1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 FIXTURE(tls) 29 { 30 int fd, cfd; 31 bool notls; 32 }; 33 34 FIXTURE_SETUP(tls) 35 { 36 struct tls12_crypto_info_aes_gcm_128 tls12; 37 struct sockaddr_in addr; 38 socklen_t len; 39 int sfd, ret; 40 41 self->notls = false; 42 len = sizeof(addr); 43 44 memset(&tls12, 0, sizeof(tls12)); 45 tls12.info.version = TLS_1_3_VERSION; 46 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 47 48 addr.sin_family = AF_INET; 49 addr.sin_addr.s_addr = htonl(INADDR_ANY); 50 addr.sin_port = 0; 51 52 self->fd = socket(AF_INET, SOCK_STREAM, 0); 53 sfd = socket(AF_INET, SOCK_STREAM, 0); 54 55 ret = bind(sfd, &addr, sizeof(addr)); 56 ASSERT_EQ(ret, 0); 57 ret = listen(sfd, 10); 58 ASSERT_EQ(ret, 0); 59 60 ret = getsockname(sfd, &addr, &len); 61 ASSERT_EQ(ret, 0); 62 63 ret = connect(self->fd, &addr, sizeof(addr)); 64 ASSERT_EQ(ret, 0); 65 66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 67 if (ret != 0) { 68 self->notls = true; 69 printf("Failure setting TCP_ULP, testing without tls\n"); 70 } 71 72 if (!self->notls) { 73 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 74 sizeof(tls12)); 75 ASSERT_EQ(ret, 0); 76 } 77 78 self->cfd = accept(sfd, &addr, &len); 79 ASSERT_GE(self->cfd, 0); 80 81 if (!self->notls) { 82 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 83 sizeof("tls")); 84 ASSERT_EQ(ret, 0); 85 86 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 87 sizeof(tls12)); 88 ASSERT_EQ(ret, 0); 89 } 90 91 close(sfd); 92 } 93 94 FIXTURE_TEARDOWN(tls) 95 { 96 close(self->fd); 97 close(self->cfd); 98 } 99 100 TEST_F(tls, sendfile) 101 { 102 int filefd = open("/proc/self/exe", O_RDONLY); 103 struct stat st; 104 105 EXPECT_GE(filefd, 0); 106 fstat(filefd, &st); 107 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 108 } 109 110 TEST_F(tls, send_then_sendfile) 111 { 112 int filefd = open("/proc/self/exe", O_RDONLY); 113 char const *test_str = "test_send"; 114 int to_send = strlen(test_str) + 1; 115 char recv_buf[10]; 116 struct stat st; 117 char *buf; 118 119 EXPECT_GE(filefd, 0); 120 fstat(filefd, &st); 121 buf = (char *)malloc(st.st_size); 122 123 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 124 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 125 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 126 127 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 128 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 129 } 130 131 TEST_F(tls, recv_max) 132 { 133 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 134 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 135 char buf[TLS_PAYLOAD_MAX_LEN]; 136 137 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 138 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 139 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 140 } 141 142 TEST_F(tls, recv_small) 143 { 144 char const *test_str = "test_read"; 145 int send_len = 10; 146 char buf[10]; 147 148 send_len = strlen(test_str) + 1; 149 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 150 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 151 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 152 } 153 154 TEST_F(tls, msg_more) 155 { 156 char const *test_str = "test_read"; 157 int send_len = 10; 158 char buf[10 * 2]; 159 160 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 161 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 162 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 163 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 164 send_len * 2); 165 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 166 } 167 168 TEST_F(tls, sendmsg_single) 169 { 170 struct msghdr msg; 171 172 char const *test_str = "test_sendmsg"; 173 size_t send_len = 13; 174 struct iovec vec; 175 char buf[13]; 176 177 vec.iov_base = (char *)test_str; 178 vec.iov_len = send_len; 179 memset(&msg, 0, sizeof(struct msghdr)); 180 msg.msg_iov = &vec; 181 msg.msg_iovlen = 1; 182 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 183 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 184 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 185 } 186 187 TEST_F(tls, sendmsg_large) 188 { 189 void *mem = malloc(16384); 190 size_t send_len = 16384; 191 size_t sends = 128; 192 struct msghdr msg; 193 size_t recvs = 0; 194 size_t sent = 0; 195 196 memset(&msg, 0, sizeof(struct msghdr)); 197 while (sent++ < sends) { 198 struct iovec vec = { (void *)mem, send_len }; 199 200 msg.msg_iov = &vec; 201 msg.msg_iovlen = 1; 202 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 203 } 204 205 while (recvs++ < sends) 206 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 207 208 free(mem); 209 } 210 211 TEST_F(tls, sendmsg_multiple) 212 { 213 char const *test_str = "test_sendmsg_multiple"; 214 struct iovec vec[5]; 215 char *test_strs[5]; 216 struct msghdr msg; 217 int total_len = 0; 218 int len_cmp = 0; 219 int iov_len = 5; 220 char *buf; 221 int i; 222 223 memset(&msg, 0, sizeof(struct msghdr)); 224 for (i = 0; i < iov_len; i++) { 225 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 226 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 227 vec[i].iov_base = (void *)test_strs[i]; 228 vec[i].iov_len = strlen(test_strs[i]) + 1; 229 total_len += vec[i].iov_len; 230 } 231 msg.msg_iov = vec; 232 msg.msg_iovlen = iov_len; 233 234 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 235 buf = malloc(total_len); 236 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 237 for (i = 0; i < iov_len; i++) { 238 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 239 strlen(test_strs[i])), 240 0); 241 len_cmp += strlen(buf + len_cmp) + 1; 242 } 243 for (i = 0; i < iov_len; i++) 244 free(test_strs[i]); 245 free(buf); 246 } 247 248 TEST_F(tls, sendmsg_multiple_stress) 249 { 250 char const *test_str = "abcdefghijklmno"; 251 struct iovec vec[1024]; 252 char *test_strs[1024]; 253 int iov_len = 1024; 254 int total_len = 0; 255 char buf[1 << 14]; 256 struct msghdr msg; 257 int len_cmp = 0; 258 int i; 259 260 memset(&msg, 0, sizeof(struct msghdr)); 261 for (i = 0; i < iov_len; i++) { 262 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 263 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 264 vec[i].iov_base = (void *)test_strs[i]; 265 vec[i].iov_len = strlen(test_strs[i]) + 1; 266 total_len += vec[i].iov_len; 267 } 268 msg.msg_iov = vec; 269 msg.msg_iovlen = iov_len; 270 271 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 272 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 273 274 for (i = 0; i < iov_len; i++) 275 len_cmp += strlen(buf + len_cmp) + 1; 276 277 for (i = 0; i < iov_len; i++) 278 free(test_strs[i]); 279 } 280 281 TEST_F(tls, splice_from_pipe) 282 { 283 int send_len = TLS_PAYLOAD_MAX_LEN; 284 char mem_send[TLS_PAYLOAD_MAX_LEN]; 285 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 286 int p[2]; 287 288 ASSERT_GE(pipe(p), 0); 289 EXPECT_GE(write(p[1], mem_send, send_len), 0); 290 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 291 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 292 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 293 } 294 295 TEST_F(tls, splice_from_pipe2) 296 { 297 int send_len = 16000; 298 char mem_send[16000]; 299 char mem_recv[16000]; 300 int p2[2]; 301 int p[2]; 302 303 ASSERT_GE(pipe(p), 0); 304 ASSERT_GE(pipe(p2), 0); 305 EXPECT_GE(write(p[1], mem_send, 8000), 0); 306 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 307 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 308 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 309 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 310 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 311 } 312 313 TEST_F(tls, send_and_splice) 314 { 315 int send_len = TLS_PAYLOAD_MAX_LEN; 316 char mem_send[TLS_PAYLOAD_MAX_LEN]; 317 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 318 char const *test_str = "test_read"; 319 int send_len2 = 10; 320 char buf[10]; 321 int p[2]; 322 323 ASSERT_GE(pipe(p), 0); 324 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 325 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 326 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 327 328 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 329 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 330 331 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 332 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 333 } 334 335 TEST_F(tls, splice_to_pipe) 336 { 337 int send_len = TLS_PAYLOAD_MAX_LEN; 338 char mem_send[TLS_PAYLOAD_MAX_LEN]; 339 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 340 int p[2]; 341 342 ASSERT_GE(pipe(p), 0); 343 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 344 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 345 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 346 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 347 } 348 349 TEST_F(tls, recvmsg_single) 350 { 351 char const *test_str = "test_recvmsg_single"; 352 int send_len = strlen(test_str) + 1; 353 char buf[20]; 354 struct msghdr hdr; 355 struct iovec vec; 356 357 memset(&hdr, 0, sizeof(hdr)); 358 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 359 vec.iov_base = (char *)buf; 360 vec.iov_len = send_len; 361 hdr.msg_iovlen = 1; 362 hdr.msg_iov = &vec; 363 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 364 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 365 } 366 367 TEST_F(tls, recvmsg_single_max) 368 { 369 int send_len = TLS_PAYLOAD_MAX_LEN; 370 char send_mem[TLS_PAYLOAD_MAX_LEN]; 371 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 372 struct iovec vec; 373 struct msghdr hdr; 374 375 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 376 vec.iov_base = (char *)recv_mem; 377 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 378 379 hdr.msg_iovlen = 1; 380 hdr.msg_iov = &vec; 381 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 382 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 383 } 384 385 TEST_F(tls, recvmsg_multiple) 386 { 387 unsigned int msg_iovlen = 1024; 388 unsigned int len_compared = 0; 389 struct iovec vec[1024]; 390 char *iov_base[1024]; 391 unsigned int iov_len = 16; 392 int send_len = 1 << 14; 393 char buf[1 << 14]; 394 struct msghdr hdr; 395 int i; 396 397 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 398 for (i = 0; i < msg_iovlen; i++) { 399 iov_base[i] = (char *)malloc(iov_len); 400 vec[i].iov_base = iov_base[i]; 401 vec[i].iov_len = iov_len; 402 } 403 404 hdr.msg_iovlen = msg_iovlen; 405 hdr.msg_iov = vec; 406 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 407 for (i = 0; i < msg_iovlen; i++) 408 len_compared += iov_len; 409 410 for (i = 0; i < msg_iovlen; i++) 411 free(iov_base[i]); 412 } 413 414 TEST_F(tls, single_send_multiple_recv) 415 { 416 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 417 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 418 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 419 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 420 421 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 422 memset(recv_mem, 0, total_len); 423 424 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 425 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 426 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 427 } 428 429 TEST_F(tls, multiple_send_single_recv) 430 { 431 unsigned int total_len = 2 * 10; 432 unsigned int send_len = 10; 433 char recv_mem[2 * 10]; 434 char send_mem[10]; 435 436 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 437 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 438 memset(recv_mem, 0, total_len); 439 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 440 441 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 442 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 443 } 444 445 TEST_F(tls, single_send_multiple_recv_non_align) 446 { 447 const unsigned int total_len = 15; 448 const unsigned int recv_len = 10; 449 char recv_mem[recv_len * 2]; 450 char send_mem[total_len]; 451 452 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 453 memset(recv_mem, 0, total_len); 454 455 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 456 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 457 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 458 } 459 460 TEST_F(tls, recv_partial) 461 { 462 char const *test_str = "test_read_partial"; 463 char const *test_str_first = "test_read"; 464 char const *test_str_second = "_partial"; 465 int send_len = strlen(test_str) + 1; 466 char recv_mem[18]; 467 468 memset(recv_mem, 0, sizeof(recv_mem)); 469 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 470 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 471 MSG_WAITALL), -1); 472 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 473 memset(recv_mem, 0, sizeof(recv_mem)); 474 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 475 MSG_WAITALL), -1); 476 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 477 0); 478 } 479 480 TEST_F(tls, recv_nonblock) 481 { 482 char buf[4096]; 483 bool err; 484 485 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 486 err = (errno == EAGAIN || errno == EWOULDBLOCK); 487 EXPECT_EQ(err, true); 488 } 489 490 TEST_F(tls, recv_peek) 491 { 492 char const *test_str = "test_read_peek"; 493 int send_len = strlen(test_str) + 1; 494 char buf[15]; 495 496 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 497 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 498 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 499 memset(buf, 0, sizeof(buf)); 500 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 501 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 502 } 503 504 TEST_F(tls, recv_peek_multiple) 505 { 506 char const *test_str = "test_read_peek"; 507 int send_len = strlen(test_str) + 1; 508 unsigned int num_peeks = 100; 509 char buf[15]; 510 int i; 511 512 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 513 for (i = 0; i < num_peeks; i++) { 514 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 515 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 516 memset(buf, 0, sizeof(buf)); 517 } 518 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 519 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 520 } 521 522 TEST_F(tls, recv_peek_multiple_records) 523 { 524 char const *test_str = "test_read_peek_mult_recs"; 525 char const *test_str_first = "test_read_peek"; 526 char const *test_str_second = "_mult_recs"; 527 int len; 528 char buf[64]; 529 530 len = strlen(test_str_first); 531 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 532 533 len = strlen(test_str_second) + 1; 534 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 535 536 len = strlen(test_str_first); 537 memset(buf, 0, len); 538 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 539 540 /* MSG_PEEK can only peek into the current record. */ 541 len = strlen(test_str_first); 542 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 543 544 len = strlen(test_str) + 1; 545 memset(buf, 0, len); 546 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 547 548 /* Non-MSG_PEEK will advance strparser (and therefore record) 549 * however. 550 */ 551 len = strlen(test_str) + 1; 552 EXPECT_EQ(memcmp(test_str, buf, len), 0); 553 554 /* MSG_MORE will hold current record open, so later MSG_PEEK 555 * will see everything. 556 */ 557 len = strlen(test_str_first); 558 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 559 560 len = strlen(test_str_second) + 1; 561 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 562 563 len = strlen(test_str) + 1; 564 memset(buf, 0, len); 565 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 566 567 len = strlen(test_str) + 1; 568 EXPECT_EQ(memcmp(test_str, buf, len), 0); 569 } 570 571 TEST_F(tls, recv_peek_large_buf_mult_recs) 572 { 573 char const *test_str = "test_read_peek_mult_recs"; 574 char const *test_str_first = "test_read_peek"; 575 char const *test_str_second = "_mult_recs"; 576 int len; 577 char buf[64]; 578 579 len = strlen(test_str_first); 580 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 581 582 len = strlen(test_str_second) + 1; 583 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 584 585 len = strlen(test_str) + 1; 586 memset(buf, 0, len); 587 EXPECT_NE((len = recv(self->cfd, buf, len, 588 MSG_PEEK | MSG_WAITALL)), -1); 589 len = strlen(test_str) + 1; 590 EXPECT_EQ(memcmp(test_str, buf, len), 0); 591 } 592 593 TEST_F(tls, recv_lowat) 594 { 595 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 596 char recv_mem[20]; 597 int lowat = 8; 598 599 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 600 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 601 602 memset(recv_mem, 0, 20); 603 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 604 &lowat, sizeof(lowat)), 0); 605 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 606 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 607 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 608 609 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 610 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 611 } 612 613 TEST_F(tls, pollin) 614 { 615 char const *test_str = "test_poll"; 616 struct pollfd fd = { 0, 0, 0 }; 617 char buf[10]; 618 int send_len = 10; 619 620 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 621 fd.fd = self->cfd; 622 fd.events = POLLIN; 623 624 EXPECT_EQ(poll(&fd, 1, 20), 1); 625 EXPECT_EQ(fd.revents & POLLIN, 1); 626 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 627 /* Test timing out */ 628 EXPECT_EQ(poll(&fd, 1, 20), 0); 629 } 630 631 TEST_F(tls, poll_wait) 632 { 633 char const *test_str = "test_poll_wait"; 634 int send_len = strlen(test_str) + 1; 635 struct pollfd fd = { 0, 0, 0 }; 636 char recv_mem[15]; 637 638 fd.fd = self->cfd; 639 fd.events = POLLIN; 640 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 641 /* Set timeout to inf. secs */ 642 EXPECT_EQ(poll(&fd, 1, -1), 1); 643 EXPECT_EQ(fd.revents & POLLIN, 1); 644 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 645 } 646 647 TEST_F(tls, blocking) 648 { 649 size_t data = 100000; 650 int res = fork(); 651 652 EXPECT_NE(res, -1); 653 654 if (res) { 655 /* parent */ 656 size_t left = data; 657 char buf[16384]; 658 int status; 659 int pid2; 660 661 while (left) { 662 int res = send(self->fd, buf, 663 left > 16384 ? 16384 : left, 0); 664 665 EXPECT_GE(res, 0); 666 left -= res; 667 } 668 669 pid2 = wait(&status); 670 EXPECT_EQ(status, 0); 671 EXPECT_EQ(res, pid2); 672 } else { 673 /* child */ 674 size_t left = data; 675 char buf[16384]; 676 677 while (left) { 678 int res = recv(self->cfd, buf, 679 left > 16384 ? 16384 : left, 0); 680 681 EXPECT_GE(res, 0); 682 left -= res; 683 } 684 } 685 } 686 687 TEST_F(tls, nonblocking) 688 { 689 size_t data = 100000; 690 int sendbuf = 100; 691 int flags; 692 int res; 693 694 flags = fcntl(self->fd, F_GETFL, 0); 695 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 696 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 697 698 /* Ensure nonblocking behavior by imposing a small send 699 * buffer. 700 */ 701 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 702 &sendbuf, sizeof(sendbuf)), 0); 703 704 res = fork(); 705 EXPECT_NE(res, -1); 706 707 if (res) { 708 /* parent */ 709 bool eagain = false; 710 size_t left = data; 711 char buf[16384]; 712 int status; 713 int pid2; 714 715 while (left) { 716 int res = send(self->fd, buf, 717 left > 16384 ? 16384 : left, 0); 718 719 if (res == -1 && errno == EAGAIN) { 720 eagain = true; 721 usleep(10000); 722 continue; 723 } 724 EXPECT_GE(res, 0); 725 left -= res; 726 } 727 728 EXPECT_TRUE(eagain); 729 pid2 = wait(&status); 730 731 EXPECT_EQ(status, 0); 732 EXPECT_EQ(res, pid2); 733 } else { 734 /* child */ 735 bool eagain = false; 736 size_t left = data; 737 char buf[16384]; 738 739 while (left) { 740 int res = recv(self->cfd, buf, 741 left > 16384 ? 16384 : left, 0); 742 743 if (res == -1 && errno == EAGAIN) { 744 eagain = true; 745 usleep(10000); 746 continue; 747 } 748 EXPECT_GE(res, 0); 749 left -= res; 750 } 751 EXPECT_TRUE(eagain); 752 } 753 } 754 755 TEST_F(tls, control_msg) 756 { 757 if (self->notls) 758 return; 759 760 char cbuf[CMSG_SPACE(sizeof(char))]; 761 char const *test_str = "test_read"; 762 int cmsg_len = sizeof(char); 763 char record_type = 100; 764 struct cmsghdr *cmsg; 765 struct msghdr msg; 766 int send_len = 10; 767 struct iovec vec; 768 char buf[10]; 769 770 vec.iov_base = (char *)test_str; 771 vec.iov_len = 10; 772 memset(&msg, 0, sizeof(struct msghdr)); 773 msg.msg_iov = &vec; 774 msg.msg_iovlen = 1; 775 msg.msg_control = cbuf; 776 msg.msg_controllen = sizeof(cbuf); 777 cmsg = CMSG_FIRSTHDR(&msg); 778 cmsg->cmsg_level = SOL_TLS; 779 /* test sending non-record types. */ 780 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 781 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 782 *CMSG_DATA(cmsg) = record_type; 783 msg.msg_controllen = cmsg->cmsg_len; 784 785 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 786 /* Should fail because we didn't provide a control message */ 787 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 788 789 vec.iov_base = buf; 790 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 791 792 cmsg = CMSG_FIRSTHDR(&msg); 793 EXPECT_NE(cmsg, NULL); 794 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 795 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 796 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 797 EXPECT_EQ(record_type, 100); 798 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 799 800 /* Recv the message again without MSG_PEEK */ 801 record_type = 0; 802 memset(buf, 0, sizeof(buf)); 803 804 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 805 cmsg = CMSG_FIRSTHDR(&msg); 806 EXPECT_NE(cmsg, NULL); 807 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 808 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 809 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 810 EXPECT_EQ(record_type, 100); 811 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 812 } 813 814 TEST(keysizes) { 815 struct tls12_crypto_info_aes_gcm_256 tls12; 816 struct sockaddr_in addr; 817 int sfd, ret, fd, cfd; 818 socklen_t len; 819 bool notls; 820 821 notls = false; 822 len = sizeof(addr); 823 824 memset(&tls12, 0, sizeof(tls12)); 825 tls12.info.version = TLS_1_2_VERSION; 826 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 827 828 addr.sin_family = AF_INET; 829 addr.sin_addr.s_addr = htonl(INADDR_ANY); 830 addr.sin_port = 0; 831 832 fd = socket(AF_INET, SOCK_STREAM, 0); 833 sfd = socket(AF_INET, SOCK_STREAM, 0); 834 835 ret = bind(sfd, &addr, sizeof(addr)); 836 ASSERT_EQ(ret, 0); 837 ret = listen(sfd, 10); 838 ASSERT_EQ(ret, 0); 839 840 ret = getsockname(sfd, &addr, &len); 841 ASSERT_EQ(ret, 0); 842 843 ret = connect(fd, &addr, sizeof(addr)); 844 ASSERT_EQ(ret, 0); 845 846 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 847 if (ret != 0) { 848 notls = true; 849 printf("Failure setting TCP_ULP, testing without tls\n"); 850 } 851 852 if (!notls) { 853 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 854 sizeof(tls12)); 855 EXPECT_EQ(ret, 0); 856 } 857 858 cfd = accept(sfd, &addr, &len); 859 ASSERT_GE(cfd, 0); 860 861 if (!notls) { 862 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 863 sizeof("tls")); 864 EXPECT_EQ(ret, 0); 865 866 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 867 sizeof(tls12)); 868 EXPECT_EQ(ret, 0); 869 } 870 871 close(sfd); 872 close(fd); 873 close(cfd); 874 } 875 876 TEST(tls12) { 877 int fd, cfd; 878 bool notls; 879 880 struct tls12_crypto_info_aes_gcm_128 tls12; 881 struct sockaddr_in addr; 882 socklen_t len; 883 int sfd, ret; 884 885 notls = false; 886 len = sizeof(addr); 887 888 memset(&tls12, 0, sizeof(tls12)); 889 tls12.info.version = TLS_1_2_VERSION; 890 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 891 892 addr.sin_family = AF_INET; 893 addr.sin_addr.s_addr = htonl(INADDR_ANY); 894 addr.sin_port = 0; 895 896 fd = socket(AF_INET, SOCK_STREAM, 0); 897 sfd = socket(AF_INET, SOCK_STREAM, 0); 898 899 ret = bind(sfd, &addr, sizeof(addr)); 900 ASSERT_EQ(ret, 0); 901 ret = listen(sfd, 10); 902 ASSERT_EQ(ret, 0); 903 904 ret = getsockname(sfd, &addr, &len); 905 ASSERT_EQ(ret, 0); 906 907 ret = connect(fd, &addr, sizeof(addr)); 908 ASSERT_EQ(ret, 0); 909 910 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 911 if (ret != 0) { 912 notls = true; 913 printf("Failure setting TCP_ULP, testing without tls\n"); 914 } 915 916 if (!notls) { 917 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 918 sizeof(tls12)); 919 ASSERT_EQ(ret, 0); 920 } 921 922 cfd = accept(sfd, &addr, &len); 923 ASSERT_GE(cfd, 0); 924 925 if (!notls) { 926 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 927 sizeof("tls")); 928 ASSERT_EQ(ret, 0); 929 930 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 931 sizeof(tls12)); 932 ASSERT_EQ(ret, 0); 933 } 934 935 close(sfd); 936 937 char const *test_str = "test_read"; 938 int send_len = 10; 939 char buf[10]; 940 941 send_len = strlen(test_str) + 1; 942 EXPECT_EQ(send(fd, test_str, send_len, 0), send_len); 943 EXPECT_NE(recv(cfd, buf, send_len, 0), -1); 944 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 945 946 close(fd); 947 close(cfd); 948 } 949 950 TEST_HARNESS_MAIN 951