ASSERT_GE(self->cfd, 0); 67 68 close(sfd); 69 70 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 71 if (ret != 0) { 72 ASSERT_EQ(errno, ENOENT); 73 self->notls = true; 74 printf("Failure setting TCP_ULP, testing without tls\n"); 75 return; 76 } 77 78 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 79 ASSERT_EQ(ret, 0); 80 } 81 82 FIXTURE_TEARDOWN(tls_basic) 83 { 84 close(self->fd); 85 close(self->cfd); 86 } 87 88 /* Send some data through with ULP but no keys */ 89 TEST_F(tls_basic, base_base) 90 { 91 char const *test_str = "test_read"; 92 int send_len = 10; 93 char buf[10]; 94 95 ASSERT_EQ(strlen(test_str) + 1, send_len); 96 97 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 98 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 99 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 100 }; 101 102 FIXTURE(tls) 103 { 104 int fd, cfd; 105 bool notls; 106 }; 107 108 FIXTURE_SETUP(tls) 109 { 110 struct tls12_crypto_info_aes_gcm_128 tls12; 111 struct sockaddr_in addr; 112 socklen_t len; 113 int sfd, ret; 114 115 self->notls = false; 116 len = sizeof(addr); 117 118 memset(&tls12, 0, sizeof(tls12)); 119 tls12.info.version = TLS_1_3_VERSION; 120 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 121 122 addr.sin_family = AF_INET; 123 addr.sin_addr.s_addr = htonl(INADDR_ANY); 124 addr.sin_port = 0; 125 126 self->fd = socket(AF_INET, SOCK_STREAM, 0); 127 sfd = socket(AF_INET, SOCK_STREAM, 0); 128 129 ret = bind(sfd, &addr, sizeof(addr)); 130 ASSERT_EQ(ret, 0); 131 ret = listen(sfd, 10); 132 ASSERT_EQ(ret, 0); 133 134 ret = getsockname(sfd, &addr, &len); 135 ASSERT_EQ(ret, 0); 136 137 ret = connect(self->fd, &addr, sizeof(addr)); 138 ASSERT_EQ(ret, 0); 139 140 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 141 if (ret != 0) { 142 self->notls = true; 143 printf("Failure setting TCP_ULP, testing without tls\n"); 144 } 145 146 if (!self->notls) { 147 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 148 sizeof(tls12)); 149 ASSERT_EQ(ret, 0); 150 } 151 152 self->cfd = accept(sfd, &addr, &len); 153 ASSERT_GE(self->cfd, 0); 154 155 if (!self->notls) { 156 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 157 sizeof("tls")); 158 ASSERT_EQ(ret, 0); 159 160 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 161 sizeof(tls12)); 162 ASSERT_EQ(ret, 0); 163 } 164 165 close(sfd); 166 } 167 168 FIXTURE_TEARDOWN(tls) 169 { 170 close(self->fd); 171 close(self->cfd); 172 } 173 174 TEST_F(tls, sendfile) 175 { 176 int filefd = open("/proc/self/exe", O_RDONLY); 177 struct stat st; 178 179 EXPECT_GE(filefd, 0); 180 fstat(filefd, &st); 181 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 182 } 183 184 TEST_F(tls, send_then_sendfile) 185 { 186 int filefd = open("/proc/self/exe", O_RDONLY); 187 char const *test_str = "test_send"; 188 int to_send = strlen(test_str) + 1; 189 char recv_buf[10]; 190 struct stat st; 191 char *buf; 192 193 EXPECT_GE(filefd, 0); 194 fstat(filefd, &st); 195 buf = (char *)malloc(st.st_size); 196 197 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 198 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 199 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 200 201 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 202 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 203 } 204 205 TEST_F(tls, recv_max) 206 { 207 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 208 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 209 char buf[TLS_PAYLOAD_MAX_LEN]; 210 211 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 212 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 213 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 214 } 215 216 TEST_F(tls, recv_small) 217 { 218 char const *test_str = "test_read"; 219 int send_len = 10; 220 char buf[10]; 221 222 send_len = strlen(test_str) + 1; 223 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 224 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 225 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 226 } 227 228 TEST_F(tls, msg_more) 229 { 230 char const *test_str = "test_read"; 231 int send_len = 10; 232 char buf[10 * 2]; 233 234 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 235 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 236 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 237 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 238 send_len * 2); 239 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 240 } 241 242 TEST_F(tls, msg_more_unsent) 243 { 244 char const *test_str = "test_read"; 245 int send_len = 10; 246 char buf[10]; 247 248 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 249 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 250 } 251 252 TEST_F(tls, sendmsg_single) 253 { 254 struct msghdr msg; 255 256 char const *test_str = "test_sendmsg"; 257 size_t send_len = 13; 258 struct iovec vec; 259 char buf[13]; 260 261 vec.iov_base = (char *)test_str; 262 vec.iov_len = send_len; 263 memset(&msg, 0, sizeof(struct msghdr)); 264 msg.msg_iov = &vec; 265 msg.msg_iovlen = 1; 266 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 267 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 268 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 269 } 270 271 #define MAX_FRAGS 64 272 #define SEND_LEN 13 273 TEST_F(tls, sendmsg_fragmented) 274 { 275 char const *test_str = "test_sendmsg"; 276 char buf[SEND_LEN * MAX_FRAGS]; 277 struct iovec vec[MAX_FRAGS]; 278 struct msghdr msg; 279 int i, frags; 280 281 for (frags = 1; frags <= MAX_FRAGS; frags++) { 282 for (i = 0; i < frags; i++) { 283 vec[i].iov_base = (char *)test_str; 284 vec[i].iov_len = SEND_LEN; 285 } 286 287 memset(&msg, 0, sizeof(struct msghdr)); 288 msg.msg_iov = vec; 289 msg.msg_iovlen = frags; 290 291 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 292 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 293 SEND_LEN * frags); 294 295 for (i = 0; i < frags; i++) 296 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 297 test_str, SEND_LEN), 0); 298 } 299 } 300 #undef MAX_FRAGS 301 #undef SEND_LEN 302 303 TEST_F(tls, sendmsg_large) 304 { 305 void *mem = malloc(16384); 306 size_t send_len = 16384; 307 size_t sends = 128; 308 struct msghdr msg; 309 size_t recvs = 0; 310 size_t sent = 0; 311 312 memset(&msg, 0, sizeof(struct msghdr)); 313 while (sent++ < sends) { 314 struct iovec vec = { (void *)mem, send_len }; 315 316 msg.msg_iov = &vec; 317 msg.msg_iovlen = 1; 318 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 319 } 320 321 while (recvs++ < sends) 322 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 323 324 free(mem); 325 } 326 327 TEST_F(tls, sendmsg_multiple) 328 { 329 char const *test_str = "test_sendmsg_multiple"; 330 struct iovec vec[5]; 331 char *test_strs[5]; 332 struct msghdr msg; 333 int total_len = 0; 334 int len_cmp = 0; 335 int iov_len = 5; 336 char *buf; 337 int i; 338 339 memset(&msg, 0, sizeof(struct msghdr)); 340 for (i = 0; i < iov_len; i++) { 341 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 342 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 343 vec[i].iov_base = (void *)test_strs[i]; 344 vec[i].iov_len = strlen(test_strs[i]) + 1; 345 total_len += vec[i].iov_len; 346 } 347 msg.msg_iov = vec; 348 msg.msg_iovlen = iov_len; 349 350 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 351 buf = malloc(total_len); 352 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 353 for (i = 0; i < iov_len; i++) { 354 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 355 strlen(test_strs[i])), 356 0); 357 len_cmp += strlen(buf + len_cmp) + 1; 358 } 359 for (i = 0; i < iov_len; i++) 360 free(test_strs[i]); 361 free(buf); 362 } 363 364 TEST_F(tls, sendmsg_multiple_stress) 365 { 366 char const *test_str = "abcdefghijklmno"; 367 struct iovec vec[1024]; 368 char *test_strs[1024]; 369 int iov_len = 1024; 370 int total_len = 0; 371 char buf[1 << 14]; 372 struct msghdr msg; 373 int len_cmp = 0; 374 int i; 375 376 memset(&msg, 0, sizeof(struct msghdr)); 377 for (i = 0; i < iov_len; i++) { 378 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 379 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 380 vec[i].iov_base = (void *)test_strs[i]; 381 vec[i].iov_len = strlen(test_strs[i]) + 1; 382 total_len += vec[i].iov_len; 383 } 384 msg.msg_iov = vec; 385 msg.msg_iovlen = iov_len; 386 387 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 388 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 389 390 for (i = 0; i < iov_len; i++) 391 len_cmp += strlen(buf + len_cmp) + 1; 392 393 for (i = 0; i < iov_len; i++) 394 free(test_strs[i]); 395 } 396 397 TEST_F(tls, splice_from_pipe) 398 { 399 int send_len = TLS_PAYLOAD_MAX_LEN; 400 char mem_send[TLS_PAYLOAD_MAX_LEN]; 401 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 402 int p[2]; 403 404 ASSERT_GE(pipe(p), 0); 405 EXPECT_GE(write(p[1], mem_send, send_len), 0); 406 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 407 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 408 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 409 } 410 411 TEST_F(tls, splice_from_pipe2) 412 { 413 int send_len = 16000; 414 char mem_send[16000]; 415 char mem_recv[16000]; 416 int p2[2]; 417 int p[2]; 418 419 ASSERT_GE(pipe(p), 0); 420 ASSERT_GE(pipe(p2), 0); 421 EXPECT_GE(write(p[1], mem_send, 8000), 0); 422 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 423 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 424 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 425 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 426 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 427 } 428 429 TEST_F(tls, send_and_splice) 430 { 431 int send_len = TLS_PAYLOAD_MAX_LEN; 432 char mem_send[TLS_PAYLOAD_MAX_LEN]; 433 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 434 char const *test_str = "test_read"; 435 int send_len2 = 10; 436 char buf[10]; 437 int p[2]; 438 439 ASSERT_GE(pipe(p), 0); 440 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 441 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 442 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 443 444 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 445 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 446 447 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 448 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 449 } 450 451 TEST_F(tls, splice_to_pipe) 452 { 453 int send_len = TLS_PAYLOAD_MAX_LEN; 454 char mem_send[TLS_PAYLOAD_MAX_LEN]; 455 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 456 int p[2]; 457 458 ASSERT_GE(pipe(p), 0); 459 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 460 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 461 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 462 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 463 } 464 465 TEST_F(tls, recvmsg_single) 466 { 467 char const *test_str = "test_recvmsg_single"; 468 int send_len = strlen(test_str) + 1; 469 char buf[20]; 470 struct msghdr hdr; 471 struct iovec vec; 472 473 memset(&hdr, 0, sizeof(hdr)); 474 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 475 vec.iov_base = (char *)buf; 476 vec.iov_len = send_len; 477 hdr.msg_iovlen = 1; 478 hdr.msg_iov = &vec; 479 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 480 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 481 } 482 483 TEST_F(tls, recvmsg_single_max) 484 { 485 int send_len = TLS_PAYLOAD_MAX_LEN; 486 char send_mem[TLS_PAYLOAD_MAX_LEN]; 487 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 488 struct iovec vec; 489 struct msghdr hdr; 490 491 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 492 vec.iov_base = (char *)recv_mem; 493 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 494 495 hdr.msg_iovlen = 1; 496 hdr.msg_iov = &vec; 497 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 498 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 499 } 500 501 TEST_F(tls, recvmsg_multiple) 502 { 503 unsigned int msg_iovlen = 1024; 504 unsigned int len_compared = 0; 505 struct iovec vec[1024]; 506 char *iov_base[1024]; 507 unsigned int iov_len = 16; 508 int send_len = 1 << 14; 509 char buf[1 << 14]; 510 struct msghdr hdr; 511 int i; 512 513 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 514 for (i = 0; i < msg_iovlen; i++) { 515 iov_base[i] = (char *)malloc(iov_len); 516 vec[i].iov_base = iov_base[i]; 517 vec[i].iov_len = iov_len; 518 } 519 520 hdr.msg_iovlen = msg_iovlen; 521 hdr.msg_iov = vec; 522 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 523 for (i = 0; i < msg_iovlen; i++) 524 len_compared += iov_len; 525 526 for (i = 0; i < msg_iovlen; i++) 527 free(iov_base[i]); 528 } 529 530 TEST_F(tls, single_send_multiple_recv) 531 { 532 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 533 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 534 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 535 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 536 537 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 538 memset(recv_mem, 0, total_len); 539 540 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 541 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 542 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 543 } 544 545 TEST_F(tls, multiple_send_single_recv) 546 { 547 unsigned int total_len = 2 * 10; 548 unsigned int send_len = 10; 549 char recv_mem[2 * 10]; 550 char send_mem[10]; 551 552 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 553 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 554 memset(recv_mem, 0, total_len); 555 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 556 557 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 558 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 559 } 560 561 TEST_F(tls, single_send_multiple_recv_non_align) 562 { 563 const unsigned int total_len = 15; 564 const unsigned int recv_len = 10; 565 char recv_mem[recv_len * 2]; 566 char send_mem[total_len]; 567 568 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 569 memset(recv_mem, 0, total_len); 570 571 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 572 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 573 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 574 } 575 576 TEST_F(tls, recv_partial) 577 { 578 char const *test_str = "test_read_partial"; 579 char const *test_str_first = "test_read"; 580 char const *test_str_second = "_partial"; 581 int send_len = strlen(test_str) + 1; 582 char recv_mem[18]; 583 584 memset(recv_mem, 0, sizeof(recv_mem)); 585 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 586 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 587 MSG_WAITALL), -1); 588 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 589 memset(recv_mem, 0, sizeof(recv_mem)); 590 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 591 MSG_WAITALL), -1); 592 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 593 0); 594 } 595 596 TEST_F(tls, recv_nonblock) 597 { 598 char buf[4096]; 599 bool err; 600 601 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 602 err = (errno == EAGAIN || errno == EWOULDBLOCK); 603 EXPECT_EQ(err, true); 604 } 605 606 TEST_F(tls, recv_peek) 607 { 608 char const *test_str = "test_read_peek"; 609 int send_len = strlen(test_str) + 1; 610 char buf[15]; 611 612 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 613 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 614 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 615 memset(buf, 0, sizeof(buf)); 616 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 617 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 618 } 619 620 TEST_F(tls, recv_peek_multiple) 621 { 622 char const *test_str = "test_read_peek"; 623 int send_len = strlen(test_str) + 1; 624 unsigned int num_peeks = 100; 625 char buf[15]; 626 int i; 627 628 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 629 for (i = 0; i < num_peeks; i++) { 630 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 631 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 632 memset(buf, 0, sizeof(buf)); 633 } 634 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 635 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 636 } 637 638 TEST_F(tls, recv_peek_multiple_records) 639 { 640 char const *test_str = "test_read_peek_mult_recs"; 641 char const *test_str_first = "test_read_peek"; 642 char const *test_str_second = "_mult_recs"; 643 int len; 644 char buf[64]; 645 646 len = strlen(test_str_first); 647 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 648 649 len = strlen(test_str_second) + 1; 650 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 651 652 len = strlen(test_str_first); 653 memset(buf, 0, len); 654 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 655 656 /* MSG_PEEK can only peek into the current record. */ 657 len = strlen(test_str_first); 658 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 659 660 len = strlen(test_str) + 1; 661 memset(buf, 0, len); 662 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 663 664 /* Non-MSG_PEEK will advance strparser (and therefore record) 665 * however. 666 */ 667 len = strlen(test_str) + 1; 668 EXPECT_EQ(memcmp(test_str, buf, len), 0); 669 670 /* MSG_MORE will hold current record open, so later MSG_PEEK 671 * will see everything. 672 */ 673 len = strlen(test_str_first); 674 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 675 676 len = strlen(test_str_second) + 1; 677 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 678 679 len = strlen(test_str) + 1; 680 memset(buf, 0, len); 681 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 682 683 len = strlen(test_str) + 1; 684 EXPECT_EQ(memcmp(test_str, buf, len), 0); 685 } 686 687 TEST_F(tls, recv_peek_large_buf_mult_recs) 688 { 689 char const *test_str = "test_read_peek_mult_recs"; 690 char const *test_str_first = "test_read_peek"; 691 char const *test_str_second = "_mult_recs"; 692 int len; 693 char buf[64]; 694 695 len = strlen(test_str_first); 696 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 697 698 len = strlen(test_str_second) + 1; 699 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 700 701 len = strlen(test_str) + 1; 702 memset(buf, 0, len); 703 EXPECT_NE((len = recv(self->cfd, buf, len, 704 MSG_PEEK | MSG_WAITALL)), -1); 705 len = strlen(test_str) + 1; 706 EXPECT_EQ(memcmp(test_str, buf, len), 0); 707 } 708 709 TEST_F(tls, recv_lowat) 710 { 711 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 712 char recv_mem[20]; 713 int lowat = 8; 714 715 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 716 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 717 718 memset(recv_mem, 0, 20); 719 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 720 &lowat, sizeof(lowat)), 0); 721 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 722 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 723 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 724 725 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 726 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 727 } 728 729 TEST_F(tls, recv_rcvbuf) 730 { 731 char send_mem[4096]; 732 char recv_mem[4096]; 733 int rcv_buf = 1024; 734 735 memset(send_mem, 0x1c, sizeof(send_mem)); 736 737 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVBUF, 738 &rcv_buf, sizeof(rcv_buf)), 0); 739 740 EXPECT_EQ(send(self->fd, send_mem, 512, 0), 512); 741 memset(recv_mem, 0, sizeof(recv_mem)); 742 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 512); 743 EXPECT_EQ(memcmp(send_mem, recv_mem, 512), 0); 744 745 if (self->notls) 746 return; 747 748 EXPECT_EQ(send(self->fd, send_mem, 4096, 0), 4096); 749 memset(recv_mem, 0, sizeof(recv_mem)); 750 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), -1); 751 EXPECT_EQ(errno, EMSGSIZE); 752 753 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), -1); 754 EXPECT_EQ(errno, EMSGSIZE); 755 } 756 757 TEST_F(tls, bidir) 758 { 759 char const *test_str = "test_read"; 760 int send_len = 10; 761 char buf[10]; 762 int ret; 763 764 if (!self->notls) { 765 struct tls12_crypto_info_aes_gcm_128 tls12; 766 767 memset(&tls12, 0, sizeof(tls12)); 768 tls12.info.version = TLS_1_3_VERSION; 769 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 770 771 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 772 sizeof(tls12)); 773 ASSERT_EQ(ret, 0); 774 775 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 776 sizeof(tls12)); 777 ASSERT_EQ(ret, 0); 778 } 779 780 ASSERT_EQ(strlen(test_str) + 1, send_len); 781 782 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 783 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 784 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 785 786 memset(buf, 0, sizeof(buf)); 787 788 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 789 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 790 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 791 }; 792 793 TEST_F(tls, pollin) 794 { 795 char const *test_str = "test_poll"; 796 struct pollfd fd = { 0, 0, 0 }; 797 char buf[10]; 798 int send_len = 10; 799 800 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 801 fd.fd = self->cfd; 802 fd.events = POLLIN; 803 804 EXPECT_EQ(poll(&fd, 1, 20), 1); 805 EXPECT_EQ(fd.revents & POLLIN, 1); 806 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 807 /* Test timing out */ 808 EXPECT_EQ(poll(&fd, 1, 20), 0); 809 } 810 811 TEST_F(tls, poll_wait) 812 { 813 char const *test_str = "test_poll_wait"; 814 int send_len = strlen(test_str) + 1; 815 struct pollfd fd = { 0, 0, 0 }; 816 char recv_mem[15]; 817 818 fd.fd = self->cfd; 819 fd.events = POLLIN; 820 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 821 /* Set timeout to inf. secs */ 822 EXPECT_EQ(poll(&fd, 1, -1), 1); 823 EXPECT_EQ(fd.revents & POLLIN, 1); 824 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 825 } 826 827 TEST_F(tls, poll_wait_split) 828 { 829 struct pollfd fd = { 0, 0, 0 }; 830 char send_mem[20] = {}; 831 char recv_mem[15]; 832 833 fd.fd = self->cfd; 834 fd.events = POLLIN; 835 /* Send 20 bytes */ 836 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 837 sizeof(send_mem)); 838 /* Poll with inf. timeout */ 839 EXPECT_EQ(poll(&fd, 1, -1), 1); 840 EXPECT_EQ(fd.revents & POLLIN, 1); 841 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 842 sizeof(recv_mem)); 843 844 /* Now the remaining 5 bytes of record data are in TLS ULP */ 845 fd.fd = self->cfd; 846 fd.events = POLLIN; 847 EXPECT_EQ(poll(&fd, 1, -1), 1); 848 EXPECT_EQ(fd.revents & POLLIN, 1); 849 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 850 sizeof(send_mem) - sizeof(recv_mem)); 851 } 852 853 TEST_F(tls, blocking) 854 { 855 size_t data = 100000; 856 int res = fork(); 857 858 EXPECT_NE(res, -1); 859 860 if (res) { 861 /* parent */ 862 size_t left = data; 863 char buf[16384]; 864 int status; 865 int pid2; 866 867 while (left) { 868 int res = send(self->fd, buf, 869 left > 16384 ? 16384 : left, 0); 870 871 EXPECT_GE(res, 0); 872 left -= res; 873 } 874 875 pid2 = wait(&status); 876 EXPECT_EQ(status, 0); 877 EXPECT_EQ(res, pid2); 878 } else { 879 /* child */ 880 size_t left = data; 881 char buf[16384]; 882 883 while (left) { 884 int res = recv(self->cfd, buf, 885 left > 16384 ? 16384 : left, 0); 886 887 EXPECT_GE(res, 0); 888 left -= res; 889 } 890 } 891 } 892 893 TEST_F(tls, nonblocking) 894 { 895 size_t data = 100000; 896 int sendbuf = 100; 897 int flags; 898 int res; 899 900 flags = fcntl(self->fd, F_GETFL, 0); 901 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 902 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 903 904 /* Ensure nonblocking behavior by imposing a small send 905 * buffer. 906 */ 907 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 908 &sendbuf, sizeof(sendbuf)), 0); 909 910 res = fork(); 911 EXPECT_NE(res, -1); 912 913 if (res) { 914 /* parent */ 915 bool eagain = false; 916 size_t left = data; 917 char buf[16384]; 918 int status; 919 int pid2; 920 921 while (left) { 922 int res = send(self->fd, buf, 923 left > 16384 ? 16384 : left, 0); 924 925 if (res == -1 && errno == EAGAIN) { 926 eagain = true; 927 usleep(10000); 928 continue; 929 } 930 EXPECT_GE(res, 0); 931 left -= res; 932 } 933 934 EXPECT_TRUE(eagain); 935 pid2 = wait(&status); 936 937 EXPECT_EQ(status, 0); 938 EXPECT_EQ(res, pid2); 939 } else { 940 /* child */ 941 bool eagain = false; 942 size_t left = data; 943 char buf[16384]; 944 945 while (left) { 946 int res = recv(self->cfd, buf, 947 left > 16384 ? 16384 : left, 0); 948 949 if (res == -1 && errno == EAGAIN) { 950 eagain = true; 951 usleep(10000); 952 continue; 953 } 954 EXPECT_GE(res, 0); 955 left -= res; 956 } 957 EXPECT_TRUE(eagain); 958 } 959 } 960 961 static void 962 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 963 bool sendpg, unsigned int n_readers, unsigned int n_writers) 964 { 965 const unsigned int n_children = n_readers + n_writers; 966 const size_t data = 6 * 1000 * 1000; 967 const size_t file_sz = data / 100; 968 size_t read_bias, write_bias; 969 int i, fd, child_id; 970 char buf[file_sz]; 971 pid_t pid; 972 973 /* Only allow multiples for simplicity */ 974 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 975 read_bias = n_writers / n_readers ?: 1; 976 write_bias = n_readers / n_writers ?: 1; 977 978 /* prep a file to send */ 979 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 980 ASSERT_GE(fd, 0); 981 982 memset(buf, 0xac, file_sz); 983 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 984 985 /* spawn children */ 986 for (child_id = 0; child_id < n_children; child_id++) { 987 pid = fork(); 988 ASSERT_NE(pid, -1); 989 if (!pid) 990 break; 991 } 992 993 /* parent waits for all children */ 994 if (pid) { 995 for (i = 0; i < n_children; i++) { 996 int status; 997 998 wait(&status); 999 EXPECT_EQ(status, 0); 1000 } 1001 1002 return; 1003 } 1004 1005 /* Split threads for reading and writing */ 1006 if (child_id < n_readers) { 1007 size_t left = data * read_bias; 1008 char rb[8001]; 1009 1010 while (left) { 1011 int res; 1012 1013 res = recv(self->cfd, rb, 1014 left > sizeof(rb) ? sizeof(rb) : left, 0); 1015 1016 EXPECT_GE(res, 0); 1017 left -= res; 1018 } 1019 } else { 1020 size_t left = data * write_bias; 1021 1022 while (left) { 1023 int res; 1024 1025 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1026 if (sendpg) 1027 res = sendfile(self->fd, fd, NULL, 1028 left > file_sz ? file_sz : left); 1029 else 1030 res = send(self->fd, buf, 1031 left > file_sz ? file_sz : left, 0); 1032 1033 EXPECT_GE(res, 0); 1034 left -= res; 1035 } 1036 } 1037 } 1038 1039 TEST_F(tls, mutliproc_even) 1040 { 1041 test_mutliproc(_metadata, self, false, 6, 6); 1042 } 1043 1044 TEST_F(tls, mutliproc_readers) 1045 { 1046 test_mutliproc(_metadata, self, false, 4, 12); 1047 } 1048 1049 TEST_F(tls, mutliproc_writers) 1050 { 1051 test_mutliproc(_metadata, self, false, 10, 2); 1052 } 1053 1054 TEST_F(tls, mutliproc_sendpage_even) 1055 { 1056 test_mutliproc(_metadata, self, true, 6, 6); 1057 } 1058 1059 TEST_F(tls, mutliproc_sendpage_readers) 1060 { 1061 test_mutliproc(_metadata, self, true, 4, 12); 1062 } 1063 1064 TEST_F(tls, mutliproc_sendpage_writers) 1065 { 1066 test_mutliproc(_metadata, self, true, 10, 2); 1067 } 1068 1069 TEST_F(tls, control_msg) 1070 { 1071 if (self->notls) 1072 return; 1073 1074 char cbuf[CMSG_SPACE(sizeof(char))]; 1075 char const *test_str = "test_read"; 1076 int cmsg_len = sizeof(char); 1077 char record_type = 100; 1078 struct cmsghdr *cmsg; 1079 struct msghdr msg; 1080 int send_len = 10; 1081 struct iovec vec; 1082 char buf[10]; 1083 1084 vec.iov_base = (char *)test_str; 1085 vec.iov_len = 10; 1086 memset(&msg, 0, sizeof(struct msghdr)); 1087 msg.msg_iov = &vec; 1088 msg.msg_iovlen = 1; 1089 msg.msg_control = cbuf; 1090 msg.msg_controllen = sizeof(cbuf); 1091 cmsg = CMSG_FIRSTHDR(&msg); 1092 cmsg->cmsg_level = SOL_TLS; 1093 /* test sending non-record types. */ 1094 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 1095 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 1096 *CMSG_DATA(cmsg) = record_type; 1097 msg.msg_controllen = cmsg->cmsg_len; 1098 1099 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 1100 /* Should fail because we didn't provide a control message */ 1101 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1102 1103 vec.iov_base = buf; 1104 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 1105 1106 cmsg = CMSG_FIRSTHDR(&msg); 1107 EXPECT_NE(cmsg, NULL); 1108 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1109 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1110 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1111 EXPECT_EQ(record_type, 100); 1112 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1113 1114 /* Recv the message again without MSG_PEEK */ 1115 record_type = 0; 1116 memset(buf, 0, sizeof(buf)); 1117 1118 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 1119 cmsg = CMSG_FIRSTHDR(&msg); 1120 EXPECT_NE(cmsg, NULL); 1121 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1122 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1123 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1124 EXPECT_EQ(record_type, 100); 1125 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1126 } 1127 1128 TEST_F(tls, shutdown) 1129 { 1130 char const *test_str = "test_read"; 1131 int send_len = 10; 1132 char buf[10]; 1133 1134 ASSERT_EQ(strlen(test_str) + 1, send_len); 1135 1136 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1137 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1138 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1139 1140 shutdown(self->fd, SHUT_RDWR); 1141 shutdown(self->cfd, SHUT_RDWR); 1142 } 1143 1144 TEST_F(tls, shutdown_unsent) 1145 { 1146 char const *test_str = "test_read"; 1147 int send_len = 10; 1148 1149 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1150 1151 shutdown(self->fd, SHUT_RDWR); 1152 shutdown(self->cfd, SHUT_RDWR); 1153 } 1154 1155 TEST_F(tls, shutdown_reuse) 1156 { 1157 struct sockaddr_in addr; 1158 int ret; 1159 1160 shutdown(self->fd, SHUT_RDWR); 1161 shutdown(self->cfd, SHUT_RDWR); 1162 close(self->cfd); 1163 1164 addr.sin_family = AF_INET; 1165 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1166 addr.sin_port = 0; 1167 1168 ret = bind(self->fd, &addr, sizeof(addr)); 1169 EXPECT_EQ(ret, 0); 1170 ret = listen(self->fd, 10); 1171 EXPECT_EQ(ret, -1); 1172 EXPECT_EQ(errno, EINVAL); 1173 1174 ret = connect(self->fd, &addr, sizeof(addr)); 1175 EXPECT_EQ(ret, -1); 1176 EXPECT_EQ(errno, EISCONN); 1177 } 1178 1179 TEST(non_established) { 1180 struct tls12_crypto_info_aes_gcm_256 tls12; 1181 struct sockaddr_in addr; 1182 int sfd, ret, fd; 1183 socklen_t len; 1184 1185 len = sizeof(addr); 1186 1187 memset(&tls12, 0, sizeof(tls12)); 1188 tls12.info.version = TLS_1_2_VERSION; 1189 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1190 1191 addr.sin_family = AF_INET; 1192 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1193 addr.sin_port = 0; 1194 1195 fd = socket(AF_INET, SOCK_STREAM, 0); 1196 sfd = socket(AF_INET, SOCK_STREAM, 0); 1197 1198 ret = bind(sfd, &addr, sizeof(addr)); 1199 ASSERT_EQ(ret, 0); 1200 ret = listen(sfd, 10); 1201 ASSERT_EQ(ret, 0); 1202 1203 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1204 EXPECT_EQ(ret, -1); 1205 /* TLS ULP not supported */ 1206 if (errno == ENOENT) 1207 return; 1208 EXPECT_EQ(errno, ENOTSUPP); 1209 1210 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1211 EXPECT_EQ(ret, -1); 1212 EXPECT_EQ(errno, ENOTSUPP); 1213 1214 ret = getsockname(sfd, &addr, &len); 1215 ASSERT_EQ(ret, 0); 1216 1217 ret = connect(fd, &addr, sizeof(addr)); 1218 ASSERT_EQ(ret, 0); 1219 1220 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1221 ASSERT_EQ(ret, 0); 1222 1223 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1224 EXPECT_EQ(ret, -1); 1225 EXPECT_EQ(errno, EEXIST); 1226 1227 close(fd); 1228 close(sfd); 1229 } 1230 1231 TEST(keysizes) { 1232 struct tls12_crypto_info_aes_gcm_256 tls12; 1233 struct sockaddr_in addr; 1234 int sfd, ret, fd, cfd; 1235 socklen_t len; 1236 bool notls; 1237 1238 notls = false; 1239 len = sizeof(addr); 1240 1241 memset(&tls12, 0, sizeof(tls12)); 1242 tls12.info.version = TLS_1_2_VERSION; 1243 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1244 1245 addr.sin_family = AF_INET; 1246 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1247 addr.sin_port = 0; 1248 1249 fd = socket(AF_INET, SOCK_STREAM, 0); 1250 sfd = socket(AF_INET, SOCK_STREAM, 0); 1251 1252 ret = bind(sfd, &addr, sizeof(addr)); 1253 ASSERT_EQ(ret, 0); 1254 ret = listen(sfd, 10); 1255 ASSERT_EQ(ret, 0); 1256 1257 ret = getsockname(sfd, &addr, &len); 1258 ASSERT_EQ(ret, 0); 1259 1260 ret = connect(fd, &addr, sizeof(addr)); 1261 ASSERT_EQ(ret, 0); 1262 1263 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1264 if (ret != 0) { 1265 notls = true; 1266 printf("Failure setting TCP_ULP, testing without tls\n"); 1267 } 1268 1269 if (!notls) { 1270 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1271 sizeof(tls12)); 1272 EXPECT_EQ(ret, 0); 1273 } 1274 1275 cfd = accept(sfd, &addr, &len); 1276 ASSERT_GE(cfd, 0); 1277 1278 if (!notls) { 1279 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 1280 sizeof("tls")); 1281 EXPECT_EQ(ret, 0); 1282 1283 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1284 sizeof(tls12)); 1285 EXPECT_EQ(ret, 0); 1286 } 1287 1288 close(sfd); 1289 close(fd); 1290 close(cfd); 1291 } 1292 1293 TEST(tls12) { 1294 int fd, cfd; 1295 bool notls; 1296 1297 struct tls12_crypto_info_aes_gcm_128 tls12; 1298 struct sockaddr_in addr; 1299 socklen_t len; 1300 int sfd, ret; 1301 1302 notls = false; 1303 len = sizeof(addr); 1304 1305 memset(&tls12, 0, sizeof(tls12)); 1306 tls12.info.version = TLS_1_2_VERSION; 1307 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 1308 1309 addr.sin_family = AF_INET; 1310 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1311 addr.sin_port = 0; 1312 1313 fd = socket(AF_INET, SOCK_STREAM, 0); 1314 sfd = socket(AF_INET, SOCK_STREAM, 0); 1315 1316 ret = bind(sfd, &addr, sizeof(addr)); 1317 ASSERT_EQ(ret, 0); 1318 ret = listen(sfd, 10); 1319 ASSERT_EQ(ret, 0); 1320 1321 ret = getsockname(sfd, &addr, &len); 1322 ASSERT_EQ(ret, 0); 1323 1324 ret = connect(fd, &addr, sizeof(addr)); 1325 ASSERT_EQ(ret, 0); 1326 1327 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1328 if (ret != 0) { 1329 notls = true; 1330 printf("Failure setting TCP_ULP, testing without tls\n"); 1331 } 1332 1333 if (!notls) { 1334 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1335 sizeof(tls12)); 1336 ASSERT_EQ(ret, 0); 1337 } 1338 1339 cfd = accept(sfd, &addr, &len); 1340 ASSERT_GE(cfd, 0); 1341 1342 if (!notls) { 1343 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 1344 sizeof("tls")); 1345 ASSERT_EQ(ret, 0); 1346 1347 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1348 sizeof(tls12)); 1349 ASSERT_EQ(ret, 0); 1350 } 1351 1352 close(sfd); 1353 1354 char const *test_str = "test_read"; 1355 int send_len = 10; 1356 char buf[10]; 1357 1358 send_len = strlen(test_str) + 1; 1359 EXPECT_EQ(send(fd, test_str, send_len, 0), send_len); 1360 EXPECT_NE(recv(cfd, buf, send_len, 0), -1); 1361 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1362 1363 close(fd); 1364 close(cfd); 1365 } 1366 1367 TEST_HARNESS_MAIN 1368