1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 FIXTURE(tls_basic) 29 { 30 int fd, cfd; 31 bool notls; 32 }; 33 34 FIXTURE_SETUP(tls_basic) 35 { 36 struct sockaddr_in addr; 37 socklen_t len; 38 int sfd, ret; 39 40 self->notls = false; 41 len = sizeof(addr); 42 43 addr.sin_family = AF_INET; 44 addr.sin_addr.s_addr = htonl(INADDR_ANY); 45 addr.sin_port = 0; 46 47 self->fd = socket(AF_INET, SOCK_STREAM, 0); 48 sfd = socket(AF_INET, SOCK_STREAM, 0); 49 50 ret = bind(sfd, &addr, sizeof(addr)); 51 ASSERT_EQ(ret, 0); 52 ret = listen(sfd, 10); 53 ASSERT_EQ(ret, 0); 54 55 ret = getsockname(sfd, &addr, &len); 56 ASSERT_EQ(ret, 0); 57 58 ret = connect(self->fd, &addr, sizeof(addr)); 59 ASSERT_EQ(ret, 0); 60 61 self->cfd = accept(sfd, &addr, &len); 62 ASSERT_GE(self->cfd, 0); 63 64 close(sfd); 65 66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 67 if (ret != 0) { 68 ASSERT_EQ(errno, ENOENT); 69 self->notls = true; 70 printf("Failure setting TCP_ULP, testing without tls\n"); 71 return; 72 } 73 74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 75 ASSERT_EQ(ret, 0); 76 } 77 78 FIXTURE_TEARDOWN(tls_basic) 79 { 80 close(self->fd); 81 close(self->cfd); 82 } 83 84 /* Send some data through with ULP but no keys */ 85 TEST_F(tls_basic, base_base) 86 { 87 char const *test_str = "test_read"; 88 int send_len = 10; 89 char buf[10]; 90 91 ASSERT_EQ(strlen(test_str) + 1, send_len); 92 93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 96 }; 97 98 FIXTURE(tls) 99 { 100 int fd, cfd; 101 bool notls; 102 }; 103 104 FIXTURE_VARIANT(tls) 105 { 106 uint16_t tls_version; 107 uint16_t cipher_type; 108 }; 109 110 FIXTURE_VARIANT_ADD(tls, 12_gcm) 111 { 112 .tls_version = TLS_1_2_VERSION, 113 .cipher_type = TLS_CIPHER_AES_GCM_128, 114 }; 115 116 FIXTURE_VARIANT_ADD(tls, 13_gcm) 117 { 118 .tls_version = TLS_1_3_VERSION, 119 .cipher_type = TLS_CIPHER_AES_GCM_128, 120 }; 121 122 FIXTURE_VARIANT_ADD(tls, 12_chacha) 123 { 124 .tls_version = TLS_1_2_VERSION, 125 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 126 }; 127 128 FIXTURE_VARIANT_ADD(tls, 13_chacha) 129 { 130 .tls_version = TLS_1_3_VERSION, 131 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 132 }; 133 134 FIXTURE_SETUP(tls) 135 { 136 union { 137 struct tls12_crypto_info_aes_gcm_128 aes128; 138 struct tls12_crypto_info_chacha20_poly1305 chacha20; 139 } tls12; 140 struct sockaddr_in addr; 141 socklen_t len; 142 int sfd, ret; 143 size_t tls12_sz; 144 145 self->notls = false; 146 len = sizeof(addr); 147 148 memset(&tls12, 0, sizeof(tls12)); 149 switch (variant->cipher_type) { 150 case TLS_CIPHER_CHACHA20_POLY1305: 151 tls12_sz = sizeof(struct tls12_crypto_info_chacha20_poly1305); 152 tls12.chacha20.info.version = variant->tls_version; 153 tls12.chacha20.info.cipher_type = variant->cipher_type; 154 break; 155 case TLS_CIPHER_AES_GCM_128: 156 tls12_sz = sizeof(struct tls12_crypto_info_aes_gcm_128); 157 tls12.aes128.info.version = variant->tls_version; 158 tls12.aes128.info.cipher_type = variant->cipher_type; 159 break; 160 default: 161 tls12_sz = 0; 162 } 163 164 addr.sin_family = AF_INET; 165 addr.sin_addr.s_addr = htonl(INADDR_ANY); 166 addr.sin_port = 0; 167 168 self->fd = socket(AF_INET, SOCK_STREAM, 0); 169 sfd = socket(AF_INET, SOCK_STREAM, 0); 170 171 ret = bind(sfd, &addr, sizeof(addr)); 172 ASSERT_EQ(ret, 0); 173 ret = listen(sfd, 10); 174 ASSERT_EQ(ret, 0); 175 176 ret = getsockname(sfd, &addr, &len); 177 ASSERT_EQ(ret, 0); 178 179 ret = connect(self->fd, &addr, sizeof(addr)); 180 ASSERT_EQ(ret, 0); 181 182 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 183 if (ret != 0) { 184 self->notls = true; 185 printf("Failure setting TCP_ULP, testing without tls\n"); 186 } 187 188 if (!self->notls) { 189 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 190 tls12_sz); 191 ASSERT_EQ(ret, 0); 192 } 193 194 self->cfd = accept(sfd, &addr, &len); 195 ASSERT_GE(self->cfd, 0); 196 197 if (!self->notls) { 198 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 199 sizeof("tls")); 200 ASSERT_EQ(ret, 0); 201 202 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 203 tls12_sz); 204 ASSERT_EQ(ret, 0); 205 } 206 207 close(sfd); 208 } 209 210 FIXTURE_TEARDOWN(tls) 211 { 212 close(self->fd); 213 close(self->cfd); 214 } 215 216 TEST_F(tls, sendfile) 217 { 218 int filefd = open("/proc/self/exe", O_RDONLY); 219 struct stat st; 220 221 EXPECT_GE(filefd, 0); 222 fstat(filefd, &st); 223 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 224 } 225 226 TEST_F(tls, send_then_sendfile) 227 { 228 int filefd = open("/proc/self/exe", O_RDONLY); 229 char const *test_str = "test_send"; 230 int to_send = strlen(test_str) + 1; 231 char recv_buf[10]; 232 struct stat st; 233 char *buf; 234 235 EXPECT_GE(filefd, 0); 236 fstat(filefd, &st); 237 buf = (char *)malloc(st.st_size); 238 239 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 240 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 241 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 242 243 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 244 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 245 } 246 247 static void chunked_sendfile(struct __test_metadata *_metadata, 248 struct _test_data_tls *self, 249 uint16_t chunk_size, 250 uint16_t extra_payload_size) 251 { 252 char buf[TLS_PAYLOAD_MAX_LEN]; 253 uint16_t test_payload_size; 254 int size = 0; 255 int ret; 256 char filename[] = "/tmp/mytemp.XXXXXX"; 257 int fd = mkstemp(filename); 258 off_t offset = 0; 259 260 unlink(filename); 261 ASSERT_GE(fd, 0); 262 EXPECT_GE(chunk_size, 1); 263 test_payload_size = chunk_size + extra_payload_size; 264 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 265 memset(buf, 1, test_payload_size); 266 size = write(fd, buf, test_payload_size); 267 EXPECT_EQ(size, test_payload_size); 268 fsync(fd); 269 270 while (size > 0) { 271 ret = sendfile(self->fd, fd, &offset, chunk_size); 272 EXPECT_GE(ret, 0); 273 size -= ret; 274 } 275 276 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 277 test_payload_size); 278 279 close(fd); 280 } 281 282 TEST_F(tls, multi_chunk_sendfile) 283 { 284 chunked_sendfile(_metadata, self, 4096, 4096); 285 chunked_sendfile(_metadata, self, 4096, 0); 286 chunked_sendfile(_metadata, self, 4096, 1); 287 chunked_sendfile(_metadata, self, 4096, 2048); 288 chunked_sendfile(_metadata, self, 8192, 2048); 289 chunked_sendfile(_metadata, self, 4096, 8192); 290 chunked_sendfile(_metadata, self, 8192, 4096); 291 chunked_sendfile(_metadata, self, 12288, 1024); 292 chunked_sendfile(_metadata, self, 12288, 2000); 293 chunked_sendfile(_metadata, self, 15360, 100); 294 chunked_sendfile(_metadata, self, 15360, 300); 295 chunked_sendfile(_metadata, self, 1, 4096); 296 chunked_sendfile(_metadata, self, 2048, 4096); 297 chunked_sendfile(_metadata, self, 2048, 8192); 298 chunked_sendfile(_metadata, self, 4096, 8192); 299 chunked_sendfile(_metadata, self, 1024, 12288); 300 chunked_sendfile(_metadata, self, 2000, 12288); 301 chunked_sendfile(_metadata, self, 100, 15360); 302 chunked_sendfile(_metadata, self, 300, 15360); 303 } 304 305 TEST_F(tls, recv_max) 306 { 307 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 308 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 309 char buf[TLS_PAYLOAD_MAX_LEN]; 310 311 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 312 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 313 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 314 } 315 316 TEST_F(tls, recv_small) 317 { 318 char const *test_str = "test_read"; 319 int send_len = 10; 320 char buf[10]; 321 322 send_len = strlen(test_str) + 1; 323 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 324 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 325 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 326 } 327 328 TEST_F(tls, msg_more) 329 { 330 char const *test_str = "test_read"; 331 int send_len = 10; 332 char buf[10 * 2]; 333 334 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 335 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 336 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 337 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 338 send_len * 2); 339 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 340 } 341 342 TEST_F(tls, msg_more_unsent) 343 { 344 char const *test_str = "test_read"; 345 int send_len = 10; 346 char buf[10]; 347 348 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 349 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 350 } 351 352 TEST_F(tls, sendmsg_single) 353 { 354 struct msghdr msg; 355 356 char const *test_str = "test_sendmsg"; 357 size_t send_len = 13; 358 struct iovec vec; 359 char buf[13]; 360 361 vec.iov_base = (char *)test_str; 362 vec.iov_len = send_len; 363 memset(&msg, 0, sizeof(struct msghdr)); 364 msg.msg_iov = &vec; 365 msg.msg_iovlen = 1; 366 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 367 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 368 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 369 } 370 371 #define MAX_FRAGS 64 372 #define SEND_LEN 13 373 TEST_F(tls, sendmsg_fragmented) 374 { 375 char const *test_str = "test_sendmsg"; 376 char buf[SEND_LEN * MAX_FRAGS]; 377 struct iovec vec[MAX_FRAGS]; 378 struct msghdr msg; 379 int i, frags; 380 381 for (frags = 1; frags <= MAX_FRAGS; frags++) { 382 for (i = 0; i < frags; i++) { 383 vec[i].iov_base = (char *)test_str; 384 vec[i].iov_len = SEND_LEN; 385 } 386 387 memset(&msg, 0, sizeof(struct msghdr)); 388 msg.msg_iov = vec; 389 msg.msg_iovlen = frags; 390 391 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 392 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 393 SEND_LEN * frags); 394 395 for (i = 0; i < frags; i++) 396 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 397 test_str, SEND_LEN), 0); 398 } 399 } 400 #undef MAX_FRAGS 401 #undef SEND_LEN 402 403 TEST_F(tls, sendmsg_large) 404 { 405 void *mem = malloc(16384); 406 size_t send_len = 16384; 407 size_t sends = 128; 408 struct msghdr msg; 409 size_t recvs = 0; 410 size_t sent = 0; 411 412 memset(&msg, 0, sizeof(struct msghdr)); 413 while (sent++ < sends) { 414 struct iovec vec = { (void *)mem, send_len }; 415 416 msg.msg_iov = &vec; 417 msg.msg_iovlen = 1; 418 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 419 } 420 421 while (recvs++ < sends) 422 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 423 424 free(mem); 425 } 426 427 TEST_F(tls, sendmsg_multiple) 428 { 429 char const *test_str = "test_sendmsg_multiple"; 430 struct iovec vec[5]; 431 char *test_strs[5]; 432 struct msghdr msg; 433 int total_len = 0; 434 int len_cmp = 0; 435 int iov_len = 5; 436 char *buf; 437 int i; 438 439 memset(&msg, 0, sizeof(struct msghdr)); 440 for (i = 0; i < iov_len; i++) { 441 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 442 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 443 vec[i].iov_base = (void *)test_strs[i]; 444 vec[i].iov_len = strlen(test_strs[i]) + 1; 445 total_len += vec[i].iov_len; 446 } 447 msg.msg_iov = vec; 448 msg.msg_iovlen = iov_len; 449 450 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 451 buf = malloc(total_len); 452 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 453 for (i = 0; i < iov_len; i++) { 454 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 455 strlen(test_strs[i])), 456 0); 457 len_cmp += strlen(buf + len_cmp) + 1; 458 } 459 for (i = 0; i < iov_len; i++) 460 free(test_strs[i]); 461 free(buf); 462 } 463 464 TEST_F(tls, sendmsg_multiple_stress) 465 { 466 char const *test_str = "abcdefghijklmno"; 467 struct iovec vec[1024]; 468 char *test_strs[1024]; 469 int iov_len = 1024; 470 int total_len = 0; 471 char buf[1 << 14]; 472 struct msghdr msg; 473 int len_cmp = 0; 474 int i; 475 476 memset(&msg, 0, sizeof(struct msghdr)); 477 for (i = 0; i < iov_len; i++) { 478 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 479 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 480 vec[i].iov_base = (void *)test_strs[i]; 481 vec[i].iov_len = strlen(test_strs[i]) + 1; 482 total_len += vec[i].iov_len; 483 } 484 msg.msg_iov = vec; 485 msg.msg_iovlen = iov_len; 486 487 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 488 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 489 490 for (i = 0; i < iov_len; i++) 491 len_cmp += strlen(buf + len_cmp) + 1; 492 493 for (i = 0; i < iov_len; i++) 494 free(test_strs[i]); 495 } 496 497 TEST_F(tls, splice_from_pipe) 498 { 499 int send_len = TLS_PAYLOAD_MAX_LEN; 500 char mem_send[TLS_PAYLOAD_MAX_LEN]; 501 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 502 int p[2]; 503 504 ASSERT_GE(pipe(p), 0); 505 EXPECT_GE(write(p[1], mem_send, send_len), 0); 506 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 507 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 508 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 509 } 510 511 TEST_F(tls, splice_from_pipe2) 512 { 513 int send_len = 16000; 514 char mem_send[16000]; 515 char mem_recv[16000]; 516 int p2[2]; 517 int p[2]; 518 519 ASSERT_GE(pipe(p), 0); 520 ASSERT_GE(pipe(p2), 0); 521 EXPECT_GE(write(p[1], mem_send, 8000), 0); 522 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 523 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 524 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 525 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 526 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 527 } 528 529 TEST_F(tls, send_and_splice) 530 { 531 int send_len = TLS_PAYLOAD_MAX_LEN; 532 char mem_send[TLS_PAYLOAD_MAX_LEN]; 533 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 534 char const *test_str = "test_read"; 535 int send_len2 = 10; 536 char buf[10]; 537 int p[2]; 538 539 ASSERT_GE(pipe(p), 0); 540 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 541 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 542 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 543 544 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 545 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 546 547 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 548 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 549 } 550 551 TEST_F(tls, splice_to_pipe) 552 { 553 int send_len = TLS_PAYLOAD_MAX_LEN; 554 char mem_send[TLS_PAYLOAD_MAX_LEN]; 555 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 556 int p[2]; 557 558 ASSERT_GE(pipe(p), 0); 559 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 560 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 561 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 562 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 563 } 564 565 TEST_F(tls, recvmsg_single) 566 { 567 char const *test_str = "test_recvmsg_single"; 568 int send_len = strlen(test_str) + 1; 569 char buf[20]; 570 struct msghdr hdr; 571 struct iovec vec; 572 573 memset(&hdr, 0, sizeof(hdr)); 574 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 575 vec.iov_base = (char *)buf; 576 vec.iov_len = send_len; 577 hdr.msg_iovlen = 1; 578 hdr.msg_iov = &vec; 579 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 580 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 581 } 582 583 TEST_F(tls, recvmsg_single_max) 584 { 585 int send_len = TLS_PAYLOAD_MAX_LEN; 586 char send_mem[TLS_PAYLOAD_MAX_LEN]; 587 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 588 struct iovec vec; 589 struct msghdr hdr; 590 591 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 592 vec.iov_base = (char *)recv_mem; 593 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 594 595 hdr.msg_iovlen = 1; 596 hdr.msg_iov = &vec; 597 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 598 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 599 } 600 601 TEST_F(tls, recvmsg_multiple) 602 { 603 unsigned int msg_iovlen = 1024; 604 unsigned int len_compared = 0; 605 struct iovec vec[1024]; 606 char *iov_base[1024]; 607 unsigned int iov_len = 16; 608 int send_len = 1 << 14; 609 char buf[1 << 14]; 610 struct msghdr hdr; 611 int i; 612 613 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 614 for (i = 0; i < msg_iovlen; i++) { 615 iov_base[i] = (char *)malloc(iov_len); 616 vec[i].iov_base = iov_base[i]; 617 vec[i].iov_len = iov_len; 618 } 619 620 hdr.msg_iovlen = msg_iovlen; 621 hdr.msg_iov = vec; 622 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 623 for (i = 0; i < msg_iovlen; i++) 624 len_compared += iov_len; 625 626 for (i = 0; i < msg_iovlen; i++) 627 free(iov_base[i]); 628 } 629 630 TEST_F(tls, single_send_multiple_recv) 631 { 632 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 633 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 634 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 635 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 636 637 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 638 memset(recv_mem, 0, total_len); 639 640 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 641 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 642 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 643 } 644 645 TEST_F(tls, multiple_send_single_recv) 646 { 647 unsigned int total_len = 2 * 10; 648 unsigned int send_len = 10; 649 char recv_mem[2 * 10]; 650 char send_mem[10]; 651 652 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 653 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 654 memset(recv_mem, 0, total_len); 655 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 656 657 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 658 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 659 } 660 661 TEST_F(tls, single_send_multiple_recv_non_align) 662 { 663 const unsigned int total_len = 15; 664 const unsigned int recv_len = 10; 665 char recv_mem[recv_len * 2]; 666 char send_mem[total_len]; 667 668 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 669 memset(recv_mem, 0, total_len); 670 671 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 672 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 673 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 674 } 675 676 TEST_F(tls, recv_partial) 677 { 678 char const *test_str = "test_read_partial"; 679 char const *test_str_first = "test_read"; 680 char const *test_str_second = "_partial"; 681 int send_len = strlen(test_str) + 1; 682 char recv_mem[18]; 683 684 memset(recv_mem, 0, sizeof(recv_mem)); 685 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 686 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 687 MSG_WAITALL), -1); 688 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 689 memset(recv_mem, 0, sizeof(recv_mem)); 690 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 691 MSG_WAITALL), -1); 692 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 693 0); 694 } 695 696 TEST_F(tls, recv_nonblock) 697 { 698 char buf[4096]; 699 bool err; 700 701 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 702 err = (errno == EAGAIN || errno == EWOULDBLOCK); 703 EXPECT_EQ(err, true); 704 } 705 706 TEST_F(tls, recv_peek) 707 { 708 char const *test_str = "test_read_peek"; 709 int send_len = strlen(test_str) + 1; 710 char buf[15]; 711 712 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 713 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 714 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 715 memset(buf, 0, sizeof(buf)); 716 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 717 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 718 } 719 720 TEST_F(tls, recv_peek_multiple) 721 { 722 char const *test_str = "test_read_peek"; 723 int send_len = strlen(test_str) + 1; 724 unsigned int num_peeks = 100; 725 char buf[15]; 726 int i; 727 728 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 729 for (i = 0; i < num_peeks; i++) { 730 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 731 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 732 memset(buf, 0, sizeof(buf)); 733 } 734 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 735 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 736 } 737 738 TEST_F(tls, recv_peek_multiple_records) 739 { 740 char const *test_str = "test_read_peek_mult_recs"; 741 char const *test_str_first = "test_read_peek"; 742 char const *test_str_second = "_mult_recs"; 743 int len; 744 char buf[64]; 745 746 len = strlen(test_str_first); 747 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 748 749 len = strlen(test_str_second) + 1; 750 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 751 752 len = strlen(test_str_first); 753 memset(buf, 0, len); 754 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 755 756 /* MSG_PEEK can only peek into the current record. */ 757 len = strlen(test_str_first); 758 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 759 760 len = strlen(test_str) + 1; 761 memset(buf, 0, len); 762 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 763 764 /* Non-MSG_PEEK will advance strparser (and therefore record) 765 * however. 766 */ 767 len = strlen(test_str) + 1; 768 EXPECT_EQ(memcmp(test_str, buf, len), 0); 769 770 /* MSG_MORE will hold current record open, so later MSG_PEEK 771 * will see everything. 772 */ 773 len = strlen(test_str_first); 774 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 775 776 len = strlen(test_str_second) + 1; 777 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 778 779 len = strlen(test_str) + 1; 780 memset(buf, 0, len); 781 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 782 783 len = strlen(test_str) + 1; 784 EXPECT_EQ(memcmp(test_str, buf, len), 0); 785 } 786 787 TEST_F(tls, recv_peek_large_buf_mult_recs) 788 { 789 char const *test_str = "test_read_peek_mult_recs"; 790 char const *test_str_first = "test_read_peek"; 791 char const *test_str_second = "_mult_recs"; 792 int len; 793 char buf[64]; 794 795 len = strlen(test_str_first); 796 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 797 798 len = strlen(test_str_second) + 1; 799 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 800 801 len = strlen(test_str) + 1; 802 memset(buf, 0, len); 803 EXPECT_NE((len = recv(self->cfd, buf, len, 804 MSG_PEEK | MSG_WAITALL)), -1); 805 len = strlen(test_str) + 1; 806 EXPECT_EQ(memcmp(test_str, buf, len), 0); 807 } 808 809 TEST_F(tls, recv_lowat) 810 { 811 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 812 char recv_mem[20]; 813 int lowat = 8; 814 815 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 816 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 817 818 memset(recv_mem, 0, 20); 819 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 820 &lowat, sizeof(lowat)), 0); 821 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 822 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 823 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 824 825 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 826 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 827 } 828 829 TEST_F(tls, bidir) 830 { 831 char const *test_str = "test_read"; 832 int send_len = 10; 833 char buf[10]; 834 int ret; 835 836 if (!self->notls) { 837 struct tls12_crypto_info_aes_gcm_128 tls12; 838 839 memset(&tls12, 0, sizeof(tls12)); 840 tls12.info.version = variant->tls_version; 841 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 842 843 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 844 sizeof(tls12)); 845 ASSERT_EQ(ret, 0); 846 847 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 848 sizeof(tls12)); 849 ASSERT_EQ(ret, 0); 850 } 851 852 ASSERT_EQ(strlen(test_str) + 1, send_len); 853 854 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 855 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 856 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 857 858 memset(buf, 0, sizeof(buf)); 859 860 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 861 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 862 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 863 }; 864 865 TEST_F(tls, pollin) 866 { 867 char const *test_str = "test_poll"; 868 struct pollfd fd = { 0, 0, 0 }; 869 char buf[10]; 870 int send_len = 10; 871 872 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 873 fd.fd = self->cfd; 874 fd.events = POLLIN; 875 876 EXPECT_EQ(poll(&fd, 1, 20), 1); 877 EXPECT_EQ(fd.revents & POLLIN, 1); 878 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 879 /* Test timing out */ 880 EXPECT_EQ(poll(&fd, 1, 20), 0); 881 } 882 883 TEST_F(tls, poll_wait) 884 { 885 char const *test_str = "test_poll_wait"; 886 int send_len = strlen(test_str) + 1; 887 struct pollfd fd = { 0, 0, 0 }; 888 char recv_mem[15]; 889 890 fd.fd = self->cfd; 891 fd.events = POLLIN; 892 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 893 /* Set timeout to inf. secs */ 894 EXPECT_EQ(poll(&fd, 1, -1), 1); 895 EXPECT_EQ(fd.revents & POLLIN, 1); 896 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 897 } 898 899 TEST_F(tls, poll_wait_split) 900 { 901 struct pollfd fd = { 0, 0, 0 }; 902 char send_mem[20] = {}; 903 char recv_mem[15]; 904 905 fd.fd = self->cfd; 906 fd.events = POLLIN; 907 /* Send 20 bytes */ 908 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 909 sizeof(send_mem)); 910 /* Poll with inf. timeout */ 911 EXPECT_EQ(poll(&fd, 1, -1), 1); 912 EXPECT_EQ(fd.revents & POLLIN, 1); 913 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 914 sizeof(recv_mem)); 915 916 /* Now the remaining 5 bytes of record data are in TLS ULP */ 917 fd.fd = self->cfd; 918 fd.events = POLLIN; 919 EXPECT_EQ(poll(&fd, 1, -1), 1); 920 EXPECT_EQ(fd.revents & POLLIN, 1); 921 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 922 sizeof(send_mem) - sizeof(recv_mem)); 923 } 924 925 TEST_F(tls, blocking) 926 { 927 size_t data = 100000; 928 int res = fork(); 929 930 EXPECT_NE(res, -1); 931 932 if (res) { 933 /* parent */ 934 size_t left = data; 935 char buf[16384]; 936 int status; 937 int pid2; 938 939 while (left) { 940 int res = send(self->fd, buf, 941 left > 16384 ? 16384 : left, 0); 942 943 EXPECT_GE(res, 0); 944 left -= res; 945 } 946 947 pid2 = wait(&status); 948 EXPECT_EQ(status, 0); 949 EXPECT_EQ(res, pid2); 950 } else { 951 /* child */ 952 size_t left = data; 953 char buf[16384]; 954 955 while (left) { 956 int res = recv(self->cfd, buf, 957 left > 16384 ? 16384 : left, 0); 958 959 EXPECT_GE(res, 0); 960 left -= res; 961 } 962 } 963 } 964 965 TEST_F(tls, nonblocking) 966 { 967 size_t data = 100000; 968 int sendbuf = 100; 969 int flags; 970 int res; 971 972 flags = fcntl(self->fd, F_GETFL, 0); 973 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 974 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 975 976 /* Ensure nonblocking behavior by imposing a small send 977 * buffer. 978 */ 979 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 980 &sendbuf, sizeof(sendbuf)), 0); 981 982 res = fork(); 983 EXPECT_NE(res, -1); 984 985 if (res) { 986 /* parent */ 987 bool eagain = false; 988 size_t left = data; 989 char buf[16384]; 990 int status; 991 int pid2; 992 993 while (left) { 994 int res = send(self->fd, buf, 995 left > 16384 ? 16384 : left, 0); 996 997 if (res == -1 && errno == EAGAIN) { 998 eagain = true; 999 usleep(10000); 1000 continue; 1001 } 1002 EXPECT_GE(res, 0); 1003 left -= res; 1004 } 1005 1006 EXPECT_TRUE(eagain); 1007 pid2 = wait(&status); 1008 1009 EXPECT_EQ(status, 0); 1010 EXPECT_EQ(res, pid2); 1011 } else { 1012 /* child */ 1013 bool eagain = false; 1014 size_t left = data; 1015 char buf[16384]; 1016 1017 while (left) { 1018 int res = recv(self->cfd, buf, 1019 left > 16384 ? 16384 : left, 0); 1020 1021 if (res == -1 && errno == EAGAIN) { 1022 eagain = true; 1023 usleep(10000); 1024 continue; 1025 } 1026 EXPECT_GE(res, 0); 1027 left -= res; 1028 } 1029 EXPECT_TRUE(eagain); 1030 } 1031 } 1032 1033 static void 1034 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1035 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1036 { 1037 const unsigned int n_children = n_readers + n_writers; 1038 const size_t data = 6 * 1000 * 1000; 1039 const size_t file_sz = data / 100; 1040 size_t read_bias, write_bias; 1041 int i, fd, child_id; 1042 char buf[file_sz]; 1043 pid_t pid; 1044 1045 /* Only allow multiples for simplicity */ 1046 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1047 read_bias = n_writers / n_readers ?: 1; 1048 write_bias = n_readers / n_writers ?: 1; 1049 1050 /* prep a file to send */ 1051 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1052 ASSERT_GE(fd, 0); 1053 1054 memset(buf, 0xac, file_sz); 1055 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1056 1057 /* spawn children */ 1058 for (child_id = 0; child_id < n_children; child_id++) { 1059 pid = fork(); 1060 ASSERT_NE(pid, -1); 1061 if (!pid) 1062 break; 1063 } 1064 1065 /* parent waits for all children */ 1066 if (pid) { 1067 for (i = 0; i < n_children; i++) { 1068 int status; 1069 1070 wait(&status); 1071 EXPECT_EQ(status, 0); 1072 } 1073 1074 return; 1075 } 1076 1077 /* Split threads for reading and writing */ 1078 if (child_id < n_readers) { 1079 size_t left = data * read_bias; 1080 char rb[8001]; 1081 1082 while (left) { 1083 int res; 1084 1085 res = recv(self->cfd, rb, 1086 left > sizeof(rb) ? sizeof(rb) : left, 0); 1087 1088 EXPECT_GE(res, 0); 1089 left -= res; 1090 } 1091 } else { 1092 size_t left = data * write_bias; 1093 1094 while (left) { 1095 int res; 1096 1097 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1098 if (sendpg) 1099 res = sendfile(self->fd, fd, NULL, 1100 left > file_sz ? file_sz : left); 1101 else 1102 res = send(self->fd, buf, 1103 left > file_sz ? file_sz : left, 0); 1104 1105 EXPECT_GE(res, 0); 1106 left -= res; 1107 } 1108 } 1109 } 1110 1111 TEST_F(tls, mutliproc_even) 1112 { 1113 test_mutliproc(_metadata, self, false, 6, 6); 1114 } 1115 1116 TEST_F(tls, mutliproc_readers) 1117 { 1118 test_mutliproc(_metadata, self, false, 4, 12); 1119 } 1120 1121 TEST_F(tls, mutliproc_writers) 1122 { 1123 test_mutliproc(_metadata, self, false, 10, 2); 1124 } 1125 1126 TEST_F(tls, mutliproc_sendpage_even) 1127 { 1128 test_mutliproc(_metadata, self, true, 6, 6); 1129 } 1130 1131 TEST_F(tls, mutliproc_sendpage_readers) 1132 { 1133 test_mutliproc(_metadata, self, true, 4, 12); 1134 } 1135 1136 TEST_F(tls, mutliproc_sendpage_writers) 1137 { 1138 test_mutliproc(_metadata, self, true, 10, 2); 1139 } 1140 1141 TEST_F(tls, control_msg) 1142 { 1143 if (self->notls) 1144 return; 1145 1146 char cbuf[CMSG_SPACE(sizeof(char))]; 1147 char const *test_str = "test_read"; 1148 int cmsg_len = sizeof(char); 1149 char record_type = 100; 1150 struct cmsghdr *cmsg; 1151 struct msghdr msg; 1152 int send_len = 10; 1153 struct iovec vec; 1154 char buf[10]; 1155 1156 vec.iov_base = (char *)test_str; 1157 vec.iov_len = 10; 1158 memset(&msg, 0, sizeof(struct msghdr)); 1159 msg.msg_iov = &vec; 1160 msg.msg_iovlen = 1; 1161 msg.msg_control = cbuf; 1162 msg.msg_controllen = sizeof(cbuf); 1163 cmsg = CMSG_FIRSTHDR(&msg); 1164 cmsg->cmsg_level = SOL_TLS; 1165 /* test sending non-record types. */ 1166 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 1167 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 1168 *CMSG_DATA(cmsg) = record_type; 1169 msg.msg_controllen = cmsg->cmsg_len; 1170 1171 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 1172 /* Should fail because we didn't provide a control message */ 1173 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1174 1175 vec.iov_base = buf; 1176 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 1177 1178 cmsg = CMSG_FIRSTHDR(&msg); 1179 EXPECT_NE(cmsg, NULL); 1180 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1181 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1182 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1183 EXPECT_EQ(record_type, 100); 1184 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1185 1186 /* Recv the message again without MSG_PEEK */ 1187 record_type = 0; 1188 memset(buf, 0, sizeof(buf)); 1189 1190 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 1191 cmsg = CMSG_FIRSTHDR(&msg); 1192 EXPECT_NE(cmsg, NULL); 1193 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1194 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1195 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1196 EXPECT_EQ(record_type, 100); 1197 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1198 } 1199 1200 TEST_F(tls, shutdown) 1201 { 1202 char const *test_str = "test_read"; 1203 int send_len = 10; 1204 char buf[10]; 1205 1206 ASSERT_EQ(strlen(test_str) + 1, send_len); 1207 1208 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1209 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1210 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1211 1212 shutdown(self->fd, SHUT_RDWR); 1213 shutdown(self->cfd, SHUT_RDWR); 1214 } 1215 1216 TEST_F(tls, shutdown_unsent) 1217 { 1218 char const *test_str = "test_read"; 1219 int send_len = 10; 1220 1221 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1222 1223 shutdown(self->fd, SHUT_RDWR); 1224 shutdown(self->cfd, SHUT_RDWR); 1225 } 1226 1227 TEST_F(tls, shutdown_reuse) 1228 { 1229 struct sockaddr_in addr; 1230 int ret; 1231 1232 shutdown(self->fd, SHUT_RDWR); 1233 shutdown(self->cfd, SHUT_RDWR); 1234 close(self->cfd); 1235 1236 addr.sin_family = AF_INET; 1237 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1238 addr.sin_port = 0; 1239 1240 ret = bind(self->fd, &addr, sizeof(addr)); 1241 EXPECT_EQ(ret, 0); 1242 ret = listen(self->fd, 10); 1243 EXPECT_EQ(ret, -1); 1244 EXPECT_EQ(errno, EINVAL); 1245 1246 ret = connect(self->fd, &addr, sizeof(addr)); 1247 EXPECT_EQ(ret, -1); 1248 EXPECT_EQ(errno, EISCONN); 1249 } 1250 1251 TEST(non_established) { 1252 struct tls12_crypto_info_aes_gcm_256 tls12; 1253 struct sockaddr_in addr; 1254 int sfd, ret, fd; 1255 socklen_t len; 1256 1257 len = sizeof(addr); 1258 1259 memset(&tls12, 0, sizeof(tls12)); 1260 tls12.info.version = TLS_1_2_VERSION; 1261 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1262 1263 addr.sin_family = AF_INET; 1264 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1265 addr.sin_port = 0; 1266 1267 fd = socket(AF_INET, SOCK_STREAM, 0); 1268 sfd = socket(AF_INET, SOCK_STREAM, 0); 1269 1270 ret = bind(sfd, &addr, sizeof(addr)); 1271 ASSERT_EQ(ret, 0); 1272 ret = listen(sfd, 10); 1273 ASSERT_EQ(ret, 0); 1274 1275 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1276 EXPECT_EQ(ret, -1); 1277 /* TLS ULP not supported */ 1278 if (errno == ENOENT) 1279 return; 1280 EXPECT_EQ(errno, ENOTCONN); 1281 1282 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1283 EXPECT_EQ(ret, -1); 1284 EXPECT_EQ(errno, ENOTCONN); 1285 1286 ret = getsockname(sfd, &addr, &len); 1287 ASSERT_EQ(ret, 0); 1288 1289 ret = connect(fd, &addr, sizeof(addr)); 1290 ASSERT_EQ(ret, 0); 1291 1292 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1293 ASSERT_EQ(ret, 0); 1294 1295 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1296 EXPECT_EQ(ret, -1); 1297 EXPECT_EQ(errno, EEXIST); 1298 1299 close(fd); 1300 close(sfd); 1301 } 1302 1303 TEST(keysizes) { 1304 struct tls12_crypto_info_aes_gcm_256 tls12; 1305 struct sockaddr_in addr; 1306 int sfd, ret, fd, cfd; 1307 socklen_t len; 1308 bool notls; 1309 1310 notls = false; 1311 len = sizeof(addr); 1312 1313 memset(&tls12, 0, sizeof(tls12)); 1314 tls12.info.version = TLS_1_2_VERSION; 1315 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1316 1317 addr.sin_family = AF_INET; 1318 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1319 addr.sin_port = 0; 1320 1321 fd = socket(AF_INET, SOCK_STREAM, 0); 1322 sfd = socket(AF_INET, SOCK_STREAM, 0); 1323 1324 ret = bind(sfd, &addr, sizeof(addr)); 1325 ASSERT_EQ(ret, 0); 1326 ret = listen(sfd, 10); 1327 ASSERT_EQ(ret, 0); 1328 1329 ret = getsockname(sfd, &addr, &len); 1330 ASSERT_EQ(ret, 0); 1331 1332 ret = connect(fd, &addr, sizeof(addr)); 1333 ASSERT_EQ(ret, 0); 1334 1335 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1336 if (ret != 0) { 1337 notls = true; 1338 printf("Failure setting TCP_ULP, testing without tls\n"); 1339 } 1340 1341 if (!notls) { 1342 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1343 sizeof(tls12)); 1344 EXPECT_EQ(ret, 0); 1345 } 1346 1347 cfd = accept(sfd, &addr, &len); 1348 ASSERT_GE(cfd, 0); 1349 1350 if (!notls) { 1351 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 1352 sizeof("tls")); 1353 EXPECT_EQ(ret, 0); 1354 1355 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1356 sizeof(tls12)); 1357 EXPECT_EQ(ret, 0); 1358 } 1359 1360 close(sfd); 1361 close(fd); 1362 close(cfd); 1363 } 1364 1365 TEST_HARNESS_MAIN 1366