xref: /openbmc/linux/tools/testing/selftests/net/tls.c (revision 0b26ca68)
1 // SPDX-License-Identifier: GPL-2.0
2 
3 #define _GNU_SOURCE
4 
5 #include <arpa/inet.h>
6 #include <errno.h>
7 #include <error.h>
8 #include <fcntl.h>
9 #include <poll.h>
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <unistd.h>
13 
14 #include <linux/tls.h>
15 #include <linux/tcp.h>
16 #include <linux/socket.h>
17 
18 #include <sys/types.h>
19 #include <sys/sendfile.h>
20 #include <sys/socket.h>
21 #include <sys/stat.h>
22 
23 #include "../kselftest_harness.h"
24 
25 #define TLS_PAYLOAD_MAX_LEN 16384
26 #define SOL_TLS 282
27 
28 FIXTURE(tls_basic)
29 {
30 	int fd, cfd;
31 	bool notls;
32 };
33 
34 FIXTURE_SETUP(tls_basic)
35 {
36 	struct sockaddr_in addr;
37 	socklen_t len;
38 	int sfd, ret;
39 
40 	self->notls = false;
41 	len = sizeof(addr);
42 
43 	addr.sin_family = AF_INET;
44 	addr.sin_addr.s_addr = htonl(INADDR_ANY);
45 	addr.sin_port = 0;
46 
47 	self->fd = socket(AF_INET, SOCK_STREAM, 0);
48 	sfd = socket(AF_INET, SOCK_STREAM, 0);
49 
50 	ret = bind(sfd, &addr, sizeof(addr));
51 	ASSERT_EQ(ret, 0);
52 	ret = listen(sfd, 10);
53 	ASSERT_EQ(ret, 0);
54 
55 	ret = getsockname(sfd, &addr, &len);
56 	ASSERT_EQ(ret, 0);
57 
58 	ret = connect(self->fd, &addr, sizeof(addr));
59 	ASSERT_EQ(ret, 0);
60 
61 	self->cfd = accept(sfd, &addr, &len);
62 	ASSERT_GE(self->cfd, 0);
63 
64 	close(sfd);
65 
66 	ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
67 	if (ret != 0) {
68 		ASSERT_EQ(errno, ENOENT);
69 		self->notls = true;
70 		printf("Failure setting TCP_ULP, testing without tls\n");
71 		return;
72 	}
73 
74 	ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
75 	ASSERT_EQ(ret, 0);
76 }
77 
78 FIXTURE_TEARDOWN(tls_basic)
79 {
80 	close(self->fd);
81 	close(self->cfd);
82 }
83 
84 /* Send some data through with ULP but no keys */
85 TEST_F(tls_basic, base_base)
86 {
87 	char const *test_str = "test_read";
88 	int send_len = 10;
89 	char buf[10];
90 
91 	ASSERT_EQ(strlen(test_str) + 1, send_len);
92 
93 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
94 	EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
95 	EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
96 };
97 
98 FIXTURE(tls)
99 {
100 	int fd, cfd;
101 	bool notls;
102 };
103 
104 FIXTURE_VARIANT(tls)
105 {
106 	uint16_t tls_version;
107 	uint16_t cipher_type;
108 };
109 
110 FIXTURE_VARIANT_ADD(tls, 12_gcm)
111 {
112 	.tls_version = TLS_1_2_VERSION,
113 	.cipher_type = TLS_CIPHER_AES_GCM_128,
114 };
115 
116 FIXTURE_VARIANT_ADD(tls, 13_gcm)
117 {
118 	.tls_version = TLS_1_3_VERSION,
119 	.cipher_type = TLS_CIPHER_AES_GCM_128,
120 };
121 
122 FIXTURE_VARIANT_ADD(tls, 12_chacha)
123 {
124 	.tls_version = TLS_1_2_VERSION,
125 	.cipher_type = TLS_CIPHER_CHACHA20_POLY1305,
126 };
127 
128 FIXTURE_VARIANT_ADD(tls, 13_chacha)
129 {
130 	.tls_version = TLS_1_3_VERSION,
131 	.cipher_type = TLS_CIPHER_CHACHA20_POLY1305,
132 };
133 
134 FIXTURE_SETUP(tls)
135 {
136 	union tls_crypto_context tls12;
137 	struct sockaddr_in addr;
138 	socklen_t len;
139 	int sfd, ret;
140 	size_t tls12_sz;
141 
142 	self->notls = false;
143 	len = sizeof(addr);
144 
145 	memset(&tls12, 0, sizeof(tls12));
146 	tls12.info.version = variant->tls_version;
147 	tls12.info.cipher_type = variant->cipher_type;
148 	switch (variant->cipher_type) {
149 	case TLS_CIPHER_CHACHA20_POLY1305:
150 		tls12_sz = sizeof(tls12_crypto_info_chacha20_poly1305);
151 		break;
152 	case TLS_CIPHER_AES_GCM_128:
153 		tls12_sz = sizeof(tls12_crypto_info_aes_gcm_128);
154 		break;
155 	default:
156 		tls12_sz = 0;
157 	}
158 
159 	addr.sin_family = AF_INET;
160 	addr.sin_addr.s_addr = htonl(INADDR_ANY);
161 	addr.sin_port = 0;
162 
163 	self->fd = socket(AF_INET, SOCK_STREAM, 0);
164 	sfd = socket(AF_INET, SOCK_STREAM, 0);
165 
166 	ret = bind(sfd, &addr, sizeof(addr));
167 	ASSERT_EQ(ret, 0);
168 	ret = listen(sfd, 10);
169 	ASSERT_EQ(ret, 0);
170 
171 	ret = getsockname(sfd, &addr, &len);
172 	ASSERT_EQ(ret, 0);
173 
174 	ret = connect(self->fd, &addr, sizeof(addr));
175 	ASSERT_EQ(ret, 0);
176 
177 	ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
178 	if (ret != 0) {
179 		self->notls = true;
180 		printf("Failure setting TCP_ULP, testing without tls\n");
181 	}
182 
183 	if (!self->notls) {
184 		ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
185 				 tls12_sz);
186 		ASSERT_EQ(ret, 0);
187 	}
188 
189 	self->cfd = accept(sfd, &addr, &len);
190 	ASSERT_GE(self->cfd, 0);
191 
192 	if (!self->notls) {
193 		ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
194 				 sizeof("tls"));
195 		ASSERT_EQ(ret, 0);
196 
197 		ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
198 				 tls12_sz);
199 		ASSERT_EQ(ret, 0);
200 	}
201 
202 	close(sfd);
203 }
204 
205 FIXTURE_TEARDOWN(tls)
206 {
207 	close(self->fd);
208 	close(self->cfd);
209 }
210 
211 TEST_F(tls, sendfile)
212 {
213 	int filefd = open("/proc/self/exe", O_RDONLY);
214 	struct stat st;
215 
216 	EXPECT_GE(filefd, 0);
217 	fstat(filefd, &st);
218 	EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
219 }
220 
221 TEST_F(tls, send_then_sendfile)
222 {
223 	int filefd = open("/proc/self/exe", O_RDONLY);
224 	char const *test_str = "test_send";
225 	int to_send = strlen(test_str) + 1;
226 	char recv_buf[10];
227 	struct stat st;
228 	char *buf;
229 
230 	EXPECT_GE(filefd, 0);
231 	fstat(filefd, &st);
232 	buf = (char *)malloc(st.st_size);
233 
234 	EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
235 	EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
236 	EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
237 
238 	EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
239 	EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
240 }
241 
242 static void chunked_sendfile(struct __test_metadata *_metadata,
243 			     struct _test_data_tls *self,
244 			     uint16_t chunk_size,
245 			     uint16_t extra_payload_size)
246 {
247 	char buf[TLS_PAYLOAD_MAX_LEN];
248 	uint16_t test_payload_size;
249 	int size = 0;
250 	int ret;
251 	char filename[] = "/tmp/mytemp.XXXXXX";
252 	int fd = mkstemp(filename);
253 	off_t offset = 0;
254 
255 	unlink(filename);
256 	ASSERT_GE(fd, 0);
257 	EXPECT_GE(chunk_size, 1);
258 	test_payload_size = chunk_size + extra_payload_size;
259 	ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size);
260 	memset(buf, 1, test_payload_size);
261 	size = write(fd, buf, test_payload_size);
262 	EXPECT_EQ(size, test_payload_size);
263 	fsync(fd);
264 
265 	while (size > 0) {
266 		ret = sendfile(self->fd, fd, &offset, chunk_size);
267 		EXPECT_GE(ret, 0);
268 		size -= ret;
269 	}
270 
271 	EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL),
272 		  test_payload_size);
273 
274 	close(fd);
275 }
276 
277 TEST_F(tls, multi_chunk_sendfile)
278 {
279 	chunked_sendfile(_metadata, self, 4096, 4096);
280 	chunked_sendfile(_metadata, self, 4096, 0);
281 	chunked_sendfile(_metadata, self, 4096, 1);
282 	chunked_sendfile(_metadata, self, 4096, 2048);
283 	chunked_sendfile(_metadata, self, 8192, 2048);
284 	chunked_sendfile(_metadata, self, 4096, 8192);
285 	chunked_sendfile(_metadata, self, 8192, 4096);
286 	chunked_sendfile(_metadata, self, 12288, 1024);
287 	chunked_sendfile(_metadata, self, 12288, 2000);
288 	chunked_sendfile(_metadata, self, 15360, 100);
289 	chunked_sendfile(_metadata, self, 15360, 300);
290 	chunked_sendfile(_metadata, self, 1, 4096);
291 	chunked_sendfile(_metadata, self, 2048, 4096);
292 	chunked_sendfile(_metadata, self, 2048, 8192);
293 	chunked_sendfile(_metadata, self, 4096, 8192);
294 	chunked_sendfile(_metadata, self, 1024, 12288);
295 	chunked_sendfile(_metadata, self, 2000, 12288);
296 	chunked_sendfile(_metadata, self, 100, 15360);
297 	chunked_sendfile(_metadata, self, 300, 15360);
298 }
299 
300 TEST_F(tls, recv_max)
301 {
302 	unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
303 	char recv_mem[TLS_PAYLOAD_MAX_LEN];
304 	char buf[TLS_PAYLOAD_MAX_LEN];
305 
306 	EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
307 	EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
308 	EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
309 }
310 
311 TEST_F(tls, recv_small)
312 {
313 	char const *test_str = "test_read";
314 	int send_len = 10;
315 	char buf[10];
316 
317 	send_len = strlen(test_str) + 1;
318 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
319 	EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
320 	EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
321 }
322 
323 TEST_F(tls, msg_more)
324 {
325 	char const *test_str = "test_read";
326 	int send_len = 10;
327 	char buf[10 * 2];
328 
329 	EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
330 	EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
331 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
332 	EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
333 		  send_len * 2);
334 	EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
335 }
336 
337 TEST_F(tls, msg_more_unsent)
338 {
339 	char const *test_str = "test_read";
340 	int send_len = 10;
341 	char buf[10];
342 
343 	EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
344 	EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
345 }
346 
347 TEST_F(tls, sendmsg_single)
348 {
349 	struct msghdr msg;
350 
351 	char const *test_str = "test_sendmsg";
352 	size_t send_len = 13;
353 	struct iovec vec;
354 	char buf[13];
355 
356 	vec.iov_base = (char *)test_str;
357 	vec.iov_len = send_len;
358 	memset(&msg, 0, sizeof(struct msghdr));
359 	msg.msg_iov = &vec;
360 	msg.msg_iovlen = 1;
361 	EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
362 	EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
363 	EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
364 }
365 
366 #define MAX_FRAGS	64
367 #define SEND_LEN	13
368 TEST_F(tls, sendmsg_fragmented)
369 {
370 	char const *test_str = "test_sendmsg";
371 	char buf[SEND_LEN * MAX_FRAGS];
372 	struct iovec vec[MAX_FRAGS];
373 	struct msghdr msg;
374 	int i, frags;
375 
376 	for (frags = 1; frags <= MAX_FRAGS; frags++) {
377 		for (i = 0; i < frags; i++) {
378 			vec[i].iov_base = (char *)test_str;
379 			vec[i].iov_len = SEND_LEN;
380 		}
381 
382 		memset(&msg, 0, sizeof(struct msghdr));
383 		msg.msg_iov = vec;
384 		msg.msg_iovlen = frags;
385 
386 		EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags);
387 		EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL),
388 			  SEND_LEN * frags);
389 
390 		for (i = 0; i < frags; i++)
391 			EXPECT_EQ(memcmp(buf + SEND_LEN * i,
392 					 test_str, SEND_LEN), 0);
393 	}
394 }
395 #undef MAX_FRAGS
396 #undef SEND_LEN
397 
398 TEST_F(tls, sendmsg_large)
399 {
400 	void *mem = malloc(16384);
401 	size_t send_len = 16384;
402 	size_t sends = 128;
403 	struct msghdr msg;
404 	size_t recvs = 0;
405 	size_t sent = 0;
406 
407 	memset(&msg, 0, sizeof(struct msghdr));
408 	while (sent++ < sends) {
409 		struct iovec vec = { (void *)mem, send_len };
410 
411 		msg.msg_iov = &vec;
412 		msg.msg_iovlen = 1;
413 		EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len);
414 	}
415 
416 	while (recvs++ < sends)
417 		EXPECT_NE(recv(self->fd, mem, send_len, 0), -1);
418 
419 	free(mem);
420 }
421 
422 TEST_F(tls, sendmsg_multiple)
423 {
424 	char const *test_str = "test_sendmsg_multiple";
425 	struct iovec vec[5];
426 	char *test_strs[5];
427 	struct msghdr msg;
428 	int total_len = 0;
429 	int len_cmp = 0;
430 	int iov_len = 5;
431 	char *buf;
432 	int i;
433 
434 	memset(&msg, 0, sizeof(struct msghdr));
435 	for (i = 0; i < iov_len; i++) {
436 		test_strs[i] = (char *)malloc(strlen(test_str) + 1);
437 		snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
438 		vec[i].iov_base = (void *)test_strs[i];
439 		vec[i].iov_len = strlen(test_strs[i]) + 1;
440 		total_len += vec[i].iov_len;
441 	}
442 	msg.msg_iov = vec;
443 	msg.msg_iovlen = iov_len;
444 
445 	EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len);
446 	buf = malloc(total_len);
447 	EXPECT_NE(recv(self->fd, buf, total_len, 0), -1);
448 	for (i = 0; i < iov_len; i++) {
449 		EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
450 				 strlen(test_strs[i])),
451 			  0);
452 		len_cmp += strlen(buf + len_cmp) + 1;
453 	}
454 	for (i = 0; i < iov_len; i++)
455 		free(test_strs[i]);
456 	free(buf);
457 }
458 
459 TEST_F(tls, sendmsg_multiple_stress)
460 {
461 	char const *test_str = "abcdefghijklmno";
462 	struct iovec vec[1024];
463 	char *test_strs[1024];
464 	int iov_len = 1024;
465 	int total_len = 0;
466 	char buf[1 << 14];
467 	struct msghdr msg;
468 	int len_cmp = 0;
469 	int i;
470 
471 	memset(&msg, 0, sizeof(struct msghdr));
472 	for (i = 0; i < iov_len; i++) {
473 		test_strs[i] = (char *)malloc(strlen(test_str) + 1);
474 		snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
475 		vec[i].iov_base = (void *)test_strs[i];
476 		vec[i].iov_len = strlen(test_strs[i]) + 1;
477 		total_len += vec[i].iov_len;
478 	}
479 	msg.msg_iov = vec;
480 	msg.msg_iovlen = iov_len;
481 
482 	EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
483 	EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
484 
485 	for (i = 0; i < iov_len; i++)
486 		len_cmp += strlen(buf + len_cmp) + 1;
487 
488 	for (i = 0; i < iov_len; i++)
489 		free(test_strs[i]);
490 }
491 
492 TEST_F(tls, splice_from_pipe)
493 {
494 	int send_len = TLS_PAYLOAD_MAX_LEN;
495 	char mem_send[TLS_PAYLOAD_MAX_LEN];
496 	char mem_recv[TLS_PAYLOAD_MAX_LEN];
497 	int p[2];
498 
499 	ASSERT_GE(pipe(p), 0);
500 	EXPECT_GE(write(p[1], mem_send, send_len), 0);
501 	EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
502 	EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
503 	EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
504 }
505 
506 TEST_F(tls, splice_from_pipe2)
507 {
508 	int send_len = 16000;
509 	char mem_send[16000];
510 	char mem_recv[16000];
511 	int p2[2];
512 	int p[2];
513 
514 	ASSERT_GE(pipe(p), 0);
515 	ASSERT_GE(pipe(p2), 0);
516 	EXPECT_GE(write(p[1], mem_send, 8000), 0);
517 	EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
518 	EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
519 	EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
520 	EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
521 	EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
522 }
523 
524 TEST_F(tls, send_and_splice)
525 {
526 	int send_len = TLS_PAYLOAD_MAX_LEN;
527 	char mem_send[TLS_PAYLOAD_MAX_LEN];
528 	char mem_recv[TLS_PAYLOAD_MAX_LEN];
529 	char const *test_str = "test_read";
530 	int send_len2 = 10;
531 	char buf[10];
532 	int p[2];
533 
534 	ASSERT_GE(pipe(p), 0);
535 	EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
536 	EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
537 	EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
538 
539 	EXPECT_GE(write(p[1], mem_send, send_len), send_len);
540 	EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
541 
542 	EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
543 	EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
544 }
545 
546 TEST_F(tls, splice_to_pipe)
547 {
548 	int send_len = TLS_PAYLOAD_MAX_LEN;
549 	char mem_send[TLS_PAYLOAD_MAX_LEN];
550 	char mem_recv[TLS_PAYLOAD_MAX_LEN];
551 	int p[2];
552 
553 	ASSERT_GE(pipe(p), 0);
554 	EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
555 	EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
556 	EXPECT_GE(read(p[0], mem_recv, send_len), 0);
557 	EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
558 }
559 
560 TEST_F(tls, recvmsg_single)
561 {
562 	char const *test_str = "test_recvmsg_single";
563 	int send_len = strlen(test_str) + 1;
564 	char buf[20];
565 	struct msghdr hdr;
566 	struct iovec vec;
567 
568 	memset(&hdr, 0, sizeof(hdr));
569 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
570 	vec.iov_base = (char *)buf;
571 	vec.iov_len = send_len;
572 	hdr.msg_iovlen = 1;
573 	hdr.msg_iov = &vec;
574 	EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
575 	EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
576 }
577 
578 TEST_F(tls, recvmsg_single_max)
579 {
580 	int send_len = TLS_PAYLOAD_MAX_LEN;
581 	char send_mem[TLS_PAYLOAD_MAX_LEN];
582 	char recv_mem[TLS_PAYLOAD_MAX_LEN];
583 	struct iovec vec;
584 	struct msghdr hdr;
585 
586 	EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
587 	vec.iov_base = (char *)recv_mem;
588 	vec.iov_len = TLS_PAYLOAD_MAX_LEN;
589 
590 	hdr.msg_iovlen = 1;
591 	hdr.msg_iov = &vec;
592 	EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
593 	EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
594 }
595 
596 TEST_F(tls, recvmsg_multiple)
597 {
598 	unsigned int msg_iovlen = 1024;
599 	unsigned int len_compared = 0;
600 	struct iovec vec[1024];
601 	char *iov_base[1024];
602 	unsigned int iov_len = 16;
603 	int send_len = 1 << 14;
604 	char buf[1 << 14];
605 	struct msghdr hdr;
606 	int i;
607 
608 	EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
609 	for (i = 0; i < msg_iovlen; i++) {
610 		iov_base[i] = (char *)malloc(iov_len);
611 		vec[i].iov_base = iov_base[i];
612 		vec[i].iov_len = iov_len;
613 	}
614 
615 	hdr.msg_iovlen = msg_iovlen;
616 	hdr.msg_iov = vec;
617 	EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
618 	for (i = 0; i < msg_iovlen; i++)
619 		len_compared += iov_len;
620 
621 	for (i = 0; i < msg_iovlen; i++)
622 		free(iov_base[i]);
623 }
624 
625 TEST_F(tls, single_send_multiple_recv)
626 {
627 	unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
628 	unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
629 	char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
630 	char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
631 
632 	EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
633 	memset(recv_mem, 0, total_len);
634 
635 	EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
636 	EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
637 	EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
638 }
639 
640 TEST_F(tls, multiple_send_single_recv)
641 {
642 	unsigned int total_len = 2 * 10;
643 	unsigned int send_len = 10;
644 	char recv_mem[2 * 10];
645 	char send_mem[10];
646 
647 	EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
648 	EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
649 	memset(recv_mem, 0, total_len);
650 	EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
651 
652 	EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
653 	EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
654 }
655 
656 TEST_F(tls, single_send_multiple_recv_non_align)
657 {
658 	const unsigned int total_len = 15;
659 	const unsigned int recv_len = 10;
660 	char recv_mem[recv_len * 2];
661 	char send_mem[total_len];
662 
663 	EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
664 	memset(recv_mem, 0, total_len);
665 
666 	EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
667 	EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
668 	EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
669 }
670 
671 TEST_F(tls, recv_partial)
672 {
673 	char const *test_str = "test_read_partial";
674 	char const *test_str_first = "test_read";
675 	char const *test_str_second = "_partial";
676 	int send_len = strlen(test_str) + 1;
677 	char recv_mem[18];
678 
679 	memset(recv_mem, 0, sizeof(recv_mem));
680 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
681 	EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
682 		       MSG_WAITALL), -1);
683 	EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
684 	memset(recv_mem, 0, sizeof(recv_mem));
685 	EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
686 		       MSG_WAITALL), -1);
687 	EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
688 		  0);
689 }
690 
691 TEST_F(tls, recv_nonblock)
692 {
693 	char buf[4096];
694 	bool err;
695 
696 	EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
697 	err = (errno == EAGAIN || errno == EWOULDBLOCK);
698 	EXPECT_EQ(err, true);
699 }
700 
701 TEST_F(tls, recv_peek)
702 {
703 	char const *test_str = "test_read_peek";
704 	int send_len = strlen(test_str) + 1;
705 	char buf[15];
706 
707 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
708 	EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
709 	EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
710 	memset(buf, 0, sizeof(buf));
711 	EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
712 	EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
713 }
714 
715 TEST_F(tls, recv_peek_multiple)
716 {
717 	char const *test_str = "test_read_peek";
718 	int send_len = strlen(test_str) + 1;
719 	unsigned int num_peeks = 100;
720 	char buf[15];
721 	int i;
722 
723 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
724 	for (i = 0; i < num_peeks; i++) {
725 		EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
726 		EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
727 		memset(buf, 0, sizeof(buf));
728 	}
729 	EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
730 	EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
731 }
732 
733 TEST_F(tls, recv_peek_multiple_records)
734 {
735 	char const *test_str = "test_read_peek_mult_recs";
736 	char const *test_str_first = "test_read_peek";
737 	char const *test_str_second = "_mult_recs";
738 	int len;
739 	char buf[64];
740 
741 	len = strlen(test_str_first);
742 	EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
743 
744 	len = strlen(test_str_second) + 1;
745 	EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
746 
747 	len = strlen(test_str_first);
748 	memset(buf, 0, len);
749 	EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
750 
751 	/* MSG_PEEK can only peek into the current record. */
752 	len = strlen(test_str_first);
753 	EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
754 
755 	len = strlen(test_str) + 1;
756 	memset(buf, 0, len);
757 	EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
758 
759 	/* Non-MSG_PEEK will advance strparser (and therefore record)
760 	 * however.
761 	 */
762 	len = strlen(test_str) + 1;
763 	EXPECT_EQ(memcmp(test_str, buf, len), 0);
764 
765 	/* MSG_MORE will hold current record open, so later MSG_PEEK
766 	 * will see everything.
767 	 */
768 	len = strlen(test_str_first);
769 	EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
770 
771 	len = strlen(test_str_second) + 1;
772 	EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
773 
774 	len = strlen(test_str) + 1;
775 	memset(buf, 0, len);
776 	EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
777 
778 	len = strlen(test_str) + 1;
779 	EXPECT_EQ(memcmp(test_str, buf, len), 0);
780 }
781 
782 TEST_F(tls, recv_peek_large_buf_mult_recs)
783 {
784 	char const *test_str = "test_read_peek_mult_recs";
785 	char const *test_str_first = "test_read_peek";
786 	char const *test_str_second = "_mult_recs";
787 	int len;
788 	char buf[64];
789 
790 	len = strlen(test_str_first);
791 	EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
792 
793 	len = strlen(test_str_second) + 1;
794 	EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
795 
796 	len = strlen(test_str) + 1;
797 	memset(buf, 0, len);
798 	EXPECT_NE((len = recv(self->cfd, buf, len,
799 			      MSG_PEEK | MSG_WAITALL)), -1);
800 	len = strlen(test_str) + 1;
801 	EXPECT_EQ(memcmp(test_str, buf, len), 0);
802 }
803 
804 TEST_F(tls, recv_lowat)
805 {
806 	char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
807 	char recv_mem[20];
808 	int lowat = 8;
809 
810 	EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
811 	EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
812 
813 	memset(recv_mem, 0, 20);
814 	EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
815 			     &lowat, sizeof(lowat)), 0);
816 	EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
817 	EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
818 	EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
819 
820 	EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
821 	EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
822 }
823 
824 TEST_F(tls, bidir)
825 {
826 	char const *test_str = "test_read";
827 	int send_len = 10;
828 	char buf[10];
829 	int ret;
830 
831 	if (!self->notls) {
832 		struct tls12_crypto_info_aes_gcm_128 tls12;
833 
834 		memset(&tls12, 0, sizeof(tls12));
835 		tls12.info.version = variant->tls_version;
836 		tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
837 
838 		ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
839 				 sizeof(tls12));
840 		ASSERT_EQ(ret, 0);
841 
842 		ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
843 				 sizeof(tls12));
844 		ASSERT_EQ(ret, 0);
845 	}
846 
847 	ASSERT_EQ(strlen(test_str) + 1, send_len);
848 
849 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
850 	EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
851 	EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
852 
853 	memset(buf, 0, sizeof(buf));
854 
855 	EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
856 	EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
857 	EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
858 };
859 
860 TEST_F(tls, pollin)
861 {
862 	char const *test_str = "test_poll";
863 	struct pollfd fd = { 0, 0, 0 };
864 	char buf[10];
865 	int send_len = 10;
866 
867 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
868 	fd.fd = self->cfd;
869 	fd.events = POLLIN;
870 
871 	EXPECT_EQ(poll(&fd, 1, 20), 1);
872 	EXPECT_EQ(fd.revents & POLLIN, 1);
873 	EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
874 	/* Test timing out */
875 	EXPECT_EQ(poll(&fd, 1, 20), 0);
876 }
877 
878 TEST_F(tls, poll_wait)
879 {
880 	char const *test_str = "test_poll_wait";
881 	int send_len = strlen(test_str) + 1;
882 	struct pollfd fd = { 0, 0, 0 };
883 	char recv_mem[15];
884 
885 	fd.fd = self->cfd;
886 	fd.events = POLLIN;
887 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
888 	/* Set timeout to inf. secs */
889 	EXPECT_EQ(poll(&fd, 1, -1), 1);
890 	EXPECT_EQ(fd.revents & POLLIN, 1);
891 	EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
892 }
893 
894 TEST_F(tls, poll_wait_split)
895 {
896 	struct pollfd fd = { 0, 0, 0 };
897 	char send_mem[20] = {};
898 	char recv_mem[15];
899 
900 	fd.fd = self->cfd;
901 	fd.events = POLLIN;
902 	/* Send 20 bytes */
903 	EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
904 		  sizeof(send_mem));
905 	/* Poll with inf. timeout */
906 	EXPECT_EQ(poll(&fd, 1, -1), 1);
907 	EXPECT_EQ(fd.revents & POLLIN, 1);
908 	EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
909 		  sizeof(recv_mem));
910 
911 	/* Now the remaining 5 bytes of record data are in TLS ULP */
912 	fd.fd = self->cfd;
913 	fd.events = POLLIN;
914 	EXPECT_EQ(poll(&fd, 1, -1), 1);
915 	EXPECT_EQ(fd.revents & POLLIN, 1);
916 	EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
917 		  sizeof(send_mem) - sizeof(recv_mem));
918 }
919 
920 TEST_F(tls, blocking)
921 {
922 	size_t data = 100000;
923 	int res = fork();
924 
925 	EXPECT_NE(res, -1);
926 
927 	if (res) {
928 		/* parent */
929 		size_t left = data;
930 		char buf[16384];
931 		int status;
932 		int pid2;
933 
934 		while (left) {
935 			int res = send(self->fd, buf,
936 				       left > 16384 ? 16384 : left, 0);
937 
938 			EXPECT_GE(res, 0);
939 			left -= res;
940 		}
941 
942 		pid2 = wait(&status);
943 		EXPECT_EQ(status, 0);
944 		EXPECT_EQ(res, pid2);
945 	} else {
946 		/* child */
947 		size_t left = data;
948 		char buf[16384];
949 
950 		while (left) {
951 			int res = recv(self->cfd, buf,
952 				       left > 16384 ? 16384 : left, 0);
953 
954 			EXPECT_GE(res, 0);
955 			left -= res;
956 		}
957 	}
958 }
959 
960 TEST_F(tls, nonblocking)
961 {
962 	size_t data = 100000;
963 	int sendbuf = 100;
964 	int flags;
965 	int res;
966 
967 	flags = fcntl(self->fd, F_GETFL, 0);
968 	fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
969 	fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
970 
971 	/* Ensure nonblocking behavior by imposing a small send
972 	 * buffer.
973 	 */
974 	EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
975 			     &sendbuf, sizeof(sendbuf)), 0);
976 
977 	res = fork();
978 	EXPECT_NE(res, -1);
979 
980 	if (res) {
981 		/* parent */
982 		bool eagain = false;
983 		size_t left = data;
984 		char buf[16384];
985 		int status;
986 		int pid2;
987 
988 		while (left) {
989 			int res = send(self->fd, buf,
990 				       left > 16384 ? 16384 : left, 0);
991 
992 			if (res == -1 && errno == EAGAIN) {
993 				eagain = true;
994 				usleep(10000);
995 				continue;
996 			}
997 			EXPECT_GE(res, 0);
998 			left -= res;
999 		}
1000 
1001 		EXPECT_TRUE(eagain);
1002 		pid2 = wait(&status);
1003 
1004 		EXPECT_EQ(status, 0);
1005 		EXPECT_EQ(res, pid2);
1006 	} else {
1007 		/* child */
1008 		bool eagain = false;
1009 		size_t left = data;
1010 		char buf[16384];
1011 
1012 		while (left) {
1013 			int res = recv(self->cfd, buf,
1014 				       left > 16384 ? 16384 : left, 0);
1015 
1016 			if (res == -1 && errno == EAGAIN) {
1017 				eagain = true;
1018 				usleep(10000);
1019 				continue;
1020 			}
1021 			EXPECT_GE(res, 0);
1022 			left -= res;
1023 		}
1024 		EXPECT_TRUE(eagain);
1025 	}
1026 }
1027 
1028 static void
1029 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self,
1030 	       bool sendpg, unsigned int n_readers, unsigned int n_writers)
1031 {
1032 	const unsigned int n_children = n_readers + n_writers;
1033 	const size_t data = 6 * 1000 * 1000;
1034 	const size_t file_sz = data / 100;
1035 	size_t read_bias, write_bias;
1036 	int i, fd, child_id;
1037 	char buf[file_sz];
1038 	pid_t pid;
1039 
1040 	/* Only allow multiples for simplicity */
1041 	ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true);
1042 	read_bias = n_writers / n_readers ?: 1;
1043 	write_bias = n_readers / n_writers ?: 1;
1044 
1045 	/* prep a file to send */
1046 	fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600);
1047 	ASSERT_GE(fd, 0);
1048 
1049 	memset(buf, 0xac, file_sz);
1050 	ASSERT_EQ(write(fd, buf, file_sz), file_sz);
1051 
1052 	/* spawn children */
1053 	for (child_id = 0; child_id < n_children; child_id++) {
1054 		pid = fork();
1055 		ASSERT_NE(pid, -1);
1056 		if (!pid)
1057 			break;
1058 	}
1059 
1060 	/* parent waits for all children */
1061 	if (pid) {
1062 		for (i = 0; i < n_children; i++) {
1063 			int status;
1064 
1065 			wait(&status);
1066 			EXPECT_EQ(status, 0);
1067 		}
1068 
1069 		return;
1070 	}
1071 
1072 	/* Split threads for reading and writing */
1073 	if (child_id < n_readers) {
1074 		size_t left = data * read_bias;
1075 		char rb[8001];
1076 
1077 		while (left) {
1078 			int res;
1079 
1080 			res = recv(self->cfd, rb,
1081 				   left > sizeof(rb) ? sizeof(rb) : left, 0);
1082 
1083 			EXPECT_GE(res, 0);
1084 			left -= res;
1085 		}
1086 	} else {
1087 		size_t left = data * write_bias;
1088 
1089 		while (left) {
1090 			int res;
1091 
1092 			ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0);
1093 			if (sendpg)
1094 				res = sendfile(self->fd, fd, NULL,
1095 					       left > file_sz ? file_sz : left);
1096 			else
1097 				res = send(self->fd, buf,
1098 					   left > file_sz ? file_sz : left, 0);
1099 
1100 			EXPECT_GE(res, 0);
1101 			left -= res;
1102 		}
1103 	}
1104 }
1105 
1106 TEST_F(tls, mutliproc_even)
1107 {
1108 	test_mutliproc(_metadata, self, false, 6, 6);
1109 }
1110 
1111 TEST_F(tls, mutliproc_readers)
1112 {
1113 	test_mutliproc(_metadata, self, false, 4, 12);
1114 }
1115 
1116 TEST_F(tls, mutliproc_writers)
1117 {
1118 	test_mutliproc(_metadata, self, false, 10, 2);
1119 }
1120 
1121 TEST_F(tls, mutliproc_sendpage_even)
1122 {
1123 	test_mutliproc(_metadata, self, true, 6, 6);
1124 }
1125 
1126 TEST_F(tls, mutliproc_sendpage_readers)
1127 {
1128 	test_mutliproc(_metadata, self, true, 4, 12);
1129 }
1130 
1131 TEST_F(tls, mutliproc_sendpage_writers)
1132 {
1133 	test_mutliproc(_metadata, self, true, 10, 2);
1134 }
1135 
1136 TEST_F(tls, control_msg)
1137 {
1138 	if (self->notls)
1139 		return;
1140 
1141 	char cbuf[CMSG_SPACE(sizeof(char))];
1142 	char const *test_str = "test_read";
1143 	int cmsg_len = sizeof(char);
1144 	char record_type = 100;
1145 	struct cmsghdr *cmsg;
1146 	struct msghdr msg;
1147 	int send_len = 10;
1148 	struct iovec vec;
1149 	char buf[10];
1150 
1151 	vec.iov_base = (char *)test_str;
1152 	vec.iov_len = 10;
1153 	memset(&msg, 0, sizeof(struct msghdr));
1154 	msg.msg_iov = &vec;
1155 	msg.msg_iovlen = 1;
1156 	msg.msg_control = cbuf;
1157 	msg.msg_controllen = sizeof(cbuf);
1158 	cmsg = CMSG_FIRSTHDR(&msg);
1159 	cmsg->cmsg_level = SOL_TLS;
1160 	/* test sending non-record types. */
1161 	cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
1162 	cmsg->cmsg_len = CMSG_LEN(cmsg_len);
1163 	*CMSG_DATA(cmsg) = record_type;
1164 	msg.msg_controllen = cmsg->cmsg_len;
1165 
1166 	EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
1167 	/* Should fail because we didn't provide a control message */
1168 	EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
1169 
1170 	vec.iov_base = buf;
1171 	EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
1172 
1173 	cmsg = CMSG_FIRSTHDR(&msg);
1174 	EXPECT_NE(cmsg, NULL);
1175 	EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1176 	EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1177 	record_type = *((unsigned char *)CMSG_DATA(cmsg));
1178 	EXPECT_EQ(record_type, 100);
1179 	EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1180 
1181 	/* Recv the message again without MSG_PEEK */
1182 	record_type = 0;
1183 	memset(buf, 0, sizeof(buf));
1184 
1185 	EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
1186 	cmsg = CMSG_FIRSTHDR(&msg);
1187 	EXPECT_NE(cmsg, NULL);
1188 	EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1189 	EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1190 	record_type = *((unsigned char *)CMSG_DATA(cmsg));
1191 	EXPECT_EQ(record_type, 100);
1192 	EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1193 }
1194 
1195 TEST_F(tls, shutdown)
1196 {
1197 	char const *test_str = "test_read";
1198 	int send_len = 10;
1199 	char buf[10];
1200 
1201 	ASSERT_EQ(strlen(test_str) + 1, send_len);
1202 
1203 	EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1204 	EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1205 	EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1206 
1207 	shutdown(self->fd, SHUT_RDWR);
1208 	shutdown(self->cfd, SHUT_RDWR);
1209 }
1210 
1211 TEST_F(tls, shutdown_unsent)
1212 {
1213 	char const *test_str = "test_read";
1214 	int send_len = 10;
1215 
1216 	EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
1217 
1218 	shutdown(self->fd, SHUT_RDWR);
1219 	shutdown(self->cfd, SHUT_RDWR);
1220 }
1221 
1222 TEST_F(tls, shutdown_reuse)
1223 {
1224 	struct sockaddr_in addr;
1225 	int ret;
1226 
1227 	shutdown(self->fd, SHUT_RDWR);
1228 	shutdown(self->cfd, SHUT_RDWR);
1229 	close(self->cfd);
1230 
1231 	addr.sin_family = AF_INET;
1232 	addr.sin_addr.s_addr = htonl(INADDR_ANY);
1233 	addr.sin_port = 0;
1234 
1235 	ret = bind(self->fd, &addr, sizeof(addr));
1236 	EXPECT_EQ(ret, 0);
1237 	ret = listen(self->fd, 10);
1238 	EXPECT_EQ(ret, -1);
1239 	EXPECT_EQ(errno, EINVAL);
1240 
1241 	ret = connect(self->fd, &addr, sizeof(addr));
1242 	EXPECT_EQ(ret, -1);
1243 	EXPECT_EQ(errno, EISCONN);
1244 }
1245 
1246 TEST(non_established) {
1247 	struct tls12_crypto_info_aes_gcm_256 tls12;
1248 	struct sockaddr_in addr;
1249 	int sfd, ret, fd;
1250 	socklen_t len;
1251 
1252 	len = sizeof(addr);
1253 
1254 	memset(&tls12, 0, sizeof(tls12));
1255 	tls12.info.version = TLS_1_2_VERSION;
1256 	tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1257 
1258 	addr.sin_family = AF_INET;
1259 	addr.sin_addr.s_addr = htonl(INADDR_ANY);
1260 	addr.sin_port = 0;
1261 
1262 	fd = socket(AF_INET, SOCK_STREAM, 0);
1263 	sfd = socket(AF_INET, SOCK_STREAM, 0);
1264 
1265 	ret = bind(sfd, &addr, sizeof(addr));
1266 	ASSERT_EQ(ret, 0);
1267 	ret = listen(sfd, 10);
1268 	ASSERT_EQ(ret, 0);
1269 
1270 	ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1271 	EXPECT_EQ(ret, -1);
1272 	/* TLS ULP not supported */
1273 	if (errno == ENOENT)
1274 		return;
1275 	EXPECT_EQ(errno, ENOTCONN);
1276 
1277 	ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1278 	EXPECT_EQ(ret, -1);
1279 	EXPECT_EQ(errno, ENOTCONN);
1280 
1281 	ret = getsockname(sfd, &addr, &len);
1282 	ASSERT_EQ(ret, 0);
1283 
1284 	ret = connect(fd, &addr, sizeof(addr));
1285 	ASSERT_EQ(ret, 0);
1286 
1287 	ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1288 	ASSERT_EQ(ret, 0);
1289 
1290 	ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1291 	EXPECT_EQ(ret, -1);
1292 	EXPECT_EQ(errno, EEXIST);
1293 
1294 	close(fd);
1295 	close(sfd);
1296 }
1297 
1298 TEST(keysizes) {
1299 	struct tls12_crypto_info_aes_gcm_256 tls12;
1300 	struct sockaddr_in addr;
1301 	int sfd, ret, fd, cfd;
1302 	socklen_t len;
1303 	bool notls;
1304 
1305 	notls = false;
1306 	len = sizeof(addr);
1307 
1308 	memset(&tls12, 0, sizeof(tls12));
1309 	tls12.info.version = TLS_1_2_VERSION;
1310 	tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1311 
1312 	addr.sin_family = AF_INET;
1313 	addr.sin_addr.s_addr = htonl(INADDR_ANY);
1314 	addr.sin_port = 0;
1315 
1316 	fd = socket(AF_INET, SOCK_STREAM, 0);
1317 	sfd = socket(AF_INET, SOCK_STREAM, 0);
1318 
1319 	ret = bind(sfd, &addr, sizeof(addr));
1320 	ASSERT_EQ(ret, 0);
1321 	ret = listen(sfd, 10);
1322 	ASSERT_EQ(ret, 0);
1323 
1324 	ret = getsockname(sfd, &addr, &len);
1325 	ASSERT_EQ(ret, 0);
1326 
1327 	ret = connect(fd, &addr, sizeof(addr));
1328 	ASSERT_EQ(ret, 0);
1329 
1330 	ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1331 	if (ret != 0) {
1332 		notls = true;
1333 		printf("Failure setting TCP_ULP, testing without tls\n");
1334 	}
1335 
1336 	if (!notls) {
1337 		ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1338 				 sizeof(tls12));
1339 		EXPECT_EQ(ret, 0);
1340 	}
1341 
1342 	cfd = accept(sfd, &addr, &len);
1343 	ASSERT_GE(cfd, 0);
1344 
1345 	if (!notls) {
1346 		ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1347 				 sizeof("tls"));
1348 		EXPECT_EQ(ret, 0);
1349 
1350 		ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1351 				 sizeof(tls12));
1352 		EXPECT_EQ(ret, 0);
1353 	}
1354 
1355 	close(sfd);
1356 	close(fd);
1357 	close(cfd);
1358 }
1359 
1360 TEST_HARNESS_MAIN
1361