1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 FIXTURE(tls_basic) 29 { 30 int fd, cfd; 31 bool notls; 32 }; 33 34 FIXTURE_SETUP(tls_basic) 35 { 36 struct sockaddr_in addr; 37 socklen_t len; 38 int sfd, ret; 39 40 self->notls = false; 41 len = sizeof(addr); 42 43 addr.sin_family = AF_INET; 44 addr.sin_addr.s_addr = htonl(INADDR_ANY); 45 addr.sin_port = 0; 46 47 self->fd = socket(AF_INET, SOCK_STREAM, 0); 48 sfd = socket(AF_INET, SOCK_STREAM, 0); 49 50 ret = bind(sfd, &addr, sizeof(addr)); 51 ASSERT_EQ(ret, 0); 52 ret = listen(sfd, 10); 53 ASSERT_EQ(ret, 0); 54 55 ret = getsockname(sfd, &addr, &len); 56 ASSERT_EQ(ret, 0); 57 58 ret = connect(self->fd, &addr, sizeof(addr)); 59 ASSERT_EQ(ret, 0); 60 61 self->cfd = accept(sfd, &addr, &len); 62 ASSERT_GE(self->cfd, 0); 63 64 close(sfd); 65 66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 67 if (ret != 0) { 68 ASSERT_EQ(errno, ENOENT); 69 self->notls = true; 70 printf("Failure setting TCP_ULP, testing without tls\n"); 71 return; 72 } 73 74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 75 ASSERT_EQ(ret, 0); 76 } 77 78 FIXTURE_TEARDOWN(tls_basic) 79 { 80 close(self->fd); 81 close(self->cfd); 82 } 83 84 /* Send some data through with ULP but no keys */ 85 TEST_F(tls_basic, base_base) 86 { 87 char const *test_str = "test_read"; 88 int send_len = 10; 89 char buf[10]; 90 91 ASSERT_EQ(strlen(test_str) + 1, send_len); 92 93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 96 }; 97 98 FIXTURE(tls) 99 { 100 int fd, cfd; 101 bool notls; 102 }; 103 104 FIXTURE_VARIANT(tls) 105 { 106 uint16_t tls_version; 107 uint16_t cipher_type; 108 }; 109 110 FIXTURE_VARIANT_ADD(tls, 12_gcm) 111 { 112 .tls_version = TLS_1_2_VERSION, 113 .cipher_type = TLS_CIPHER_AES_GCM_128, 114 }; 115 116 FIXTURE_VARIANT_ADD(tls, 13_gcm) 117 { 118 .tls_version = TLS_1_3_VERSION, 119 .cipher_type = TLS_CIPHER_AES_GCM_128, 120 }; 121 122 FIXTURE_VARIANT_ADD(tls, 12_chacha) 123 { 124 .tls_version = TLS_1_2_VERSION, 125 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 126 }; 127 128 FIXTURE_VARIANT_ADD(tls, 13_chacha) 129 { 130 .tls_version = TLS_1_3_VERSION, 131 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 132 }; 133 134 FIXTURE_SETUP(tls) 135 { 136 union tls_crypto_context tls12; 137 struct sockaddr_in addr; 138 socklen_t len; 139 int sfd, ret; 140 size_t tls12_sz; 141 142 self->notls = false; 143 len = sizeof(addr); 144 145 memset(&tls12, 0, sizeof(tls12)); 146 tls12.info.version = variant->tls_version; 147 tls12.info.cipher_type = variant->cipher_type; 148 switch (variant->cipher_type) { 149 case TLS_CIPHER_CHACHA20_POLY1305: 150 tls12_sz = sizeof(tls12_crypto_info_chacha20_poly1305); 151 break; 152 case TLS_CIPHER_AES_GCM_128: 153 tls12_sz = sizeof(tls12_crypto_info_aes_gcm_128); 154 break; 155 default: 156 tls12_sz = 0; 157 } 158 159 addr.sin_family = AF_INET; 160 addr.sin_addr.s_addr = htonl(INADDR_ANY); 161 addr.sin_port = 0; 162 163 self->fd = socket(AF_INET, SOCK_STREAM, 0); 164 sfd = socket(AF_INET, SOCK_STREAM, 0); 165 166 ret = bind(sfd, &addr, sizeof(addr)); 167 ASSERT_EQ(ret, 0); 168 ret = listen(sfd, 10); 169 ASSERT_EQ(ret, 0); 170 171 ret = getsockname(sfd, &addr, &len); 172 ASSERT_EQ(ret, 0); 173 174 ret = connect(self->fd, &addr, sizeof(addr)); 175 ASSERT_EQ(ret, 0); 176 177 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 178 if (ret != 0) { 179 self->notls = true; 180 printf("Failure setting TCP_ULP, testing without tls\n"); 181 } 182 183 if (!self->notls) { 184 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 185 tls12_sz); 186 ASSERT_EQ(ret, 0); 187 } 188 189 self->cfd = accept(sfd, &addr, &len); 190 ASSERT_GE(self->cfd, 0); 191 192 if (!self->notls) { 193 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 194 sizeof("tls")); 195 ASSERT_EQ(ret, 0); 196 197 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 198 tls12_sz); 199 ASSERT_EQ(ret, 0); 200 } 201 202 close(sfd); 203 } 204 205 FIXTURE_TEARDOWN(tls) 206 { 207 close(self->fd); 208 close(self->cfd); 209 } 210 211 TEST_F(tls, sendfile) 212 { 213 int filefd = open("/proc/self/exe", O_RDONLY); 214 struct stat st; 215 216 EXPECT_GE(filefd, 0); 217 fstat(filefd, &st); 218 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 219 } 220 221 TEST_F(tls, send_then_sendfile) 222 { 223 int filefd = open("/proc/self/exe", O_RDONLY); 224 char const *test_str = "test_send"; 225 int to_send = strlen(test_str) + 1; 226 char recv_buf[10]; 227 struct stat st; 228 char *buf; 229 230 EXPECT_GE(filefd, 0); 231 fstat(filefd, &st); 232 buf = (char *)malloc(st.st_size); 233 234 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 235 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 236 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 237 238 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 239 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 240 } 241 242 static void chunked_sendfile(struct __test_metadata *_metadata, 243 struct _test_data_tls *self, 244 uint16_t chunk_size, 245 uint16_t extra_payload_size) 246 { 247 char buf[TLS_PAYLOAD_MAX_LEN]; 248 uint16_t test_payload_size; 249 int size = 0; 250 int ret; 251 char filename[] = "/tmp/mytemp.XXXXXX"; 252 int fd = mkstemp(filename); 253 off_t offset = 0; 254 255 unlink(filename); 256 ASSERT_GE(fd, 0); 257 EXPECT_GE(chunk_size, 1); 258 test_payload_size = chunk_size + extra_payload_size; 259 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 260 memset(buf, 1, test_payload_size); 261 size = write(fd, buf, test_payload_size); 262 EXPECT_EQ(size, test_payload_size); 263 fsync(fd); 264 265 while (size > 0) { 266 ret = sendfile(self->fd, fd, &offset, chunk_size); 267 EXPECT_GE(ret, 0); 268 size -= ret; 269 } 270 271 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 272 test_payload_size); 273 274 close(fd); 275 } 276 277 TEST_F(tls, multi_chunk_sendfile) 278 { 279 chunked_sendfile(_metadata, self, 4096, 4096); 280 chunked_sendfile(_metadata, self, 4096, 0); 281 chunked_sendfile(_metadata, self, 4096, 1); 282 chunked_sendfile(_metadata, self, 4096, 2048); 283 chunked_sendfile(_metadata, self, 8192, 2048); 284 chunked_sendfile(_metadata, self, 4096, 8192); 285 chunked_sendfile(_metadata, self, 8192, 4096); 286 chunked_sendfile(_metadata, self, 12288, 1024); 287 chunked_sendfile(_metadata, self, 12288, 2000); 288 chunked_sendfile(_metadata, self, 15360, 100); 289 chunked_sendfile(_metadata, self, 15360, 300); 290 chunked_sendfile(_metadata, self, 1, 4096); 291 chunked_sendfile(_metadata, self, 2048, 4096); 292 chunked_sendfile(_metadata, self, 2048, 8192); 293 chunked_sendfile(_metadata, self, 4096, 8192); 294 chunked_sendfile(_metadata, self, 1024, 12288); 295 chunked_sendfile(_metadata, self, 2000, 12288); 296 chunked_sendfile(_metadata, self, 100, 15360); 297 chunked_sendfile(_metadata, self, 300, 15360); 298 } 299 300 TEST_F(tls, recv_max) 301 { 302 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 303 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 304 char buf[TLS_PAYLOAD_MAX_LEN]; 305 306 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 307 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 308 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 309 } 310 311 TEST_F(tls, recv_small) 312 { 313 char const *test_str = "test_read"; 314 int send_len = 10; 315 char buf[10]; 316 317 send_len = strlen(test_str) + 1; 318 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 319 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 320 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 321 } 322 323 TEST_F(tls, msg_more) 324 { 325 char const *test_str = "test_read"; 326 int send_len = 10; 327 char buf[10 * 2]; 328 329 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 330 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 331 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 332 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 333 send_len * 2); 334 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 335 } 336 337 TEST_F(tls, msg_more_unsent) 338 { 339 char const *test_str = "test_read"; 340 int send_len = 10; 341 char buf[10]; 342 343 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 344 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 345 } 346 347 TEST_F(tls, sendmsg_single) 348 { 349 struct msghdr msg; 350 351 char const *test_str = "test_sendmsg"; 352 size_t send_len = 13; 353 struct iovec vec; 354 char buf[13]; 355 356 vec.iov_base = (char *)test_str; 357 vec.iov_len = send_len; 358 memset(&msg, 0, sizeof(struct msghdr)); 359 msg.msg_iov = &vec; 360 msg.msg_iovlen = 1; 361 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 362 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 363 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 364 } 365 366 #define MAX_FRAGS 64 367 #define SEND_LEN 13 368 TEST_F(tls, sendmsg_fragmented) 369 { 370 char const *test_str = "test_sendmsg"; 371 char buf[SEND_LEN * MAX_FRAGS]; 372 struct iovec vec[MAX_FRAGS]; 373 struct msghdr msg; 374 int i, frags; 375 376 for (frags = 1; frags <= MAX_FRAGS; frags++) { 377 for (i = 0; i < frags; i++) { 378 vec[i].iov_base = (char *)test_str; 379 vec[i].iov_len = SEND_LEN; 380 } 381 382 memset(&msg, 0, sizeof(struct msghdr)); 383 msg.msg_iov = vec; 384 msg.msg_iovlen = frags; 385 386 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 387 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 388 SEND_LEN * frags); 389 390 for (i = 0; i < frags; i++) 391 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 392 test_str, SEND_LEN), 0); 393 } 394 } 395 #undef MAX_FRAGS 396 #undef SEND_LEN 397 398 TEST_F(tls, sendmsg_large) 399 { 400 void *mem = malloc(16384); 401 size_t send_len = 16384; 402 size_t sends = 128; 403 struct msghdr msg; 404 size_t recvs = 0; 405 size_t sent = 0; 406 407 memset(&msg, 0, sizeof(struct msghdr)); 408 while (sent++ < sends) { 409 struct iovec vec = { (void *)mem, send_len }; 410 411 msg.msg_iov = &vec; 412 msg.msg_iovlen = 1; 413 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 414 } 415 416 while (recvs++ < sends) 417 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 418 419 free(mem); 420 } 421 422 TEST_F(tls, sendmsg_multiple) 423 { 424 char const *test_str = "test_sendmsg_multiple"; 425 struct iovec vec[5]; 426 char *test_strs[5]; 427 struct msghdr msg; 428 int total_len = 0; 429 int len_cmp = 0; 430 int iov_len = 5; 431 char *buf; 432 int i; 433 434 memset(&msg, 0, sizeof(struct msghdr)); 435 for (i = 0; i < iov_len; i++) { 436 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 437 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 438 vec[i].iov_base = (void *)test_strs[i]; 439 vec[i].iov_len = strlen(test_strs[i]) + 1; 440 total_len += vec[i].iov_len; 441 } 442 msg.msg_iov = vec; 443 msg.msg_iovlen = iov_len; 444 445 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 446 buf = malloc(total_len); 447 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 448 for (i = 0; i < iov_len; i++) { 449 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 450 strlen(test_strs[i])), 451 0); 452 len_cmp += strlen(buf + len_cmp) + 1; 453 } 454 for (i = 0; i < iov_len; i++) 455 free(test_strs[i]); 456 free(buf); 457 } 458 459 TEST_F(tls, sendmsg_multiple_stress) 460 { 461 char const *test_str = "abcdefghijklmno"; 462 struct iovec vec[1024]; 463 char *test_strs[1024]; 464 int iov_len = 1024; 465 int total_len = 0; 466 char buf[1 << 14]; 467 struct msghdr msg; 468 int len_cmp = 0; 469 int i; 470 471 memset(&msg, 0, sizeof(struct msghdr)); 472 for (i = 0; i < iov_len; i++) { 473 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 474 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 475 vec[i].iov_base = (void *)test_strs[i]; 476 vec[i].iov_len = strlen(test_strs[i]) + 1; 477 total_len += vec[i].iov_len; 478 } 479 msg.msg_iov = vec; 480 msg.msg_iovlen = iov_len; 481 482 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 483 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 484 485 for (i = 0; i < iov_len; i++) 486 len_cmp += strlen(buf + len_cmp) + 1; 487 488 for (i = 0; i < iov_len; i++) 489 free(test_strs[i]); 490 } 491 492 TEST_F(tls, splice_from_pipe) 493 { 494 int send_len = TLS_PAYLOAD_MAX_LEN; 495 char mem_send[TLS_PAYLOAD_MAX_LEN]; 496 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 497 int p[2]; 498 499 ASSERT_GE(pipe(p), 0); 500 EXPECT_GE(write(p[1], mem_send, send_len), 0); 501 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 502 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 503 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 504 } 505 506 TEST_F(tls, splice_from_pipe2) 507 { 508 int send_len = 16000; 509 char mem_send[16000]; 510 char mem_recv[16000]; 511 int p2[2]; 512 int p[2]; 513 514 ASSERT_GE(pipe(p), 0); 515 ASSERT_GE(pipe(p2), 0); 516 EXPECT_GE(write(p[1], mem_send, 8000), 0); 517 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 518 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 519 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 520 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 521 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 522 } 523 524 TEST_F(tls, send_and_splice) 525 { 526 int send_len = TLS_PAYLOAD_MAX_LEN; 527 char mem_send[TLS_PAYLOAD_MAX_LEN]; 528 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 529 char const *test_str = "test_read"; 530 int send_len2 = 10; 531 char buf[10]; 532 int p[2]; 533 534 ASSERT_GE(pipe(p), 0); 535 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 536 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 537 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 538 539 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 540 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 541 542 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 543 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 544 } 545 546 TEST_F(tls, splice_to_pipe) 547 { 548 int send_len = TLS_PAYLOAD_MAX_LEN; 549 char mem_send[TLS_PAYLOAD_MAX_LEN]; 550 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 551 int p[2]; 552 553 ASSERT_GE(pipe(p), 0); 554 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 555 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 556 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 557 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 558 } 559 560 TEST_F(tls, recvmsg_single) 561 { 562 char const *test_str = "test_recvmsg_single"; 563 int send_len = strlen(test_str) + 1; 564 char buf[20]; 565 struct msghdr hdr; 566 struct iovec vec; 567 568 memset(&hdr, 0, sizeof(hdr)); 569 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 570 vec.iov_base = (char *)buf; 571 vec.iov_len = send_len; 572 hdr.msg_iovlen = 1; 573 hdr.msg_iov = &vec; 574 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 575 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 576 } 577 578 TEST_F(tls, recvmsg_single_max) 579 { 580 int send_len = TLS_PAYLOAD_MAX_LEN; 581 char send_mem[TLS_PAYLOAD_MAX_LEN]; 582 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 583 struct iovec vec; 584 struct msghdr hdr; 585 586 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 587 vec.iov_base = (char *)recv_mem; 588 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 589 590 hdr.msg_iovlen = 1; 591 hdr.msg_iov = &vec; 592 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 593 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 594 } 595 596 TEST_F(tls, recvmsg_multiple) 597 { 598 unsigned int msg_iovlen = 1024; 599 unsigned int len_compared = 0; 600 struct iovec vec[1024]; 601 char *iov_base[1024]; 602 unsigned int iov_len = 16; 603 int send_len = 1 << 14; 604 char buf[1 << 14]; 605 struct msghdr hdr; 606 int i; 607 608 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 609 for (i = 0; i < msg_iovlen; i++) { 610 iov_base[i] = (char *)malloc(iov_len); 611 vec[i].iov_base = iov_base[i]; 612 vec[i].iov_len = iov_len; 613 } 614 615 hdr.msg_iovlen = msg_iovlen; 616 hdr.msg_iov = vec; 617 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 618 for (i = 0; i < msg_iovlen; i++) 619 len_compared += iov_len; 620 621 for (i = 0; i < msg_iovlen; i++) 622 free(iov_base[i]); 623 } 624 625 TEST_F(tls, single_send_multiple_recv) 626 { 627 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 628 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 629 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 630 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 631 632 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 633 memset(recv_mem, 0, total_len); 634 635 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 636 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 637 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 638 } 639 640 TEST_F(tls, multiple_send_single_recv) 641 { 642 unsigned int total_len = 2 * 10; 643 unsigned int send_len = 10; 644 char recv_mem[2 * 10]; 645 char send_mem[10]; 646 647 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 648 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 649 memset(recv_mem, 0, total_len); 650 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 651 652 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 653 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 654 } 655 656 TEST_F(tls, single_send_multiple_recv_non_align) 657 { 658 const unsigned int total_len = 15; 659 const unsigned int recv_len = 10; 660 char recv_mem[recv_len * 2]; 661 char send_mem[total_len]; 662 663 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 664 memset(recv_mem, 0, total_len); 665 666 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 667 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 668 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 669 } 670 671 TEST_F(tls, recv_partial) 672 { 673 char const *test_str = "test_read_partial"; 674 char const *test_str_first = "test_read"; 675 char const *test_str_second = "_partial"; 676 int send_len = strlen(test_str) + 1; 677 char recv_mem[18]; 678 679 memset(recv_mem, 0, sizeof(recv_mem)); 680 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 681 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 682 MSG_WAITALL), -1); 683 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 684 memset(recv_mem, 0, sizeof(recv_mem)); 685 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 686 MSG_WAITALL), -1); 687 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 688 0); 689 } 690 691 TEST_F(tls, recv_nonblock) 692 { 693 char buf[4096]; 694 bool err; 695 696 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 697 err = (errno == EAGAIN || errno == EWOULDBLOCK); 698 EXPECT_EQ(err, true); 699 } 700 701 TEST_F(tls, recv_peek) 702 { 703 char const *test_str = "test_read_peek"; 704 int send_len = strlen(test_str) + 1; 705 char buf[15]; 706 707 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 708 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 709 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 710 memset(buf, 0, sizeof(buf)); 711 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 712 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 713 } 714 715 TEST_F(tls, recv_peek_multiple) 716 { 717 char const *test_str = "test_read_peek"; 718 int send_len = strlen(test_str) + 1; 719 unsigned int num_peeks = 100; 720 char buf[15]; 721 int i; 722 723 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 724 for (i = 0; i < num_peeks; i++) { 725 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 726 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 727 memset(buf, 0, sizeof(buf)); 728 } 729 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 730 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 731 } 732 733 TEST_F(tls, recv_peek_multiple_records) 734 { 735 char const *test_str = "test_read_peek_mult_recs"; 736 char const *test_str_first = "test_read_peek"; 737 char const *test_str_second = "_mult_recs"; 738 int len; 739 char buf[64]; 740 741 len = strlen(test_str_first); 742 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 743 744 len = strlen(test_str_second) + 1; 745 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 746 747 len = strlen(test_str_first); 748 memset(buf, 0, len); 749 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 750 751 /* MSG_PEEK can only peek into the current record. */ 752 len = strlen(test_str_first); 753 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 754 755 len = strlen(test_str) + 1; 756 memset(buf, 0, len); 757 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 758 759 /* Non-MSG_PEEK will advance strparser (and therefore record) 760 * however. 761 */ 762 len = strlen(test_str) + 1; 763 EXPECT_EQ(memcmp(test_str, buf, len), 0); 764 765 /* MSG_MORE will hold current record open, so later MSG_PEEK 766 * will see everything. 767 */ 768 len = strlen(test_str_first); 769 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 770 771 len = strlen(test_str_second) + 1; 772 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 773 774 len = strlen(test_str) + 1; 775 memset(buf, 0, len); 776 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 777 778 len = strlen(test_str) + 1; 779 EXPECT_EQ(memcmp(test_str, buf, len), 0); 780 } 781 782 TEST_F(tls, recv_peek_large_buf_mult_recs) 783 { 784 char const *test_str = "test_read_peek_mult_recs"; 785 char const *test_str_first = "test_read_peek"; 786 char const *test_str_second = "_mult_recs"; 787 int len; 788 char buf[64]; 789 790 len = strlen(test_str_first); 791 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 792 793 len = strlen(test_str_second) + 1; 794 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 795 796 len = strlen(test_str) + 1; 797 memset(buf, 0, len); 798 EXPECT_NE((len = recv(self->cfd, buf, len, 799 MSG_PEEK | MSG_WAITALL)), -1); 800 len = strlen(test_str) + 1; 801 EXPECT_EQ(memcmp(test_str, buf, len), 0); 802 } 803 804 TEST_F(tls, recv_lowat) 805 { 806 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 807 char recv_mem[20]; 808 int lowat = 8; 809 810 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 811 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 812 813 memset(recv_mem, 0, 20); 814 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 815 &lowat, sizeof(lowat)), 0); 816 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 817 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 818 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 819 820 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 821 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 822 } 823 824 TEST_F(tls, bidir) 825 { 826 char const *test_str = "test_read"; 827 int send_len = 10; 828 char buf[10]; 829 int ret; 830 831 if (!self->notls) { 832 struct tls12_crypto_info_aes_gcm_128 tls12; 833 834 memset(&tls12, 0, sizeof(tls12)); 835 tls12.info.version = variant->tls_version; 836 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 837 838 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 839 sizeof(tls12)); 840 ASSERT_EQ(ret, 0); 841 842 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 843 sizeof(tls12)); 844 ASSERT_EQ(ret, 0); 845 } 846 847 ASSERT_EQ(strlen(test_str) + 1, send_len); 848 849 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 850 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 851 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 852 853 memset(buf, 0, sizeof(buf)); 854 855 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 856 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 857 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 858 }; 859 860 TEST_F(tls, pollin) 861 { 862 char const *test_str = "test_poll"; 863 struct pollfd fd = { 0, 0, 0 }; 864 char buf[10]; 865 int send_len = 10; 866 867 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 868 fd.fd = self->cfd; 869 fd.events = POLLIN; 870 871 EXPECT_EQ(poll(&fd, 1, 20), 1); 872 EXPECT_EQ(fd.revents & POLLIN, 1); 873 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 874 /* Test timing out */ 875 EXPECT_EQ(poll(&fd, 1, 20), 0); 876 } 877 878 TEST_F(tls, poll_wait) 879 { 880 char const *test_str = "test_poll_wait"; 881 int send_len = strlen(test_str) + 1; 882 struct pollfd fd = { 0, 0, 0 }; 883 char recv_mem[15]; 884 885 fd.fd = self->cfd; 886 fd.events = POLLIN; 887 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 888 /* Set timeout to inf. secs */ 889 EXPECT_EQ(poll(&fd, 1, -1), 1); 890 EXPECT_EQ(fd.revents & POLLIN, 1); 891 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 892 } 893 894 TEST_F(tls, poll_wait_split) 895 { 896 struct pollfd fd = { 0, 0, 0 }; 897 char send_mem[20] = {}; 898 char recv_mem[15]; 899 900 fd.fd = self->cfd; 901 fd.events = POLLIN; 902 /* Send 20 bytes */ 903 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 904 sizeof(send_mem)); 905 /* Poll with inf. timeout */ 906 EXPECT_EQ(poll(&fd, 1, -1), 1); 907 EXPECT_EQ(fd.revents & POLLIN, 1); 908 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 909 sizeof(recv_mem)); 910 911 /* Now the remaining 5 bytes of record data are in TLS ULP */ 912 fd.fd = self->cfd; 913 fd.events = POLLIN; 914 EXPECT_EQ(poll(&fd, 1, -1), 1); 915 EXPECT_EQ(fd.revents & POLLIN, 1); 916 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 917 sizeof(send_mem) - sizeof(recv_mem)); 918 } 919 920 TEST_F(tls, blocking) 921 { 922 size_t data = 100000; 923 int res = fork(); 924 925 EXPECT_NE(res, -1); 926 927 if (res) { 928 /* parent */ 929 size_t left = data; 930 char buf[16384]; 931 int status; 932 int pid2; 933 934 while (left) { 935 int res = send(self->fd, buf, 936 left > 16384 ? 16384 : left, 0); 937 938 EXPECT_GE(res, 0); 939 left -= res; 940 } 941 942 pid2 = wait(&status); 943 EXPECT_EQ(status, 0); 944 EXPECT_EQ(res, pid2); 945 } else { 946 /* child */ 947 size_t left = data; 948 char buf[16384]; 949 950 while (left) { 951 int res = recv(self->cfd, buf, 952 left > 16384 ? 16384 : left, 0); 953 954 EXPECT_GE(res, 0); 955 left -= res; 956 } 957 } 958 } 959 960 TEST_F(tls, nonblocking) 961 { 962 size_t data = 100000; 963 int sendbuf = 100; 964 int flags; 965 int res; 966 967 flags = fcntl(self->fd, F_GETFL, 0); 968 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 969 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 970 971 /* Ensure nonblocking behavior by imposing a small send 972 * buffer. 973 */ 974 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 975 &sendbuf, sizeof(sendbuf)), 0); 976 977 res = fork(); 978 EXPECT_NE(res, -1); 979 980 if (res) { 981 /* parent */ 982 bool eagain = false; 983 size_t left = data; 984 char buf[16384]; 985 int status; 986 int pid2; 987 988 while (left) { 989 int res = send(self->fd, buf, 990 left > 16384 ? 16384 : left, 0); 991 992 if (res == -1 && errno == EAGAIN) { 993 eagain = true; 994 usleep(10000); 995 continue; 996 } 997 EXPECT_GE(res, 0); 998 left -= res; 999 } 1000 1001 EXPECT_TRUE(eagain); 1002 pid2 = wait(&status); 1003 1004 EXPECT_EQ(status, 0); 1005 EXPECT_EQ(res, pid2); 1006 } else { 1007 /* child */ 1008 bool eagain = false; 1009 size_t left = data; 1010 char buf[16384]; 1011 1012 while (left) { 1013 int res = recv(self->cfd, buf, 1014 left > 16384 ? 16384 : left, 0); 1015 1016 if (res == -1 && errno == EAGAIN) { 1017 eagain = true; 1018 usleep(10000); 1019 continue; 1020 } 1021 EXPECT_GE(res, 0); 1022 left -= res; 1023 } 1024 EXPECT_TRUE(eagain); 1025 } 1026 } 1027 1028 static void 1029 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1030 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1031 { 1032 const unsigned int n_children = n_readers + n_writers; 1033 const size_t data = 6 * 1000 * 1000; 1034 const size_t file_sz = data / 100; 1035 size_t read_bias, write_bias; 1036 int i, fd, child_id; 1037 char buf[file_sz]; 1038 pid_t pid; 1039 1040 /* Only allow multiples for simplicity */ 1041 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1042 read_bias = n_writers / n_readers ?: 1; 1043 write_bias = n_readers / n_writers ?: 1; 1044 1045 /* prep a file to send */ 1046 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1047 ASSERT_GE(fd, 0); 1048 1049 memset(buf, 0xac, file_sz); 1050 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1051 1052 /* spawn children */ 1053 for (child_id = 0; child_id < n_children; child_id++) { 1054 pid = fork(); 1055 ASSERT_NE(pid, -1); 1056 if (!pid) 1057 break; 1058 } 1059 1060 /* parent waits for all children */ 1061 if (pid) { 1062 for (i = 0; i < n_children; i++) { 1063 int status; 1064 1065 wait(&status); 1066 EXPECT_EQ(status, 0); 1067 } 1068 1069 return; 1070 } 1071 1072 /* Split threads for reading and writing */ 1073 if (child_id < n_readers) { 1074 size_t left = data * read_bias; 1075 char rb[8001]; 1076 1077 while (left) { 1078 int res; 1079 1080 res = recv(self->cfd, rb, 1081 left > sizeof(rb) ? sizeof(rb) : left, 0); 1082 1083 EXPECT_GE(res, 0); 1084 left -= res; 1085 } 1086 } else { 1087 size_t left = data * write_bias; 1088 1089 while (left) { 1090 int res; 1091 1092 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1093 if (sendpg) 1094 res = sendfile(self->fd, fd, NULL, 1095 left > file_sz ? file_sz : left); 1096 else 1097 res = send(self->fd, buf, 1098 left > file_sz ? file_sz : left, 0); 1099 1100 EXPECT_GE(res, 0); 1101 left -= res; 1102 } 1103 } 1104 } 1105 1106 TEST_F(tls, mutliproc_even) 1107 { 1108 test_mutliproc(_metadata, self, false, 6, 6); 1109 } 1110 1111 TEST_F(tls, mutliproc_readers) 1112 { 1113 test_mutliproc(_metadata, self, false, 4, 12); 1114 } 1115 1116 TEST_F(tls, mutliproc_writers) 1117 { 1118 test_mutliproc(_metadata, self, false, 10, 2); 1119 } 1120 1121 TEST_F(tls, mutliproc_sendpage_even) 1122 { 1123 test_mutliproc(_metadata, self, true, 6, 6); 1124 } 1125 1126 TEST_F(tls, mutliproc_sendpage_readers) 1127 { 1128 test_mutliproc(_metadata, self, true, 4, 12); 1129 } 1130 1131 TEST_F(tls, mutliproc_sendpage_writers) 1132 { 1133 test_mutliproc(_metadata, self, true, 10, 2); 1134 } 1135 1136 TEST_F(tls, control_msg) 1137 { 1138 if (self->notls) 1139 return; 1140 1141 char cbuf[CMSG_SPACE(sizeof(char))]; 1142 char const *test_str = "test_read"; 1143 int cmsg_len = sizeof(char); 1144 char record_type = 100; 1145 struct cmsghdr *cmsg; 1146 struct msghdr msg; 1147 int send_len = 10; 1148 struct iovec vec; 1149 char buf[10]; 1150 1151 vec.iov_base = (char *)test_str; 1152 vec.iov_len = 10; 1153 memset(&msg, 0, sizeof(struct msghdr)); 1154 msg.msg_iov = &vec; 1155 msg.msg_iovlen = 1; 1156 msg.msg_control = cbuf; 1157 msg.msg_controllen = sizeof(cbuf); 1158 cmsg = CMSG_FIRSTHDR(&msg); 1159 cmsg->cmsg_level = SOL_TLS; 1160 /* test sending non-record types. */ 1161 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 1162 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 1163 *CMSG_DATA(cmsg) = record_type; 1164 msg.msg_controllen = cmsg->cmsg_len; 1165 1166 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 1167 /* Should fail because we didn't provide a control message */ 1168 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1169 1170 vec.iov_base = buf; 1171 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 1172 1173 cmsg = CMSG_FIRSTHDR(&msg); 1174 EXPECT_NE(cmsg, NULL); 1175 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1176 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1177 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1178 EXPECT_EQ(record_type, 100); 1179 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1180 1181 /* Recv the message again without MSG_PEEK */ 1182 record_type = 0; 1183 memset(buf, 0, sizeof(buf)); 1184 1185 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 1186 cmsg = CMSG_FIRSTHDR(&msg); 1187 EXPECT_NE(cmsg, NULL); 1188 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1189 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1190 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1191 EXPECT_EQ(record_type, 100); 1192 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1193 } 1194 1195 TEST_F(tls, shutdown) 1196 { 1197 char const *test_str = "test_read"; 1198 int send_len = 10; 1199 char buf[10]; 1200 1201 ASSERT_EQ(strlen(test_str) + 1, send_len); 1202 1203 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1204 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1205 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1206 1207 shutdown(self->fd, SHUT_RDWR); 1208 shutdown(self->cfd, SHUT_RDWR); 1209 } 1210 1211 TEST_F(tls, shutdown_unsent) 1212 { 1213 char const *test_str = "test_read"; 1214 int send_len = 10; 1215 1216 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1217 1218 shutdown(self->fd, SHUT_RDWR); 1219 shutdown(self->cfd, SHUT_RDWR); 1220 } 1221 1222 TEST_F(tls, shutdown_reuse) 1223 { 1224 struct sockaddr_in addr; 1225 int ret; 1226 1227 shutdown(self->fd, SHUT_RDWR); 1228 shutdown(self->cfd, SHUT_RDWR); 1229 close(self->cfd); 1230 1231 addr.sin_family = AF_INET; 1232 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1233 addr.sin_port = 0; 1234 1235 ret = bind(self->fd, &addr, sizeof(addr)); 1236 EXPECT_EQ(ret, 0); 1237 ret = listen(self->fd, 10); 1238 EXPECT_EQ(ret, -1); 1239 EXPECT_EQ(errno, EINVAL); 1240 1241 ret = connect(self->fd, &addr, sizeof(addr)); 1242 EXPECT_EQ(ret, -1); 1243 EXPECT_EQ(errno, EISCONN); 1244 } 1245 1246 TEST(non_established) { 1247 struct tls12_crypto_info_aes_gcm_256 tls12; 1248 struct sockaddr_in addr; 1249 int sfd, ret, fd; 1250 socklen_t len; 1251 1252 len = sizeof(addr); 1253 1254 memset(&tls12, 0, sizeof(tls12)); 1255 tls12.info.version = TLS_1_2_VERSION; 1256 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1257 1258 addr.sin_family = AF_INET; 1259 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1260 addr.sin_port = 0; 1261 1262 fd = socket(AF_INET, SOCK_STREAM, 0); 1263 sfd = socket(AF_INET, SOCK_STREAM, 0); 1264 1265 ret = bind(sfd, &addr, sizeof(addr)); 1266 ASSERT_EQ(ret, 0); 1267 ret = listen(sfd, 10); 1268 ASSERT_EQ(ret, 0); 1269 1270 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1271 EXPECT_EQ(ret, -1); 1272 /* TLS ULP not supported */ 1273 if (errno == ENOENT) 1274 return; 1275 EXPECT_EQ(errno, ENOTCONN); 1276 1277 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1278 EXPECT_EQ(ret, -1); 1279 EXPECT_EQ(errno, ENOTCONN); 1280 1281 ret = getsockname(sfd, &addr, &len); 1282 ASSERT_EQ(ret, 0); 1283 1284 ret = connect(fd, &addr, sizeof(addr)); 1285 ASSERT_EQ(ret, 0); 1286 1287 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1288 ASSERT_EQ(ret, 0); 1289 1290 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1291 EXPECT_EQ(ret, -1); 1292 EXPECT_EQ(errno, EEXIST); 1293 1294 close(fd); 1295 close(sfd); 1296 } 1297 1298 TEST(keysizes) { 1299 struct tls12_crypto_info_aes_gcm_256 tls12; 1300 struct sockaddr_in addr; 1301 int sfd, ret, fd, cfd; 1302 socklen_t len; 1303 bool notls; 1304 1305 notls = false; 1306 len = sizeof(addr); 1307 1308 memset(&tls12, 0, sizeof(tls12)); 1309 tls12.info.version = TLS_1_2_VERSION; 1310 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1311 1312 addr.sin_family = AF_INET; 1313 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1314 addr.sin_port = 0; 1315 1316 fd = socket(AF_INET, SOCK_STREAM, 0); 1317 sfd = socket(AF_INET, SOCK_STREAM, 0); 1318 1319 ret = bind(sfd, &addr, sizeof(addr)); 1320 ASSERT_EQ(ret, 0); 1321 ret = listen(sfd, 10); 1322 ASSERT_EQ(ret, 0); 1323 1324 ret = getsockname(sfd, &addr, &len); 1325 ASSERT_EQ(ret, 0); 1326 1327 ret = connect(fd, &addr, sizeof(addr)); 1328 ASSERT_EQ(ret, 0); 1329 1330 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1331 if (ret != 0) { 1332 notls = true; 1333 printf("Failure setting TCP_ULP, testing without tls\n"); 1334 } 1335 1336 if (!notls) { 1337 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1338 sizeof(tls12)); 1339 EXPECT_EQ(ret, 0); 1340 } 1341 1342 cfd = accept(sfd, &addr, &len); 1343 ASSERT_GE(cfd, 0); 1344 1345 if (!notls) { 1346 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 1347 sizeof("tls")); 1348 EXPECT_EQ(ret, 0); 1349 1350 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1351 sizeof(tls12)); 1352 EXPECT_EQ(ret, 0); 1353 } 1354 1355 close(sfd); 1356 close(fd); 1357 close(cfd); 1358 } 1359 1360 TEST_HARNESS_MAIN 1361