1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 struct tls_crypto_info_keys { 29 union { 30 struct tls12_crypto_info_aes_gcm_128 aes128; 31 struct tls12_crypto_info_chacha20_poly1305 chacha20; 32 }; 33 size_t len; 34 }; 35 36 static void tls_crypto_info_init(uint16_t tls_version, uint16_t cipher_type, 37 struct tls_crypto_info_keys *tls12) 38 { 39 memset(tls12, 0, sizeof(*tls12)); 40 41 switch (cipher_type) { 42 case TLS_CIPHER_CHACHA20_POLY1305: 43 tls12->len = sizeof(struct tls12_crypto_info_chacha20_poly1305); 44 tls12->chacha20.info.version = tls_version; 45 tls12->chacha20.info.cipher_type = cipher_type; 46 break; 47 case TLS_CIPHER_AES_GCM_128: 48 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_128); 49 tls12->aes128.info.version = tls_version; 50 tls12->aes128.info.cipher_type = cipher_type; 51 break; 52 default: 53 break; 54 } 55 } 56 57 static void memrnd(void *s, size_t n) 58 { 59 int *dword = s; 60 char *byte; 61 62 for (; n >= 4; n -= 4) 63 *dword++ = rand(); 64 byte = (void *)dword; 65 while (n--) 66 *byte++ = rand(); 67 } 68 69 FIXTURE(tls_basic) 70 { 71 int fd, cfd; 72 bool notls; 73 }; 74 75 FIXTURE_SETUP(tls_basic) 76 { 77 struct sockaddr_in addr; 78 socklen_t len; 79 int sfd, ret; 80 81 self->notls = false; 82 len = sizeof(addr); 83 84 addr.sin_family = AF_INET; 85 addr.sin_addr.s_addr = htonl(INADDR_ANY); 86 addr.sin_port = 0; 87 88 self->fd = socket(AF_INET, SOCK_STREAM, 0); 89 sfd = socket(AF_INET, SOCK_STREAM, 0); 90 91 ret = bind(sfd, &addr, sizeof(addr)); 92 ASSERT_EQ(ret, 0); 93 ret = listen(sfd, 10); 94 ASSERT_EQ(ret, 0); 95 96 ret = getsockname(sfd, &addr, &len); 97 ASSERT_EQ(ret, 0); 98 99 ret = connect(self->fd, &addr, sizeof(addr)); 100 ASSERT_EQ(ret, 0); 101 102 self->cfd = accept(sfd, &addr, &len); 103 ASSERT_GE(self->cfd, 0); 104 105 close(sfd); 106 107 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 108 if (ret != 0) { 109 ASSERT_EQ(errno, ENOENT); 110 self->notls = true; 111 printf("Failure setting TCP_ULP, testing without tls\n"); 112 return; 113 } 114 115 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 116 ASSERT_EQ(ret, 0); 117 } 118 119 FIXTURE_TEARDOWN(tls_basic) 120 { 121 close(self->fd); 122 close(self->cfd); 123 } 124 125 /* Send some data through with ULP but no keys */ 126 TEST_F(tls_basic, base_base) 127 { 128 char const *test_str = "test_read"; 129 int send_len = 10; 130 char buf[10]; 131 132 ASSERT_EQ(strlen(test_str) + 1, send_len); 133 134 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 135 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 136 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 137 }; 138 139 FIXTURE(tls) 140 { 141 int fd, cfd; 142 bool notls; 143 }; 144 145 FIXTURE_VARIANT(tls) 146 { 147 uint16_t tls_version; 148 uint16_t cipher_type; 149 }; 150 151 FIXTURE_VARIANT_ADD(tls, 12_gcm) 152 { 153 .tls_version = TLS_1_2_VERSION, 154 .cipher_type = TLS_CIPHER_AES_GCM_128, 155 }; 156 157 FIXTURE_VARIANT_ADD(tls, 13_gcm) 158 { 159 .tls_version = TLS_1_3_VERSION, 160 .cipher_type = TLS_CIPHER_AES_GCM_128, 161 }; 162 163 FIXTURE_VARIANT_ADD(tls, 12_chacha) 164 { 165 .tls_version = TLS_1_2_VERSION, 166 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 167 }; 168 169 FIXTURE_VARIANT_ADD(tls, 13_chacha) 170 { 171 .tls_version = TLS_1_3_VERSION, 172 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 173 }; 174 175 FIXTURE_SETUP(tls) 176 { 177 struct tls_crypto_info_keys tls12; 178 struct sockaddr_in addr; 179 socklen_t len; 180 int sfd, ret; 181 182 self->notls = false; 183 len = sizeof(addr); 184 185 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 186 &tls12); 187 188 addr.sin_family = AF_INET; 189 addr.sin_addr.s_addr = htonl(INADDR_ANY); 190 addr.sin_port = 0; 191 192 self->fd = socket(AF_INET, SOCK_STREAM, 0); 193 sfd = socket(AF_INET, SOCK_STREAM, 0); 194 195 ret = bind(sfd, &addr, sizeof(addr)); 196 ASSERT_EQ(ret, 0); 197 ret = listen(sfd, 10); 198 ASSERT_EQ(ret, 0); 199 200 ret = getsockname(sfd, &addr, &len); 201 ASSERT_EQ(ret, 0); 202 203 ret = connect(self->fd, &addr, sizeof(addr)); 204 ASSERT_EQ(ret, 0); 205 206 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 207 if (ret != 0) { 208 self->notls = true; 209 printf("Failure setting TCP_ULP, testing without tls\n"); 210 } 211 212 if (!self->notls) { 213 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 214 tls12.len); 215 ASSERT_EQ(ret, 0); 216 } 217 218 self->cfd = accept(sfd, &addr, &len); 219 ASSERT_GE(self->cfd, 0); 220 221 if (!self->notls) { 222 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 223 sizeof("tls")); 224 ASSERT_EQ(ret, 0); 225 226 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 227 tls12.len); 228 ASSERT_EQ(ret, 0); 229 } 230 231 close(sfd); 232 } 233 234 FIXTURE_TEARDOWN(tls) 235 { 236 close(self->fd); 237 close(self->cfd); 238 } 239 240 TEST_F(tls, sendfile) 241 { 242 int filefd = open("/proc/self/exe", O_RDONLY); 243 struct stat st; 244 245 EXPECT_GE(filefd, 0); 246 fstat(filefd, &st); 247 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 248 } 249 250 TEST_F(tls, send_then_sendfile) 251 { 252 int filefd = open("/proc/self/exe", O_RDONLY); 253 char const *test_str = "test_send"; 254 int to_send = strlen(test_str) + 1; 255 char recv_buf[10]; 256 struct stat st; 257 char *buf; 258 259 EXPECT_GE(filefd, 0); 260 fstat(filefd, &st); 261 buf = (char *)malloc(st.st_size); 262 263 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 264 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 265 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 266 267 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 268 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 269 } 270 271 static void chunked_sendfile(struct __test_metadata *_metadata, 272 struct _test_data_tls *self, 273 uint16_t chunk_size, 274 uint16_t extra_payload_size) 275 { 276 char buf[TLS_PAYLOAD_MAX_LEN]; 277 uint16_t test_payload_size; 278 int size = 0; 279 int ret; 280 char filename[] = "/tmp/mytemp.XXXXXX"; 281 int fd = mkstemp(filename); 282 off_t offset = 0; 283 284 unlink(filename); 285 ASSERT_GE(fd, 0); 286 EXPECT_GE(chunk_size, 1); 287 test_payload_size = chunk_size + extra_payload_size; 288 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 289 memset(buf, 1, test_payload_size); 290 size = write(fd, buf, test_payload_size); 291 EXPECT_EQ(size, test_payload_size); 292 fsync(fd); 293 294 while (size > 0) { 295 ret = sendfile(self->fd, fd, &offset, chunk_size); 296 EXPECT_GE(ret, 0); 297 size -= ret; 298 } 299 300 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 301 test_payload_size); 302 303 close(fd); 304 } 305 306 TEST_F(tls, multi_chunk_sendfile) 307 { 308 chunked_sendfile(_metadata, self, 4096, 4096); 309 chunked_sendfile(_metadata, self, 4096, 0); 310 chunked_sendfile(_metadata, self, 4096, 1); 311 chunked_sendfile(_metadata, self, 4096, 2048); 312 chunked_sendfile(_metadata, self, 8192, 2048); 313 chunked_sendfile(_metadata, self, 4096, 8192); 314 chunked_sendfile(_metadata, self, 8192, 4096); 315 chunked_sendfile(_metadata, self, 12288, 1024); 316 chunked_sendfile(_metadata, self, 12288, 2000); 317 chunked_sendfile(_metadata, self, 15360, 100); 318 chunked_sendfile(_metadata, self, 15360, 300); 319 chunked_sendfile(_metadata, self, 1, 4096); 320 chunked_sendfile(_metadata, self, 2048, 4096); 321 chunked_sendfile(_metadata, self, 2048, 8192); 322 chunked_sendfile(_metadata, self, 4096, 8192); 323 chunked_sendfile(_metadata, self, 1024, 12288); 324 chunked_sendfile(_metadata, self, 2000, 12288); 325 chunked_sendfile(_metadata, self, 100, 15360); 326 chunked_sendfile(_metadata, self, 300, 15360); 327 } 328 329 TEST_F(tls, recv_max) 330 { 331 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 332 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 333 char buf[TLS_PAYLOAD_MAX_LEN]; 334 335 memrnd(buf, sizeof(buf)); 336 337 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 338 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 339 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 340 } 341 342 TEST_F(tls, recv_small) 343 { 344 char const *test_str = "test_read"; 345 int send_len = 10; 346 char buf[10]; 347 348 send_len = strlen(test_str) + 1; 349 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 350 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 351 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 352 } 353 354 TEST_F(tls, msg_more) 355 { 356 char const *test_str = "test_read"; 357 int send_len = 10; 358 char buf[10 * 2]; 359 360 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 361 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 362 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 363 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 364 send_len * 2); 365 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 366 } 367 368 TEST_F(tls, msg_more_unsent) 369 { 370 char const *test_str = "test_read"; 371 int send_len = 10; 372 char buf[10]; 373 374 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 375 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 376 } 377 378 TEST_F(tls, sendmsg_single) 379 { 380 struct msghdr msg; 381 382 char const *test_str = "test_sendmsg"; 383 size_t send_len = 13; 384 struct iovec vec; 385 char buf[13]; 386 387 vec.iov_base = (char *)test_str; 388 vec.iov_len = send_len; 389 memset(&msg, 0, sizeof(struct msghdr)); 390 msg.msg_iov = &vec; 391 msg.msg_iovlen = 1; 392 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 393 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 394 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 395 } 396 397 #define MAX_FRAGS 64 398 #define SEND_LEN 13 399 TEST_F(tls, sendmsg_fragmented) 400 { 401 char const *test_str = "test_sendmsg"; 402 char buf[SEND_LEN * MAX_FRAGS]; 403 struct iovec vec[MAX_FRAGS]; 404 struct msghdr msg; 405 int i, frags; 406 407 for (frags = 1; frags <= MAX_FRAGS; frags++) { 408 for (i = 0; i < frags; i++) { 409 vec[i].iov_base = (char *)test_str; 410 vec[i].iov_len = SEND_LEN; 411 } 412 413 memset(&msg, 0, sizeof(struct msghdr)); 414 msg.msg_iov = vec; 415 msg.msg_iovlen = frags; 416 417 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 418 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 419 SEND_LEN * frags); 420 421 for (i = 0; i < frags; i++) 422 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 423 test_str, SEND_LEN), 0); 424 } 425 } 426 #undef MAX_FRAGS 427 #undef SEND_LEN 428 429 TEST_F(tls, sendmsg_large) 430 { 431 void *mem = malloc(16384); 432 size_t send_len = 16384; 433 size_t sends = 128; 434 struct msghdr msg; 435 size_t recvs = 0; 436 size_t sent = 0; 437 438 memset(&msg, 0, sizeof(struct msghdr)); 439 while (sent++ < sends) { 440 struct iovec vec = { (void *)mem, send_len }; 441 442 msg.msg_iov = &vec; 443 msg.msg_iovlen = 1; 444 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 445 } 446 447 while (recvs++ < sends) 448 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 449 450 free(mem); 451 } 452 453 TEST_F(tls, sendmsg_multiple) 454 { 455 char const *test_str = "test_sendmsg_multiple"; 456 struct iovec vec[5]; 457 char *test_strs[5]; 458 struct msghdr msg; 459 int total_len = 0; 460 int len_cmp = 0; 461 int iov_len = 5; 462 char *buf; 463 int i; 464 465 memset(&msg, 0, sizeof(struct msghdr)); 466 for (i = 0; i < iov_len; i++) { 467 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 468 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 469 vec[i].iov_base = (void *)test_strs[i]; 470 vec[i].iov_len = strlen(test_strs[i]) + 1; 471 total_len += vec[i].iov_len; 472 } 473 msg.msg_iov = vec; 474 msg.msg_iovlen = iov_len; 475 476 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 477 buf = malloc(total_len); 478 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 479 for (i = 0; i < iov_len; i++) { 480 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 481 strlen(test_strs[i])), 482 0); 483 len_cmp += strlen(buf + len_cmp) + 1; 484 } 485 for (i = 0; i < iov_len; i++) 486 free(test_strs[i]); 487 free(buf); 488 } 489 490 TEST_F(tls, sendmsg_multiple_stress) 491 { 492 char const *test_str = "abcdefghijklmno"; 493 struct iovec vec[1024]; 494 char *test_strs[1024]; 495 int iov_len = 1024; 496 int total_len = 0; 497 char buf[1 << 14]; 498 struct msghdr msg; 499 int len_cmp = 0; 500 int i; 501 502 memset(&msg, 0, sizeof(struct msghdr)); 503 for (i = 0; i < iov_len; i++) { 504 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 505 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 506 vec[i].iov_base = (void *)test_strs[i]; 507 vec[i].iov_len = strlen(test_strs[i]) + 1; 508 total_len += vec[i].iov_len; 509 } 510 msg.msg_iov = vec; 511 msg.msg_iovlen = iov_len; 512 513 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 514 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 515 516 for (i = 0; i < iov_len; i++) 517 len_cmp += strlen(buf + len_cmp) + 1; 518 519 for (i = 0; i < iov_len; i++) 520 free(test_strs[i]); 521 } 522 523 TEST_F(tls, splice_from_pipe) 524 { 525 int send_len = TLS_PAYLOAD_MAX_LEN; 526 char mem_send[TLS_PAYLOAD_MAX_LEN]; 527 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 528 int p[2]; 529 530 ASSERT_GE(pipe(p), 0); 531 EXPECT_GE(write(p[1], mem_send, send_len), 0); 532 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 533 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 534 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 535 } 536 537 TEST_F(tls, splice_from_pipe2) 538 { 539 int send_len = 16000; 540 char mem_send[16000]; 541 char mem_recv[16000]; 542 int p2[2]; 543 int p[2]; 544 545 ASSERT_GE(pipe(p), 0); 546 ASSERT_GE(pipe(p2), 0); 547 EXPECT_GE(write(p[1], mem_send, 8000), 0); 548 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 549 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 550 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 551 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 552 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 553 } 554 555 TEST_F(tls, send_and_splice) 556 { 557 int send_len = TLS_PAYLOAD_MAX_LEN; 558 char mem_send[TLS_PAYLOAD_MAX_LEN]; 559 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 560 char const *test_str = "test_read"; 561 int send_len2 = 10; 562 char buf[10]; 563 int p[2]; 564 565 ASSERT_GE(pipe(p), 0); 566 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 567 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 568 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 569 570 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 571 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 572 573 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 574 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 575 } 576 577 TEST_F(tls, splice_to_pipe) 578 { 579 int send_len = TLS_PAYLOAD_MAX_LEN; 580 char mem_send[TLS_PAYLOAD_MAX_LEN]; 581 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 582 int p[2]; 583 584 ASSERT_GE(pipe(p), 0); 585 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 586 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 587 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 588 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 589 } 590 591 TEST_F(tls, recvmsg_single) 592 { 593 char const *test_str = "test_recvmsg_single"; 594 int send_len = strlen(test_str) + 1; 595 char buf[20]; 596 struct msghdr hdr; 597 struct iovec vec; 598 599 memset(&hdr, 0, sizeof(hdr)); 600 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 601 vec.iov_base = (char *)buf; 602 vec.iov_len = send_len; 603 hdr.msg_iovlen = 1; 604 hdr.msg_iov = &vec; 605 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 606 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 607 } 608 609 TEST_F(tls, recvmsg_single_max) 610 { 611 int send_len = TLS_PAYLOAD_MAX_LEN; 612 char send_mem[TLS_PAYLOAD_MAX_LEN]; 613 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 614 struct iovec vec; 615 struct msghdr hdr; 616 617 memrnd(send_mem, sizeof(send_mem)); 618 619 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 620 vec.iov_base = (char *)recv_mem; 621 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 622 623 hdr.msg_iovlen = 1; 624 hdr.msg_iov = &vec; 625 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 626 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 627 } 628 629 TEST_F(tls, recvmsg_multiple) 630 { 631 unsigned int msg_iovlen = 1024; 632 unsigned int len_compared = 0; 633 struct iovec vec[1024]; 634 char *iov_base[1024]; 635 unsigned int iov_len = 16; 636 int send_len = 1 << 14; 637 char buf[1 << 14]; 638 struct msghdr hdr; 639 int i; 640 641 memrnd(buf, sizeof(buf)); 642 643 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 644 for (i = 0; i < msg_iovlen; i++) { 645 iov_base[i] = (char *)malloc(iov_len); 646 vec[i].iov_base = iov_base[i]; 647 vec[i].iov_len = iov_len; 648 } 649 650 hdr.msg_iovlen = msg_iovlen; 651 hdr.msg_iov = vec; 652 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 653 for (i = 0; i < msg_iovlen; i++) 654 len_compared += iov_len; 655 656 for (i = 0; i < msg_iovlen; i++) 657 free(iov_base[i]); 658 } 659 660 TEST_F(tls, single_send_multiple_recv) 661 { 662 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 663 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 664 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 665 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 666 667 memrnd(send_mem, sizeof(send_mem)); 668 669 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 670 memset(recv_mem, 0, total_len); 671 672 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 673 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 674 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 675 } 676 677 TEST_F(tls, multiple_send_single_recv) 678 { 679 unsigned int total_len = 2 * 10; 680 unsigned int send_len = 10; 681 char recv_mem[2 * 10]; 682 char send_mem[10]; 683 684 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 685 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 686 memset(recv_mem, 0, total_len); 687 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 688 689 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 690 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 691 } 692 693 TEST_F(tls, single_send_multiple_recv_non_align) 694 { 695 const unsigned int total_len = 15; 696 const unsigned int recv_len = 10; 697 char recv_mem[recv_len * 2]; 698 char send_mem[total_len]; 699 700 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 701 memset(recv_mem, 0, total_len); 702 703 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 704 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 705 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 706 } 707 708 TEST_F(tls, recv_partial) 709 { 710 char const *test_str = "test_read_partial"; 711 char const *test_str_first = "test_read"; 712 char const *test_str_second = "_partial"; 713 int send_len = strlen(test_str) + 1; 714 char recv_mem[18]; 715 716 memset(recv_mem, 0, sizeof(recv_mem)); 717 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 718 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 719 MSG_WAITALL), -1); 720 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 721 memset(recv_mem, 0, sizeof(recv_mem)); 722 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 723 MSG_WAITALL), -1); 724 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 725 0); 726 } 727 728 TEST_F(tls, recv_nonblock) 729 { 730 char buf[4096]; 731 bool err; 732 733 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 734 err = (errno == EAGAIN || errno == EWOULDBLOCK); 735 EXPECT_EQ(err, true); 736 } 737 738 TEST_F(tls, recv_peek) 739 { 740 char const *test_str = "test_read_peek"; 741 int send_len = strlen(test_str) + 1; 742 char buf[15]; 743 744 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 745 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 746 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 747 memset(buf, 0, sizeof(buf)); 748 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 749 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 750 } 751 752 TEST_F(tls, recv_peek_multiple) 753 { 754 char const *test_str = "test_read_peek"; 755 int send_len = strlen(test_str) + 1; 756 unsigned int num_peeks = 100; 757 char buf[15]; 758 int i; 759 760 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 761 for (i = 0; i < num_peeks; i++) { 762 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 763 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 764 memset(buf, 0, sizeof(buf)); 765 } 766 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 767 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 768 } 769 770 TEST_F(tls, recv_peek_multiple_records) 771 { 772 char const *test_str = "test_read_peek_mult_recs"; 773 char const *test_str_first = "test_read_peek"; 774 char const *test_str_second = "_mult_recs"; 775 int len; 776 char buf[64]; 777 778 len = strlen(test_str_first); 779 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 780 781 len = strlen(test_str_second) + 1; 782 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 783 784 len = strlen(test_str_first); 785 memset(buf, 0, len); 786 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 787 788 /* MSG_PEEK can only peek into the current record. */ 789 len = strlen(test_str_first); 790 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 791 792 len = strlen(test_str) + 1; 793 memset(buf, 0, len); 794 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 795 796 /* Non-MSG_PEEK will advance strparser (and therefore record) 797 * however. 798 */ 799 len = strlen(test_str) + 1; 800 EXPECT_EQ(memcmp(test_str, buf, len), 0); 801 802 /* MSG_MORE will hold current record open, so later MSG_PEEK 803 * will see everything. 804 */ 805 len = strlen(test_str_first); 806 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 807 808 len = strlen(test_str_second) + 1; 809 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 810 811 len = strlen(test_str) + 1; 812 memset(buf, 0, len); 813 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 814 815 len = strlen(test_str) + 1; 816 EXPECT_EQ(memcmp(test_str, buf, len), 0); 817 } 818 819 TEST_F(tls, recv_peek_large_buf_mult_recs) 820 { 821 char const *test_str = "test_read_peek_mult_recs"; 822 char const *test_str_first = "test_read_peek"; 823 char const *test_str_second = "_mult_recs"; 824 int len; 825 char buf[64]; 826 827 len = strlen(test_str_first); 828 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 829 830 len = strlen(test_str_second) + 1; 831 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 832 833 len = strlen(test_str) + 1; 834 memset(buf, 0, len); 835 EXPECT_NE((len = recv(self->cfd, buf, len, 836 MSG_PEEK | MSG_WAITALL)), -1); 837 len = strlen(test_str) + 1; 838 EXPECT_EQ(memcmp(test_str, buf, len), 0); 839 } 840 841 TEST_F(tls, recv_lowat) 842 { 843 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 844 char recv_mem[20]; 845 int lowat = 8; 846 847 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 848 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 849 850 memset(recv_mem, 0, 20); 851 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 852 &lowat, sizeof(lowat)), 0); 853 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 854 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 855 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 856 857 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 858 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 859 } 860 861 TEST_F(tls, bidir) 862 { 863 char const *test_str = "test_read"; 864 int send_len = 10; 865 char buf[10]; 866 int ret; 867 868 if (!self->notls) { 869 struct tls_crypto_info_keys tls12; 870 871 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 872 &tls12); 873 874 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 875 tls12.len); 876 ASSERT_EQ(ret, 0); 877 878 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 879 tls12.len); 880 ASSERT_EQ(ret, 0); 881 } 882 883 ASSERT_EQ(strlen(test_str) + 1, send_len); 884 885 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 886 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 887 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 888 889 memset(buf, 0, sizeof(buf)); 890 891 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 892 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 893 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 894 }; 895 896 TEST_F(tls, pollin) 897 { 898 char const *test_str = "test_poll"; 899 struct pollfd fd = { 0, 0, 0 }; 900 char buf[10]; 901 int send_len = 10; 902 903 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 904 fd.fd = self->cfd; 905 fd.events = POLLIN; 906 907 EXPECT_EQ(poll(&fd, 1, 20), 1); 908 EXPECT_EQ(fd.revents & POLLIN, 1); 909 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 910 /* Test timing out */ 911 EXPECT_EQ(poll(&fd, 1, 20), 0); 912 } 913 914 TEST_F(tls, poll_wait) 915 { 916 char const *test_str = "test_poll_wait"; 917 int send_len = strlen(test_str) + 1; 918 struct pollfd fd = { 0, 0, 0 }; 919 char recv_mem[15]; 920 921 fd.fd = self->cfd; 922 fd.events = POLLIN; 923 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 924 /* Set timeout to inf. secs */ 925 EXPECT_EQ(poll(&fd, 1, -1), 1); 926 EXPECT_EQ(fd.revents & POLLIN, 1); 927 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 928 } 929 930 TEST_F(tls, poll_wait_split) 931 { 932 struct pollfd fd = { 0, 0, 0 }; 933 char send_mem[20] = {}; 934 char recv_mem[15]; 935 936 fd.fd = self->cfd; 937 fd.events = POLLIN; 938 /* Send 20 bytes */ 939 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 940 sizeof(send_mem)); 941 /* Poll with inf. timeout */ 942 EXPECT_EQ(poll(&fd, 1, -1), 1); 943 EXPECT_EQ(fd.revents & POLLIN, 1); 944 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 945 sizeof(recv_mem)); 946 947 /* Now the remaining 5 bytes of record data are in TLS ULP */ 948 fd.fd = self->cfd; 949 fd.events = POLLIN; 950 EXPECT_EQ(poll(&fd, 1, -1), 1); 951 EXPECT_EQ(fd.revents & POLLIN, 1); 952 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 953 sizeof(send_mem) - sizeof(recv_mem)); 954 } 955 956 TEST_F(tls, blocking) 957 { 958 size_t data = 100000; 959 int res = fork(); 960 961 EXPECT_NE(res, -1); 962 963 if (res) { 964 /* parent */ 965 size_t left = data; 966 char buf[16384]; 967 int status; 968 int pid2; 969 970 while (left) { 971 int res = send(self->fd, buf, 972 left > 16384 ? 16384 : left, 0); 973 974 EXPECT_GE(res, 0); 975 left -= res; 976 } 977 978 pid2 = wait(&status); 979 EXPECT_EQ(status, 0); 980 EXPECT_EQ(res, pid2); 981 } else { 982 /* child */ 983 size_t left = data; 984 char buf[16384]; 985 986 while (left) { 987 int res = recv(self->cfd, buf, 988 left > 16384 ? 16384 : left, 0); 989 990 EXPECT_GE(res, 0); 991 left -= res; 992 } 993 } 994 } 995 996 TEST_F(tls, nonblocking) 997 { 998 size_t data = 100000; 999 int sendbuf = 100; 1000 int flags; 1001 int res; 1002 1003 flags = fcntl(self->fd, F_GETFL, 0); 1004 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 1005 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 1006 1007 /* Ensure nonblocking behavior by imposing a small send 1008 * buffer. 1009 */ 1010 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 1011 &sendbuf, sizeof(sendbuf)), 0); 1012 1013 res = fork(); 1014 EXPECT_NE(res, -1); 1015 1016 if (res) { 1017 /* parent */ 1018 bool eagain = false; 1019 size_t left = data; 1020 char buf[16384]; 1021 int status; 1022 int pid2; 1023 1024 while (left) { 1025 int res = send(self->fd, buf, 1026 left > 16384 ? 16384 : left, 0); 1027 1028 if (res == -1 && errno == EAGAIN) { 1029 eagain = true; 1030 usleep(10000); 1031 continue; 1032 } 1033 EXPECT_GE(res, 0); 1034 left -= res; 1035 } 1036 1037 EXPECT_TRUE(eagain); 1038 pid2 = wait(&status); 1039 1040 EXPECT_EQ(status, 0); 1041 EXPECT_EQ(res, pid2); 1042 } else { 1043 /* child */ 1044 bool eagain = false; 1045 size_t left = data; 1046 char buf[16384]; 1047 1048 while (left) { 1049 int res = recv(self->cfd, buf, 1050 left > 16384 ? 16384 : left, 0); 1051 1052 if (res == -1 && errno == EAGAIN) { 1053 eagain = true; 1054 usleep(10000); 1055 continue; 1056 } 1057 EXPECT_GE(res, 0); 1058 left -= res; 1059 } 1060 EXPECT_TRUE(eagain); 1061 } 1062 } 1063 1064 static void 1065 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1066 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1067 { 1068 const unsigned int n_children = n_readers + n_writers; 1069 const size_t data = 6 * 1000 * 1000; 1070 const size_t file_sz = data / 100; 1071 size_t read_bias, write_bias; 1072 int i, fd, child_id; 1073 char buf[file_sz]; 1074 pid_t pid; 1075 1076 /* Only allow multiples for simplicity */ 1077 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1078 read_bias = n_writers / n_readers ?: 1; 1079 write_bias = n_readers / n_writers ?: 1; 1080 1081 /* prep a file to send */ 1082 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1083 ASSERT_GE(fd, 0); 1084 1085 memset(buf, 0xac, file_sz); 1086 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1087 1088 /* spawn children */ 1089 for (child_id = 0; child_id < n_children; child_id++) { 1090 pid = fork(); 1091 ASSERT_NE(pid, -1); 1092 if (!pid) 1093 break; 1094 } 1095 1096 /* parent waits for all children */ 1097 if (pid) { 1098 for (i = 0; i < n_children; i++) { 1099 int status; 1100 1101 wait(&status); 1102 EXPECT_EQ(status, 0); 1103 } 1104 1105 return; 1106 } 1107 1108 /* Split threads for reading and writing */ 1109 if (child_id < n_readers) { 1110 size_t left = data * read_bias; 1111 char rb[8001]; 1112 1113 while (left) { 1114 int res; 1115 1116 res = recv(self->cfd, rb, 1117 left > sizeof(rb) ? sizeof(rb) : left, 0); 1118 1119 EXPECT_GE(res, 0); 1120 left -= res; 1121 } 1122 } else { 1123 size_t left = data * write_bias; 1124 1125 while (left) { 1126 int res; 1127 1128 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1129 if (sendpg) 1130 res = sendfile(self->fd, fd, NULL, 1131 left > file_sz ? file_sz : left); 1132 else 1133 res = send(self->fd, buf, 1134 left > file_sz ? file_sz : left, 0); 1135 1136 EXPECT_GE(res, 0); 1137 left -= res; 1138 } 1139 } 1140 } 1141 1142 TEST_F(tls, mutliproc_even) 1143 { 1144 test_mutliproc(_metadata, self, false, 6, 6); 1145 } 1146 1147 TEST_F(tls, mutliproc_readers) 1148 { 1149 test_mutliproc(_metadata, self, false, 4, 12); 1150 } 1151 1152 TEST_F(tls, mutliproc_writers) 1153 { 1154 test_mutliproc(_metadata, self, false, 10, 2); 1155 } 1156 1157 TEST_F(tls, mutliproc_sendpage_even) 1158 { 1159 test_mutliproc(_metadata, self, true, 6, 6); 1160 } 1161 1162 TEST_F(tls, mutliproc_sendpage_readers) 1163 { 1164 test_mutliproc(_metadata, self, true, 4, 12); 1165 } 1166 1167 TEST_F(tls, mutliproc_sendpage_writers) 1168 { 1169 test_mutliproc(_metadata, self, true, 10, 2); 1170 } 1171 1172 TEST_F(tls, control_msg) 1173 { 1174 if (self->notls) 1175 return; 1176 1177 char cbuf[CMSG_SPACE(sizeof(char))]; 1178 char const *test_str = "test_read"; 1179 int cmsg_len = sizeof(char); 1180 char record_type = 100; 1181 struct cmsghdr *cmsg; 1182 struct msghdr msg; 1183 int send_len = 10; 1184 struct iovec vec; 1185 char buf[10]; 1186 1187 vec.iov_base = (char *)test_str; 1188 vec.iov_len = 10; 1189 memset(&msg, 0, sizeof(struct msghdr)); 1190 msg.msg_iov = &vec; 1191 msg.msg_iovlen = 1; 1192 msg.msg_control = cbuf; 1193 msg.msg_controllen = sizeof(cbuf); 1194 cmsg = CMSG_FIRSTHDR(&msg); 1195 cmsg->cmsg_level = SOL_TLS; 1196 /* test sending non-record types. */ 1197 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 1198 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 1199 *CMSG_DATA(cmsg) = record_type; 1200 msg.msg_controllen = cmsg->cmsg_len; 1201 1202 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 1203 /* Should fail because we didn't provide a control message */ 1204 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1205 1206 vec.iov_base = buf; 1207 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 1208 1209 cmsg = CMSG_FIRSTHDR(&msg); 1210 EXPECT_NE(cmsg, NULL); 1211 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1212 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1213 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1214 EXPECT_EQ(record_type, 100); 1215 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1216 1217 /* Recv the message again without MSG_PEEK */ 1218 record_type = 0; 1219 memset(buf, 0, sizeof(buf)); 1220 1221 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 1222 cmsg = CMSG_FIRSTHDR(&msg); 1223 EXPECT_NE(cmsg, NULL); 1224 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1225 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1226 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1227 EXPECT_EQ(record_type, 100); 1228 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1229 } 1230 1231 TEST_F(tls, shutdown) 1232 { 1233 char const *test_str = "test_read"; 1234 int send_len = 10; 1235 char buf[10]; 1236 1237 ASSERT_EQ(strlen(test_str) + 1, send_len); 1238 1239 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1240 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1241 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1242 1243 shutdown(self->fd, SHUT_RDWR); 1244 shutdown(self->cfd, SHUT_RDWR); 1245 } 1246 1247 TEST_F(tls, shutdown_unsent) 1248 { 1249 char const *test_str = "test_read"; 1250 int send_len = 10; 1251 1252 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1253 1254 shutdown(self->fd, SHUT_RDWR); 1255 shutdown(self->cfd, SHUT_RDWR); 1256 } 1257 1258 TEST_F(tls, shutdown_reuse) 1259 { 1260 struct sockaddr_in addr; 1261 int ret; 1262 1263 shutdown(self->fd, SHUT_RDWR); 1264 shutdown(self->cfd, SHUT_RDWR); 1265 close(self->cfd); 1266 1267 addr.sin_family = AF_INET; 1268 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1269 addr.sin_port = 0; 1270 1271 ret = bind(self->fd, &addr, sizeof(addr)); 1272 EXPECT_EQ(ret, 0); 1273 ret = listen(self->fd, 10); 1274 EXPECT_EQ(ret, -1); 1275 EXPECT_EQ(errno, EINVAL); 1276 1277 ret = connect(self->fd, &addr, sizeof(addr)); 1278 EXPECT_EQ(ret, -1); 1279 EXPECT_EQ(errno, EISCONN); 1280 } 1281 1282 TEST(non_established) { 1283 struct tls12_crypto_info_aes_gcm_256 tls12; 1284 struct sockaddr_in addr; 1285 int sfd, ret, fd; 1286 socklen_t len; 1287 1288 len = sizeof(addr); 1289 1290 memset(&tls12, 0, sizeof(tls12)); 1291 tls12.info.version = TLS_1_2_VERSION; 1292 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1293 1294 addr.sin_family = AF_INET; 1295 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1296 addr.sin_port = 0; 1297 1298 fd = socket(AF_INET, SOCK_STREAM, 0); 1299 sfd = socket(AF_INET, SOCK_STREAM, 0); 1300 1301 ret = bind(sfd, &addr, sizeof(addr)); 1302 ASSERT_EQ(ret, 0); 1303 ret = listen(sfd, 10); 1304 ASSERT_EQ(ret, 0); 1305 1306 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1307 EXPECT_EQ(ret, -1); 1308 /* TLS ULP not supported */ 1309 if (errno == ENOENT) 1310 return; 1311 EXPECT_EQ(errno, ENOTCONN); 1312 1313 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1314 EXPECT_EQ(ret, -1); 1315 EXPECT_EQ(errno, ENOTCONN); 1316 1317 ret = getsockname(sfd, &addr, &len); 1318 ASSERT_EQ(ret, 0); 1319 1320 ret = connect(fd, &addr, sizeof(addr)); 1321 ASSERT_EQ(ret, 0); 1322 1323 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1324 ASSERT_EQ(ret, 0); 1325 1326 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1327 EXPECT_EQ(ret, -1); 1328 EXPECT_EQ(errno, EEXIST); 1329 1330 close(fd); 1331 close(sfd); 1332 } 1333 1334 TEST(keysizes) { 1335 struct tls12_crypto_info_aes_gcm_256 tls12; 1336 struct sockaddr_in addr; 1337 int sfd, ret, fd, cfd; 1338 socklen_t len; 1339 bool notls; 1340 1341 notls = false; 1342 len = sizeof(addr); 1343 1344 memset(&tls12, 0, sizeof(tls12)); 1345 tls12.info.version = TLS_1_2_VERSION; 1346 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1347 1348 addr.sin_family = AF_INET; 1349 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1350 addr.sin_port = 0; 1351 1352 fd = socket(AF_INET, SOCK_STREAM, 0); 1353 sfd = socket(AF_INET, SOCK_STREAM, 0); 1354 1355 ret = bind(sfd, &addr, sizeof(addr)); 1356 ASSERT_EQ(ret, 0); 1357 ret = listen(sfd, 10); 1358 ASSERT_EQ(ret, 0); 1359 1360 ret = getsockname(sfd, &addr, &len); 1361 ASSERT_EQ(ret, 0); 1362 1363 ret = connect(fd, &addr, sizeof(addr)); 1364 ASSERT_EQ(ret, 0); 1365 1366 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1367 if (ret != 0) { 1368 notls = true; 1369 printf("Failure setting TCP_ULP, testing without tls\n"); 1370 } 1371 1372 if (!notls) { 1373 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1374 sizeof(tls12)); 1375 EXPECT_EQ(ret, 0); 1376 } 1377 1378 cfd = accept(sfd, &addr, &len); 1379 ASSERT_GE(cfd, 0); 1380 1381 if (!notls) { 1382 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 1383 sizeof("tls")); 1384 EXPECT_EQ(ret, 0); 1385 1386 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1387 sizeof(tls12)); 1388 EXPECT_EQ(ret, 0); 1389 } 1390 1391 close(sfd); 1392 close(fd); 1393 close(cfd); 1394 } 1395 1396 TEST_HARNESS_MAIN 1397