1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 FIXTURE(tls) 29 { 30 int fd, cfd; 31 bool notls; 32 }; 33 34 FIXTURE_SETUP(tls) 35 { 36 struct tls12_crypto_info_aes_gcm_128 tls12; 37 struct sockaddr_in addr; 38 socklen_t len; 39 int sfd, ret; 40 41 self->notls = false; 42 len = sizeof(addr); 43 44 memset(&tls12, 0, sizeof(tls12)); 45 tls12.info.version = TLS_1_3_VERSION; 46 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 47 48 addr.sin_family = AF_INET; 49 addr.sin_addr.s_addr = htonl(INADDR_ANY); 50 addr.sin_port = 0; 51 52 self->fd = socket(AF_INET, SOCK_STREAM, 0); 53 sfd = socket(AF_INET, SOCK_STREAM, 0); 54 55 ret = bind(sfd, &addr, sizeof(addr)); 56 ASSERT_EQ(ret, 0); 57 ret = listen(sfd, 10); 58 ASSERT_EQ(ret, 0); 59 60 ret = getsockname(sfd, &addr, &len); 61 ASSERT_EQ(ret, 0); 62 63 ret = connect(self->fd, &addr, sizeof(addr)); 64 ASSERT_EQ(ret, 0); 65 66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 67 if (ret != 0) { 68 self->notls = true; 69 printf("Failure setting TCP_ULP, testing without tls\n"); 70 } 71 72 if (!self->notls) { 73 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 74 sizeof(tls12)); 75 ASSERT_EQ(ret, 0); 76 } 77 78 self->cfd = accept(sfd, &addr, &len); 79 ASSERT_GE(self->cfd, 0); 80 81 if (!self->notls) { 82 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 83 sizeof("tls")); 84 ASSERT_EQ(ret, 0); 85 86 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 87 sizeof(tls12)); 88 ASSERT_EQ(ret, 0); 89 } 90 91 close(sfd); 92 } 93 94 FIXTURE_TEARDOWN(tls) 95 { 96 close(self->fd); 97 close(self->cfd); 98 } 99 100 TEST_F(tls, sendfile) 101 { 102 int filefd = open("/proc/self/exe", O_RDONLY); 103 struct stat st; 104 105 EXPECT_GE(filefd, 0); 106 fstat(filefd, &st); 107 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 108 } 109 110 TEST_F(tls, send_then_sendfile) 111 { 112 int filefd = open("/proc/self/exe", O_RDONLY); 113 char const *test_str = "test_send"; 114 int to_send = strlen(test_str) + 1; 115 char recv_buf[10]; 116 struct stat st; 117 char *buf; 118 119 EXPECT_GE(filefd, 0); 120 fstat(filefd, &st); 121 buf = (char *)malloc(st.st_size); 122 123 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 124 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 125 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 126 127 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 128 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 129 } 130 131 TEST_F(tls, recv_max) 132 { 133 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 134 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 135 char buf[TLS_PAYLOAD_MAX_LEN]; 136 137 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 138 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 139 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 140 } 141 142 TEST_F(tls, recv_small) 143 { 144 char const *test_str = "test_read"; 145 int send_len = 10; 146 char buf[10]; 147 148 send_len = strlen(test_str) + 1; 149 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 150 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 151 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 152 } 153 154 TEST_F(tls, msg_more) 155 { 156 char const *test_str = "test_read"; 157 int send_len = 10; 158 char buf[10 * 2]; 159 160 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 161 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 162 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 163 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 164 send_len * 2); 165 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 166 } 167 168 TEST_F(tls, sendmsg_single) 169 { 170 struct msghdr msg; 171 172 char const *test_str = "test_sendmsg"; 173 size_t send_len = 13; 174 struct iovec vec; 175 char buf[13]; 176 177 vec.iov_base = (char *)test_str; 178 vec.iov_len = send_len; 179 memset(&msg, 0, sizeof(struct msghdr)); 180 msg.msg_iov = &vec; 181 msg.msg_iovlen = 1; 182 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 183 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 184 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 185 } 186 187 TEST_F(tls, sendmsg_large) 188 { 189 void *mem = malloc(16384); 190 size_t send_len = 16384; 191 size_t sends = 128; 192 struct msghdr msg; 193 size_t recvs = 0; 194 size_t sent = 0; 195 196 memset(&msg, 0, sizeof(struct msghdr)); 197 while (sent++ < sends) { 198 struct iovec vec = { (void *)mem, send_len }; 199 200 msg.msg_iov = &vec; 201 msg.msg_iovlen = 1; 202 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 203 } 204 205 while (recvs++ < sends) 206 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 207 208 free(mem); 209 } 210 211 TEST_F(tls, sendmsg_multiple) 212 { 213 char const *test_str = "test_sendmsg_multiple"; 214 struct iovec vec[5]; 215 char *test_strs[5]; 216 struct msghdr msg; 217 int total_len = 0; 218 int len_cmp = 0; 219 int iov_len = 5; 220 char *buf; 221 int i; 222 223 memset(&msg, 0, sizeof(struct msghdr)); 224 for (i = 0; i < iov_len; i++) { 225 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 226 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 227 vec[i].iov_base = (void *)test_strs[i]; 228 vec[i].iov_len = strlen(test_strs[i]) + 1; 229 total_len += vec[i].iov_len; 230 } 231 msg.msg_iov = vec; 232 msg.msg_iovlen = iov_len; 233 234 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 235 buf = malloc(total_len); 236 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 237 for (i = 0; i < iov_len; i++) { 238 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 239 strlen(test_strs[i])), 240 0); 241 len_cmp += strlen(buf + len_cmp) + 1; 242 } 243 for (i = 0; i < iov_len; i++) 244 free(test_strs[i]); 245 free(buf); 246 } 247 248 TEST_F(tls, sendmsg_multiple_stress) 249 { 250 char const *test_str = "abcdefghijklmno"; 251 struct iovec vec[1024]; 252 char *test_strs[1024]; 253 int iov_len = 1024; 254 int total_len = 0; 255 char buf[1 << 14]; 256 struct msghdr msg; 257 int len_cmp = 0; 258 int i; 259 260 memset(&msg, 0, sizeof(struct msghdr)); 261 for (i = 0; i < iov_len; i++) { 262 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 263 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 264 vec[i].iov_base = (void *)test_strs[i]; 265 vec[i].iov_len = strlen(test_strs[i]) + 1; 266 total_len += vec[i].iov_len; 267 } 268 msg.msg_iov = vec; 269 msg.msg_iovlen = iov_len; 270 271 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 272 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 273 274 for (i = 0; i < iov_len; i++) 275 len_cmp += strlen(buf + len_cmp) + 1; 276 277 for (i = 0; i < iov_len; i++) 278 free(test_strs[i]); 279 } 280 281 TEST_F(tls, splice_from_pipe) 282 { 283 int send_len = TLS_PAYLOAD_MAX_LEN; 284 char mem_send[TLS_PAYLOAD_MAX_LEN]; 285 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 286 int p[2]; 287 288 ASSERT_GE(pipe(p), 0); 289 EXPECT_GE(write(p[1], mem_send, send_len), 0); 290 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 291 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 292 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 293 } 294 295 TEST_F(tls, splice_from_pipe2) 296 { 297 int send_len = 16000; 298 char mem_send[16000]; 299 char mem_recv[16000]; 300 int p2[2]; 301 int p[2]; 302 303 ASSERT_GE(pipe(p), 0); 304 ASSERT_GE(pipe(p2), 0); 305 EXPECT_GE(write(p[1], mem_send, 8000), 0); 306 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 307 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 308 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 309 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 310 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 311 } 312 313 TEST_F(tls, send_and_splice) 314 { 315 int send_len = TLS_PAYLOAD_MAX_LEN; 316 char mem_send[TLS_PAYLOAD_MAX_LEN]; 317 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 318 char const *test_str = "test_read"; 319 int send_len2 = 10; 320 char buf[10]; 321 int p[2]; 322 323 ASSERT_GE(pipe(p), 0); 324 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 325 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 326 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 327 328 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 329 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 330 331 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 332 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 333 } 334 335 TEST_F(tls, splice_to_pipe) 336 { 337 int send_len = TLS_PAYLOAD_MAX_LEN; 338 char mem_send[TLS_PAYLOAD_MAX_LEN]; 339 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 340 int p[2]; 341 342 ASSERT_GE(pipe(p), 0); 343 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 344 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 345 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 346 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 347 } 348 349 TEST_F(tls, recvmsg_single) 350 { 351 char const *test_str = "test_recvmsg_single"; 352 int send_len = strlen(test_str) + 1; 353 char buf[20]; 354 struct msghdr hdr; 355 struct iovec vec; 356 357 memset(&hdr, 0, sizeof(hdr)); 358 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 359 vec.iov_base = (char *)buf; 360 vec.iov_len = send_len; 361 hdr.msg_iovlen = 1; 362 hdr.msg_iov = &vec; 363 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 364 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 365 } 366 367 TEST_F(tls, recvmsg_single_max) 368 { 369 int send_len = TLS_PAYLOAD_MAX_LEN; 370 char send_mem[TLS_PAYLOAD_MAX_LEN]; 371 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 372 struct iovec vec; 373 struct msghdr hdr; 374 375 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 376 vec.iov_base = (char *)recv_mem; 377 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 378 379 hdr.msg_iovlen = 1; 380 hdr.msg_iov = &vec; 381 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 382 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 383 } 384 385 TEST_F(tls, recvmsg_multiple) 386 { 387 unsigned int msg_iovlen = 1024; 388 unsigned int len_compared = 0; 389 struct iovec vec[1024]; 390 char *iov_base[1024]; 391 unsigned int iov_len = 16; 392 int send_len = 1 << 14; 393 char buf[1 << 14]; 394 struct msghdr hdr; 395 int i; 396 397 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 398 for (i = 0; i < msg_iovlen; i++) { 399 iov_base[i] = (char *)malloc(iov_len); 400 vec[i].iov_base = iov_base[i]; 401 vec[i].iov_len = iov_len; 402 } 403 404 hdr.msg_iovlen = msg_iovlen; 405 hdr.msg_iov = vec; 406 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 407 for (i = 0; i < msg_iovlen; i++) 408 len_compared += iov_len; 409 410 for (i = 0; i < msg_iovlen; i++) 411 free(iov_base[i]); 412 } 413 414 TEST_F(tls, single_send_multiple_recv) 415 { 416 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 417 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 418 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 419 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 420 421 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 422 memset(recv_mem, 0, total_len); 423 424 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 425 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 426 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 427 } 428 429 TEST_F(tls, multiple_send_single_recv) 430 { 431 unsigned int total_len = 2 * 10; 432 unsigned int send_len = 10; 433 char recv_mem[2 * 10]; 434 char send_mem[10]; 435 436 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 437 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 438 memset(recv_mem, 0, total_len); 439 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 440 441 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 442 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 443 } 444 445 TEST_F(tls, single_send_multiple_recv_non_align) 446 { 447 const unsigned int total_len = 15; 448 const unsigned int recv_len = 10; 449 char recv_mem[recv_len * 2]; 450 char send_mem[total_len]; 451 452 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 453 memset(recv_mem, 0, total_len); 454 455 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 456 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 457 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 458 } 459 460 TEST_F(tls, recv_partial) 461 { 462 char const *test_str = "test_read_partial"; 463 char const *test_str_first = "test_read"; 464 char const *test_str_second = "_partial"; 465 int send_len = strlen(test_str) + 1; 466 char recv_mem[18]; 467 468 memset(recv_mem, 0, sizeof(recv_mem)); 469 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 470 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 471 MSG_WAITALL), -1); 472 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 473 memset(recv_mem, 0, sizeof(recv_mem)); 474 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 475 MSG_WAITALL), -1); 476 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 477 0); 478 } 479 480 TEST_F(tls, recv_nonblock) 481 { 482 char buf[4096]; 483 bool err; 484 485 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 486 err = (errno == EAGAIN || errno == EWOULDBLOCK); 487 EXPECT_EQ(err, true); 488 } 489 490 TEST_F(tls, recv_peek) 491 { 492 char const *test_str = "test_read_peek"; 493 int send_len = strlen(test_str) + 1; 494 char buf[15]; 495 496 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 497 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 498 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 499 memset(buf, 0, sizeof(buf)); 500 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 501 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 502 } 503 504 TEST_F(tls, recv_peek_multiple) 505 { 506 char const *test_str = "test_read_peek"; 507 int send_len = strlen(test_str) + 1; 508 unsigned int num_peeks = 100; 509 char buf[15]; 510 int i; 511 512 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 513 for (i = 0; i < num_peeks; i++) { 514 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 515 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 516 memset(buf, 0, sizeof(buf)); 517 } 518 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 519 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 520 } 521 522 TEST_F(tls, recv_peek_multiple_records) 523 { 524 char const *test_str = "test_read_peek_mult_recs"; 525 char const *test_str_first = "test_read_peek"; 526 char const *test_str_second = "_mult_recs"; 527 int len; 528 char buf[64]; 529 530 len = strlen(test_str_first); 531 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 532 533 len = strlen(test_str_second) + 1; 534 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 535 536 len = strlen(test_str_first); 537 memset(buf, 0, len); 538 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 539 540 /* MSG_PEEK can only peek into the current record. */ 541 len = strlen(test_str_first); 542 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 543 544 len = strlen(test_str) + 1; 545 memset(buf, 0, len); 546 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 547 548 /* Non-MSG_PEEK will advance strparser (and therefore record) 549 * however. 550 */ 551 len = strlen(test_str) + 1; 552 EXPECT_EQ(memcmp(test_str, buf, len), 0); 553 554 /* MSG_MORE will hold current record open, so later MSG_PEEK 555 * will see everything. 556 */ 557 len = strlen(test_str_first); 558 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 559 560 len = strlen(test_str_second) + 1; 561 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 562 563 len = strlen(test_str) + 1; 564 memset(buf, 0, len); 565 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 566 567 len = strlen(test_str) + 1; 568 EXPECT_EQ(memcmp(test_str, buf, len), 0); 569 } 570 571 TEST_F(tls, recv_peek_large_buf_mult_recs) 572 { 573 char const *test_str = "test_read_peek_mult_recs"; 574 char const *test_str_first = "test_read_peek"; 575 char const *test_str_second = "_mult_recs"; 576 int len; 577 char buf[64]; 578 579 len = strlen(test_str_first); 580 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 581 582 len = strlen(test_str_second) + 1; 583 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 584 585 len = strlen(test_str) + 1; 586 memset(buf, 0, len); 587 EXPECT_NE((len = recv(self->cfd, buf, len, 588 MSG_PEEK | MSG_WAITALL)), -1); 589 len = strlen(test_str) + 1; 590 EXPECT_EQ(memcmp(test_str, buf, len), 0); 591 } 592 593 TEST_F(tls, recv_lowat) 594 { 595 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 596 char recv_mem[20]; 597 int lowat = 8; 598 599 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 600 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 601 602 memset(recv_mem, 0, 20); 603 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 604 &lowat, sizeof(lowat)), 0); 605 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 606 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 607 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 608 609 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 610 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 611 } 612 613 TEST_F(tls, pollin) 614 { 615 char const *test_str = "test_poll"; 616 struct pollfd fd = { 0, 0, 0 }; 617 char buf[10]; 618 int send_len = 10; 619 620 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 621 fd.fd = self->cfd; 622 fd.events = POLLIN; 623 624 EXPECT_EQ(poll(&fd, 1, 20), 1); 625 EXPECT_EQ(fd.revents & POLLIN, 1); 626 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 627 /* Test timing out */ 628 EXPECT_EQ(poll(&fd, 1, 20), 0); 629 } 630 631 TEST_F(tls, poll_wait) 632 { 633 char const *test_str = "test_poll_wait"; 634 int send_len = strlen(test_str) + 1; 635 struct pollfd fd = { 0, 0, 0 }; 636 char recv_mem[15]; 637 638 fd.fd = self->cfd; 639 fd.events = POLLIN; 640 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 641 /* Set timeout to inf. secs */ 642 EXPECT_EQ(poll(&fd, 1, -1), 1); 643 EXPECT_EQ(fd.revents & POLLIN, 1); 644 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 645 } 646 647 TEST_F(tls, poll_wait_split) 648 { 649 struct pollfd fd = { 0, 0, 0 }; 650 char send_mem[20] = {}; 651 char recv_mem[15]; 652 653 fd.fd = self->cfd; 654 fd.events = POLLIN; 655 /* Send 20 bytes */ 656 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 657 sizeof(send_mem)); 658 /* Poll with inf. timeout */ 659 EXPECT_EQ(poll(&fd, 1, -1), 1); 660 EXPECT_EQ(fd.revents & POLLIN, 1); 661 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 662 sizeof(recv_mem)); 663 664 /* Now the remaining 5 bytes of record data are in TLS ULP */ 665 fd.fd = self->cfd; 666 fd.events = POLLIN; 667 EXPECT_EQ(poll(&fd, 1, -1), 1); 668 EXPECT_EQ(fd.revents & POLLIN, 1); 669 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 670 sizeof(send_mem) - sizeof(recv_mem)); 671 } 672 673 TEST_F(tls, blocking) 674 { 675 size_t data = 100000; 676 int res = fork(); 677 678 EXPECT_NE(res, -1); 679 680 if (res) { 681 /* parent */ 682 size_t left = data; 683 char buf[16384]; 684 int status; 685 int pid2; 686 687 while (left) { 688 int res = send(self->fd, buf, 689 left > 16384 ? 16384 : left, 0); 690 691 EXPECT_GE(res, 0); 692 left -= res; 693 } 694 695 pid2 = wait(&status); 696 EXPECT_EQ(status, 0); 697 EXPECT_EQ(res, pid2); 698 } else { 699 /* child */ 700 size_t left = data; 701 char buf[16384]; 702 703 while (left) { 704 int res = recv(self->cfd, buf, 705 left > 16384 ? 16384 : left, 0); 706 707 EXPECT_GE(res, 0); 708 left -= res; 709 } 710 } 711 } 712 713 TEST_F(tls, nonblocking) 714 { 715 size_t data = 100000; 716 int sendbuf = 100; 717 int flags; 718 int res; 719 720 flags = fcntl(self->fd, F_GETFL, 0); 721 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 722 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 723 724 /* Ensure nonblocking behavior by imposing a small send 725 * buffer. 726 */ 727 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 728 &sendbuf, sizeof(sendbuf)), 0); 729 730 res = fork(); 731 EXPECT_NE(res, -1); 732 733 if (res) { 734 /* parent */ 735 bool eagain = false; 736 size_t left = data; 737 char buf[16384]; 738 int status; 739 int pid2; 740 741 while (left) { 742 int res = send(self->fd, buf, 743 left > 16384 ? 16384 : left, 0); 744 745 if (res == -1 && errno == EAGAIN) { 746 eagain = true; 747 usleep(10000); 748 continue; 749 } 750 EXPECT_GE(res, 0); 751 left -= res; 752 } 753 754 EXPECT_TRUE(eagain); 755 pid2 = wait(&status); 756 757 EXPECT_EQ(status, 0); 758 EXPECT_EQ(res, pid2); 759 } else { 760 /* child */ 761 bool eagain = false; 762 size_t left = data; 763 char buf[16384]; 764 765 while (left) { 766 int res = recv(self->cfd, buf, 767 left > 16384 ? 16384 : left, 0); 768 769 if (res == -1 && errno == EAGAIN) { 770 eagain = true; 771 usleep(10000); 772 continue; 773 } 774 EXPECT_GE(res, 0); 775 left -= res; 776 } 777 EXPECT_TRUE(eagain); 778 } 779 } 780 781 TEST_F(tls, control_msg) 782 { 783 if (self->notls) 784 return; 785 786 char cbuf[CMSG_SPACE(sizeof(char))]; 787 char const *test_str = "test_read"; 788 int cmsg_len = sizeof(char); 789 char record_type = 100; 790 struct cmsghdr *cmsg; 791 struct msghdr msg; 792 int send_len = 10; 793 struct iovec vec; 794 char buf[10]; 795 796 vec.iov_base = (char *)test_str; 797 vec.iov_len = 10; 798 memset(&msg, 0, sizeof(struct msghdr)); 799 msg.msg_iov = &vec; 800 msg.msg_iovlen = 1; 801 msg.msg_control = cbuf; 802 msg.msg_controllen = sizeof(cbuf); 803 cmsg = CMSG_FIRSTHDR(&msg); 804 cmsg->cmsg_level = SOL_TLS; 805 /* test sending non-record types. */ 806 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 807 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 808 *CMSG_DATA(cmsg) = record_type; 809 msg.msg_controllen = cmsg->cmsg_len; 810 811 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 812 /* Should fail because we didn't provide a control message */ 813 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 814 815 vec.iov_base = buf; 816 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 817 818 cmsg = CMSG_FIRSTHDR(&msg); 819 EXPECT_NE(cmsg, NULL); 820 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 821 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 822 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 823 EXPECT_EQ(record_type, 100); 824 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 825 826 /* Recv the message again without MSG_PEEK */ 827 record_type = 0; 828 memset(buf, 0, sizeof(buf)); 829 830 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 831 cmsg = CMSG_FIRSTHDR(&msg); 832 EXPECT_NE(cmsg, NULL); 833 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 834 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 835 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 836 EXPECT_EQ(record_type, 100); 837 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 838 } 839 840 TEST(keysizes) { 841 struct tls12_crypto_info_aes_gcm_256 tls12; 842 struct sockaddr_in addr; 843 int sfd, ret, fd, cfd; 844 socklen_t len; 845 bool notls; 846 847 notls = false; 848 len = sizeof(addr); 849 850 memset(&tls12, 0, sizeof(tls12)); 851 tls12.info.version = TLS_1_2_VERSION; 852 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 853 854 addr.sin_family = AF_INET; 855 addr.sin_addr.s_addr = htonl(INADDR_ANY); 856 addr.sin_port = 0; 857 858 fd = socket(AF_INET, SOCK_STREAM, 0); 859 sfd = socket(AF_INET, SOCK_STREAM, 0); 860 861 ret = bind(sfd, &addr, sizeof(addr)); 862 ASSERT_EQ(ret, 0); 863 ret = listen(sfd, 10); 864 ASSERT_EQ(ret, 0); 865 866 ret = getsockname(sfd, &addr, &len); 867 ASSERT_EQ(ret, 0); 868 869 ret = connect(fd, &addr, sizeof(addr)); 870 ASSERT_EQ(ret, 0); 871 872 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 873 if (ret != 0) { 874 notls = true; 875 printf("Failure setting TCP_ULP, testing without tls\n"); 876 } 877 878 if (!notls) { 879 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 880 sizeof(tls12)); 881 EXPECT_EQ(ret, 0); 882 } 883 884 cfd = accept(sfd, &addr, &len); 885 ASSERT_GE(cfd, 0); 886 887 if (!notls) { 888 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 889 sizeof("tls")); 890 EXPECT_EQ(ret, 0); 891 892 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 893 sizeof(tls12)); 894 EXPECT_EQ(ret, 0); 895 } 896 897 close(sfd); 898 close(fd); 899 close(cfd); 900 } 901 902 TEST(tls12) { 903 int fd, cfd; 904 bool notls; 905 906 struct tls12_crypto_info_aes_gcm_128 tls12; 907 struct sockaddr_in addr; 908 socklen_t len; 909 int sfd, ret; 910 911 notls = false; 912 len = sizeof(addr); 913 914 memset(&tls12, 0, sizeof(tls12)); 915 tls12.info.version = TLS_1_2_VERSION; 916 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 917 918 addr.sin_family = AF_INET; 919 addr.sin_addr.s_addr = htonl(INADDR_ANY); 920 addr.sin_port = 0; 921 922 fd = socket(AF_INET, SOCK_STREAM, 0); 923 sfd = socket(AF_INET, SOCK_STREAM, 0); 924 925 ret = bind(sfd, &addr, sizeof(addr)); 926 ASSERT_EQ(ret, 0); 927 ret = listen(sfd, 10); 928 ASSERT_EQ(ret, 0); 929 930 ret = getsockname(sfd, &addr, &len); 931 ASSERT_EQ(ret, 0); 932 933 ret = connect(fd, &addr, sizeof(addr)); 934 ASSERT_EQ(ret, 0); 935 936 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 937 if (ret != 0) { 938 notls = true; 939 printf("Failure setting TCP_ULP, testing without tls\n"); 940 } 941 942 if (!notls) { 943 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 944 sizeof(tls12)); 945 ASSERT_EQ(ret, 0); 946 } 947 948 cfd = accept(sfd, &addr, &len); 949 ASSERT_GE(cfd, 0); 950 951 if (!notls) { 952 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 953 sizeof("tls")); 954 ASSERT_EQ(ret, 0); 955 956 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 957 sizeof(tls12)); 958 ASSERT_EQ(ret, 0); 959 } 960 961 close(sfd); 962 963 char const *test_str = "test_read"; 964 int send_len = 10; 965 char buf[10]; 966 967 send_len = strlen(test_str) + 1; 968 EXPECT_EQ(send(fd, test_str, send_len, 0), send_len); 969 EXPECT_NE(recv(cfd, buf, send_len, 0), -1); 970 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 971 972 close(fd); 973 close(cfd); 974 } 975 976 TEST_HARNESS_MAIN 977