1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 struct tls_crypto_info_keys { 29 union { 30 struct tls12_crypto_info_aes_gcm_128 aes128; 31 struct tls12_crypto_info_chacha20_poly1305 chacha20; 32 struct tls12_crypto_info_sm4_gcm sm4gcm; 33 struct tls12_crypto_info_sm4_ccm sm4ccm; 34 }; 35 size_t len; 36 }; 37 38 static void tls_crypto_info_init(uint16_t tls_version, uint16_t cipher_type, 39 struct tls_crypto_info_keys *tls12) 40 { 41 memset(tls12, 0, sizeof(*tls12)); 42 43 switch (cipher_type) { 44 case TLS_CIPHER_CHACHA20_POLY1305: 45 tls12->len = sizeof(struct tls12_crypto_info_chacha20_poly1305); 46 tls12->chacha20.info.version = tls_version; 47 tls12->chacha20.info.cipher_type = cipher_type; 48 break; 49 case TLS_CIPHER_AES_GCM_128: 50 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_128); 51 tls12->aes128.info.version = tls_version; 52 tls12->aes128.info.cipher_type = cipher_type; 53 break; 54 case TLS_CIPHER_SM4_GCM: 55 tls12->len = sizeof(struct tls12_crypto_info_sm4_gcm); 56 tls12->sm4gcm.info.version = tls_version; 57 tls12->sm4gcm.info.cipher_type = cipher_type; 58 break; 59 case TLS_CIPHER_SM4_CCM: 60 tls12->len = sizeof(struct tls12_crypto_info_sm4_ccm); 61 tls12->sm4ccm.info.version = tls_version; 62 tls12->sm4ccm.info.cipher_type = cipher_type; 63 break; 64 default: 65 break; 66 } 67 } 68 69 static void memrnd(void *s, size_t n) 70 { 71 int *dword = s; 72 char *byte; 73 74 for (; n >= 4; n -= 4) 75 *dword++ = rand(); 76 byte = (void *)dword; 77 while (n--) 78 *byte++ = rand(); 79 } 80 81 FIXTURE(tls_basic) 82 { 83 int fd, cfd; 84 bool notls; 85 }; 86 87 FIXTURE_SETUP(tls_basic) 88 { 89 struct sockaddr_in addr; 90 socklen_t len; 91 int sfd, ret; 92 93 self->notls = false; 94 len = sizeof(addr); 95 96 addr.sin_family = AF_INET; 97 addr.sin_addr.s_addr = htonl(INADDR_ANY); 98 addr.sin_port = 0; 99 100 self->fd = socket(AF_INET, SOCK_STREAM, 0); 101 sfd = socket(AF_INET, SOCK_STREAM, 0); 102 103 ret = bind(sfd, &addr, sizeof(addr)); 104 ASSERT_EQ(ret, 0); 105 ret = listen(sfd, 10); 106 ASSERT_EQ(ret, 0); 107 108 ret = getsockname(sfd, &addr, &len); 109 ASSERT_EQ(ret, 0); 110 111 ret = connect(self->fd, &addr, sizeof(addr)); 112 ASSERT_EQ(ret, 0); 113 114 self->cfd = accept(sfd, &addr, &len); 115 ASSERT_GE(self->cfd, 0); 116 117 close(sfd); 118 119 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 120 if (ret != 0) { 121 ASSERT_EQ(errno, ENOENT); 122 self->notls = true; 123 printf("Failure setting TCP_ULP, testing without tls\n"); 124 return; 125 } 126 127 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 128 ASSERT_EQ(ret, 0); 129 } 130 131 FIXTURE_TEARDOWN(tls_basic) 132 { 133 close(self->fd); 134 close(self->cfd); 135 } 136 137 /* Send some data through with ULP but no keys */ 138 TEST_F(tls_basic, base_base) 139 { 140 char const *test_str = "test_read"; 141 int send_len = 10; 142 char buf[10]; 143 144 ASSERT_EQ(strlen(test_str) + 1, send_len); 145 146 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 147 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 148 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 149 }; 150 151 FIXTURE(tls) 152 { 153 int fd, cfd; 154 bool notls; 155 }; 156 157 FIXTURE_VARIANT(tls) 158 { 159 uint16_t tls_version; 160 uint16_t cipher_type; 161 }; 162 163 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm) 164 { 165 .tls_version = TLS_1_2_VERSION, 166 .cipher_type = TLS_CIPHER_AES_GCM_128, 167 }; 168 169 FIXTURE_VARIANT_ADD(tls, 13_aes_gcm) 170 { 171 .tls_version = TLS_1_3_VERSION, 172 .cipher_type = TLS_CIPHER_AES_GCM_128, 173 }; 174 175 FIXTURE_VARIANT_ADD(tls, 12_chacha) 176 { 177 .tls_version = TLS_1_2_VERSION, 178 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 179 }; 180 181 FIXTURE_VARIANT_ADD(tls, 13_chacha) 182 { 183 .tls_version = TLS_1_3_VERSION, 184 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 185 }; 186 187 FIXTURE_VARIANT_ADD(tls, 13_sm4_gcm) 188 { 189 .tls_version = TLS_1_3_VERSION, 190 .cipher_type = TLS_CIPHER_SM4_GCM, 191 }; 192 193 FIXTURE_VARIANT_ADD(tls, 13_sm4_ccm) 194 { 195 .tls_version = TLS_1_3_VERSION, 196 .cipher_type = TLS_CIPHER_SM4_CCM, 197 }; 198 199 FIXTURE_SETUP(tls) 200 { 201 struct tls_crypto_info_keys tls12; 202 struct sockaddr_in addr; 203 socklen_t len; 204 int sfd, ret; 205 206 self->notls = false; 207 len = sizeof(addr); 208 209 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 210 &tls12); 211 212 addr.sin_family = AF_INET; 213 addr.sin_addr.s_addr = htonl(INADDR_ANY); 214 addr.sin_port = 0; 215 216 self->fd = socket(AF_INET, SOCK_STREAM, 0); 217 sfd = socket(AF_INET, SOCK_STREAM, 0); 218 219 ret = bind(sfd, &addr, sizeof(addr)); 220 ASSERT_EQ(ret, 0); 221 ret = listen(sfd, 10); 222 ASSERT_EQ(ret, 0); 223 224 ret = getsockname(sfd, &addr, &len); 225 ASSERT_EQ(ret, 0); 226 227 ret = connect(self->fd, &addr, sizeof(addr)); 228 ASSERT_EQ(ret, 0); 229 230 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 231 if (ret != 0) { 232 self->notls = true; 233 printf("Failure setting TCP_ULP, testing without tls\n"); 234 } 235 236 if (!self->notls) { 237 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 238 tls12.len); 239 ASSERT_EQ(ret, 0); 240 } 241 242 self->cfd = accept(sfd, &addr, &len); 243 ASSERT_GE(self->cfd, 0); 244 245 if (!self->notls) { 246 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 247 sizeof("tls")); 248 ASSERT_EQ(ret, 0); 249 250 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 251 tls12.len); 252 ASSERT_EQ(ret, 0); 253 } 254 255 close(sfd); 256 } 257 258 FIXTURE_TEARDOWN(tls) 259 { 260 close(self->fd); 261 close(self->cfd); 262 } 263 264 TEST_F(tls, sendfile) 265 { 266 int filefd = open("/proc/self/exe", O_RDONLY); 267 struct stat st; 268 269 EXPECT_GE(filefd, 0); 270 fstat(filefd, &st); 271 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 272 } 273 274 TEST_F(tls, send_then_sendfile) 275 { 276 int filefd = open("/proc/self/exe", O_RDONLY); 277 char const *test_str = "test_send"; 278 int to_send = strlen(test_str) + 1; 279 char recv_buf[10]; 280 struct stat st; 281 char *buf; 282 283 EXPECT_GE(filefd, 0); 284 fstat(filefd, &st); 285 buf = (char *)malloc(st.st_size); 286 287 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 288 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 289 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 290 291 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 292 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 293 } 294 295 static void chunked_sendfile(struct __test_metadata *_metadata, 296 struct _test_data_tls *self, 297 uint16_t chunk_size, 298 uint16_t extra_payload_size) 299 { 300 char buf[TLS_PAYLOAD_MAX_LEN]; 301 uint16_t test_payload_size; 302 int size = 0; 303 int ret; 304 char filename[] = "/tmp/mytemp.XXXXXX"; 305 int fd = mkstemp(filename); 306 off_t offset = 0; 307 308 unlink(filename); 309 ASSERT_GE(fd, 0); 310 EXPECT_GE(chunk_size, 1); 311 test_payload_size = chunk_size + extra_payload_size; 312 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 313 memset(buf, 1, test_payload_size); 314 size = write(fd, buf, test_payload_size); 315 EXPECT_EQ(size, test_payload_size); 316 fsync(fd); 317 318 while (size > 0) { 319 ret = sendfile(self->fd, fd, &offset, chunk_size); 320 EXPECT_GE(ret, 0); 321 size -= ret; 322 } 323 324 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 325 test_payload_size); 326 327 close(fd); 328 } 329 330 TEST_F(tls, multi_chunk_sendfile) 331 { 332 chunked_sendfile(_metadata, self, 4096, 4096); 333 chunked_sendfile(_metadata, self, 4096, 0); 334 chunked_sendfile(_metadata, self, 4096, 1); 335 chunked_sendfile(_metadata, self, 4096, 2048); 336 chunked_sendfile(_metadata, self, 8192, 2048); 337 chunked_sendfile(_metadata, self, 4096, 8192); 338 chunked_sendfile(_metadata, self, 8192, 4096); 339 chunked_sendfile(_metadata, self, 12288, 1024); 340 chunked_sendfile(_metadata, self, 12288, 2000); 341 chunked_sendfile(_metadata, self, 15360, 100); 342 chunked_sendfile(_metadata, self, 15360, 300); 343 chunked_sendfile(_metadata, self, 1, 4096); 344 chunked_sendfile(_metadata, self, 2048, 4096); 345 chunked_sendfile(_metadata, self, 2048, 8192); 346 chunked_sendfile(_metadata, self, 4096, 8192); 347 chunked_sendfile(_metadata, self, 1024, 12288); 348 chunked_sendfile(_metadata, self, 2000, 12288); 349 chunked_sendfile(_metadata, self, 100, 15360); 350 chunked_sendfile(_metadata, self, 300, 15360); 351 } 352 353 TEST_F(tls, recv_max) 354 { 355 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 356 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 357 char buf[TLS_PAYLOAD_MAX_LEN]; 358 359 memrnd(buf, sizeof(buf)); 360 361 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 362 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 363 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 364 } 365 366 TEST_F(tls, recv_small) 367 { 368 char const *test_str = "test_read"; 369 int send_len = 10; 370 char buf[10]; 371 372 send_len = strlen(test_str) + 1; 373 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 374 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 375 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 376 } 377 378 TEST_F(tls, msg_more) 379 { 380 char const *test_str = "test_read"; 381 int send_len = 10; 382 char buf[10 * 2]; 383 384 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 385 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 386 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 387 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 388 send_len * 2); 389 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 390 } 391 392 TEST_F(tls, msg_more_unsent) 393 { 394 char const *test_str = "test_read"; 395 int send_len = 10; 396 char buf[10]; 397 398 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 399 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 400 } 401 402 TEST_F(tls, sendmsg_single) 403 { 404 struct msghdr msg; 405 406 char const *test_str = "test_sendmsg"; 407 size_t send_len = 13; 408 struct iovec vec; 409 char buf[13]; 410 411 vec.iov_base = (char *)test_str; 412 vec.iov_len = send_len; 413 memset(&msg, 0, sizeof(struct msghdr)); 414 msg.msg_iov = &vec; 415 msg.msg_iovlen = 1; 416 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 417 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 418 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 419 } 420 421 #define MAX_FRAGS 64 422 #define SEND_LEN 13 423 TEST_F(tls, sendmsg_fragmented) 424 { 425 char const *test_str = "test_sendmsg"; 426 char buf[SEND_LEN * MAX_FRAGS]; 427 struct iovec vec[MAX_FRAGS]; 428 struct msghdr msg; 429 int i, frags; 430 431 for (frags = 1; frags <= MAX_FRAGS; frags++) { 432 for (i = 0; i < frags; i++) { 433 vec[i].iov_base = (char *)test_str; 434 vec[i].iov_len = SEND_LEN; 435 } 436 437 memset(&msg, 0, sizeof(struct msghdr)); 438 msg.msg_iov = vec; 439 msg.msg_iovlen = frags; 440 441 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 442 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 443 SEND_LEN * frags); 444 445 for (i = 0; i < frags; i++) 446 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 447 test_str, SEND_LEN), 0); 448 } 449 } 450 #undef MAX_FRAGS 451 #undef SEND_LEN 452 453 TEST_F(tls, sendmsg_large) 454 { 455 void *mem = malloc(16384); 456 size_t send_len = 16384; 457 size_t sends = 128; 458 struct msghdr msg; 459 size_t recvs = 0; 460 size_t sent = 0; 461 462 memset(&msg, 0, sizeof(struct msghdr)); 463 while (sent++ < sends) { 464 struct iovec vec = { (void *)mem, send_len }; 465 466 msg.msg_iov = &vec; 467 msg.msg_iovlen = 1; 468 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 469 } 470 471 while (recvs++ < sends) { 472 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 473 } 474 475 free(mem); 476 } 477 478 TEST_F(tls, sendmsg_multiple) 479 { 480 char const *test_str = "test_sendmsg_multiple"; 481 struct iovec vec[5]; 482 char *test_strs[5]; 483 struct msghdr msg; 484 int total_len = 0; 485 int len_cmp = 0; 486 int iov_len = 5; 487 char *buf; 488 int i; 489 490 memset(&msg, 0, sizeof(struct msghdr)); 491 for (i = 0; i < iov_len; i++) { 492 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 493 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 494 vec[i].iov_base = (void *)test_strs[i]; 495 vec[i].iov_len = strlen(test_strs[i]) + 1; 496 total_len += vec[i].iov_len; 497 } 498 msg.msg_iov = vec; 499 msg.msg_iovlen = iov_len; 500 501 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 502 buf = malloc(total_len); 503 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 504 for (i = 0; i < iov_len; i++) { 505 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 506 strlen(test_strs[i])), 507 0); 508 len_cmp += strlen(buf + len_cmp) + 1; 509 } 510 for (i = 0; i < iov_len; i++) 511 free(test_strs[i]); 512 free(buf); 513 } 514 515 TEST_F(tls, sendmsg_multiple_stress) 516 { 517 char const *test_str = "abcdefghijklmno"; 518 struct iovec vec[1024]; 519 char *test_strs[1024]; 520 int iov_len = 1024; 521 int total_len = 0; 522 char buf[1 << 14]; 523 struct msghdr msg; 524 int len_cmp = 0; 525 int i; 526 527 memset(&msg, 0, sizeof(struct msghdr)); 528 for (i = 0; i < iov_len; i++) { 529 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 530 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 531 vec[i].iov_base = (void *)test_strs[i]; 532 vec[i].iov_len = strlen(test_strs[i]) + 1; 533 total_len += vec[i].iov_len; 534 } 535 msg.msg_iov = vec; 536 msg.msg_iovlen = iov_len; 537 538 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 539 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 540 541 for (i = 0; i < iov_len; i++) 542 len_cmp += strlen(buf + len_cmp) + 1; 543 544 for (i = 0; i < iov_len; i++) 545 free(test_strs[i]); 546 } 547 548 TEST_F(tls, splice_from_pipe) 549 { 550 int send_len = TLS_PAYLOAD_MAX_LEN; 551 char mem_send[TLS_PAYLOAD_MAX_LEN]; 552 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 553 int p[2]; 554 555 ASSERT_GE(pipe(p), 0); 556 EXPECT_GE(write(p[1], mem_send, send_len), 0); 557 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 558 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 559 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 560 } 561 562 TEST_F(tls, splice_from_pipe2) 563 { 564 int send_len = 16000; 565 char mem_send[16000]; 566 char mem_recv[16000]; 567 int p2[2]; 568 int p[2]; 569 570 ASSERT_GE(pipe(p), 0); 571 ASSERT_GE(pipe(p2), 0); 572 EXPECT_GE(write(p[1], mem_send, 8000), 0); 573 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 574 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 575 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 576 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 577 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 578 } 579 580 TEST_F(tls, send_and_splice) 581 { 582 int send_len = TLS_PAYLOAD_MAX_LEN; 583 char mem_send[TLS_PAYLOAD_MAX_LEN]; 584 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 585 char const *test_str = "test_read"; 586 int send_len2 = 10; 587 char buf[10]; 588 int p[2]; 589 590 ASSERT_GE(pipe(p), 0); 591 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 592 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 593 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 594 595 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 596 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 597 598 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 599 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 600 } 601 602 TEST_F(tls, splice_to_pipe) 603 { 604 int send_len = TLS_PAYLOAD_MAX_LEN; 605 char mem_send[TLS_PAYLOAD_MAX_LEN]; 606 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 607 int p[2]; 608 609 ASSERT_GE(pipe(p), 0); 610 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 611 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 612 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 613 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 614 } 615 616 TEST_F(tls, recvmsg_single) 617 { 618 char const *test_str = "test_recvmsg_single"; 619 int send_len = strlen(test_str) + 1; 620 char buf[20]; 621 struct msghdr hdr; 622 struct iovec vec; 623 624 memset(&hdr, 0, sizeof(hdr)); 625 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 626 vec.iov_base = (char *)buf; 627 vec.iov_len = send_len; 628 hdr.msg_iovlen = 1; 629 hdr.msg_iov = &vec; 630 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 631 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 632 } 633 634 TEST_F(tls, recvmsg_single_max) 635 { 636 int send_len = TLS_PAYLOAD_MAX_LEN; 637 char send_mem[TLS_PAYLOAD_MAX_LEN]; 638 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 639 struct iovec vec; 640 struct msghdr hdr; 641 642 memrnd(send_mem, sizeof(send_mem)); 643 644 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 645 vec.iov_base = (char *)recv_mem; 646 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 647 648 hdr.msg_iovlen = 1; 649 hdr.msg_iov = &vec; 650 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 651 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 652 } 653 654 TEST_F(tls, recvmsg_multiple) 655 { 656 unsigned int msg_iovlen = 1024; 657 struct iovec vec[1024]; 658 char *iov_base[1024]; 659 unsigned int iov_len = 16; 660 int send_len = 1 << 14; 661 char buf[1 << 14]; 662 struct msghdr hdr; 663 int i; 664 665 memrnd(buf, sizeof(buf)); 666 667 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 668 for (i = 0; i < msg_iovlen; i++) { 669 iov_base[i] = (char *)malloc(iov_len); 670 vec[i].iov_base = iov_base[i]; 671 vec[i].iov_len = iov_len; 672 } 673 674 hdr.msg_iovlen = msg_iovlen; 675 hdr.msg_iov = vec; 676 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 677 678 for (i = 0; i < msg_iovlen; i++) 679 free(iov_base[i]); 680 } 681 682 TEST_F(tls, single_send_multiple_recv) 683 { 684 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 685 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 686 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 687 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 688 689 memrnd(send_mem, sizeof(send_mem)); 690 691 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 692 memset(recv_mem, 0, total_len); 693 694 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 695 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 696 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 697 } 698 699 TEST_F(tls, multiple_send_single_recv) 700 { 701 unsigned int total_len = 2 * 10; 702 unsigned int send_len = 10; 703 char recv_mem[2 * 10]; 704 char send_mem[10]; 705 706 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 707 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 708 memset(recv_mem, 0, total_len); 709 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 710 711 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 712 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 713 } 714 715 TEST_F(tls, single_send_multiple_recv_non_align) 716 { 717 const unsigned int total_len = 15; 718 const unsigned int recv_len = 10; 719 char recv_mem[recv_len * 2]; 720 char send_mem[total_len]; 721 722 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 723 memset(recv_mem, 0, total_len); 724 725 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 726 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 727 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 728 } 729 730 TEST_F(tls, recv_partial) 731 { 732 char const *test_str = "test_read_partial"; 733 char const *test_str_first = "test_read"; 734 char const *test_str_second = "_partial"; 735 int send_len = strlen(test_str) + 1; 736 char recv_mem[18]; 737 738 memset(recv_mem, 0, sizeof(recv_mem)); 739 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 740 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 741 MSG_WAITALL), -1); 742 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 743 memset(recv_mem, 0, sizeof(recv_mem)); 744 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 745 MSG_WAITALL), -1); 746 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 747 0); 748 } 749 750 TEST_F(tls, recv_nonblock) 751 { 752 char buf[4096]; 753 bool err; 754 755 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 756 err = (errno == EAGAIN || errno == EWOULDBLOCK); 757 EXPECT_EQ(err, true); 758 } 759 760 TEST_F(tls, recv_peek) 761 { 762 char const *test_str = "test_read_peek"; 763 int send_len = strlen(test_str) + 1; 764 char buf[15]; 765 766 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 767 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 768 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 769 memset(buf, 0, sizeof(buf)); 770 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 771 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 772 } 773 774 TEST_F(tls, recv_peek_multiple) 775 { 776 char const *test_str = "test_read_peek"; 777 int send_len = strlen(test_str) + 1; 778 unsigned int num_peeks = 100; 779 char buf[15]; 780 int i; 781 782 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 783 for (i = 0; i < num_peeks; i++) { 784 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 785 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 786 memset(buf, 0, sizeof(buf)); 787 } 788 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 789 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 790 } 791 792 TEST_F(tls, recv_peek_multiple_records) 793 { 794 char const *test_str = "test_read_peek_mult_recs"; 795 char const *test_str_first = "test_read_peek"; 796 char const *test_str_second = "_mult_recs"; 797 int len; 798 char buf[64]; 799 800 len = strlen(test_str_first); 801 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 802 803 len = strlen(test_str_second) + 1; 804 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 805 806 len = strlen(test_str_first); 807 memset(buf, 0, len); 808 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 809 810 /* MSG_PEEK can only peek into the current record. */ 811 len = strlen(test_str_first); 812 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 813 814 len = strlen(test_str) + 1; 815 memset(buf, 0, len); 816 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 817 818 /* Non-MSG_PEEK will advance strparser (and therefore record) 819 * however. 820 */ 821 len = strlen(test_str) + 1; 822 EXPECT_EQ(memcmp(test_str, buf, len), 0); 823 824 /* MSG_MORE will hold current record open, so later MSG_PEEK 825 * will see everything. 826 */ 827 len = strlen(test_str_first); 828 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 829 830 len = strlen(test_str_second) + 1; 831 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 832 833 len = strlen(test_str) + 1; 834 memset(buf, 0, len); 835 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 836 837 len = strlen(test_str) + 1; 838 EXPECT_EQ(memcmp(test_str, buf, len), 0); 839 } 840 841 TEST_F(tls, recv_peek_large_buf_mult_recs) 842 { 843 char const *test_str = "test_read_peek_mult_recs"; 844 char const *test_str_first = "test_read_peek"; 845 char const *test_str_second = "_mult_recs"; 846 int len; 847 char buf[64]; 848 849 len = strlen(test_str_first); 850 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 851 852 len = strlen(test_str_second) + 1; 853 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 854 855 len = strlen(test_str) + 1; 856 memset(buf, 0, len); 857 EXPECT_NE((len = recv(self->cfd, buf, len, 858 MSG_PEEK | MSG_WAITALL)), -1); 859 len = strlen(test_str) + 1; 860 EXPECT_EQ(memcmp(test_str, buf, len), 0); 861 } 862 863 TEST_F(tls, recv_lowat) 864 { 865 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 866 char recv_mem[20]; 867 int lowat = 8; 868 869 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 870 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 871 872 memset(recv_mem, 0, 20); 873 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 874 &lowat, sizeof(lowat)), 0); 875 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 876 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 877 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 878 879 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 880 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 881 } 882 883 TEST_F(tls, bidir) 884 { 885 char const *test_str = "test_read"; 886 int send_len = 10; 887 char buf[10]; 888 int ret; 889 890 if (!self->notls) { 891 struct tls_crypto_info_keys tls12; 892 893 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 894 &tls12); 895 896 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 897 tls12.len); 898 ASSERT_EQ(ret, 0); 899 900 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 901 tls12.len); 902 ASSERT_EQ(ret, 0); 903 } 904 905 ASSERT_EQ(strlen(test_str) + 1, send_len); 906 907 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 908 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 909 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 910 911 memset(buf, 0, sizeof(buf)); 912 913 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 914 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 915 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 916 }; 917 918 TEST_F(tls, pollin) 919 { 920 char const *test_str = "test_poll"; 921 struct pollfd fd = { 0, 0, 0 }; 922 char buf[10]; 923 int send_len = 10; 924 925 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 926 fd.fd = self->cfd; 927 fd.events = POLLIN; 928 929 EXPECT_EQ(poll(&fd, 1, 20), 1); 930 EXPECT_EQ(fd.revents & POLLIN, 1); 931 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 932 /* Test timing out */ 933 EXPECT_EQ(poll(&fd, 1, 20), 0); 934 } 935 936 TEST_F(tls, poll_wait) 937 { 938 char const *test_str = "test_poll_wait"; 939 int send_len = strlen(test_str) + 1; 940 struct pollfd fd = { 0, 0, 0 }; 941 char recv_mem[15]; 942 943 fd.fd = self->cfd; 944 fd.events = POLLIN; 945 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 946 /* Set timeout to inf. secs */ 947 EXPECT_EQ(poll(&fd, 1, -1), 1); 948 EXPECT_EQ(fd.revents & POLLIN, 1); 949 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 950 } 951 952 TEST_F(tls, poll_wait_split) 953 { 954 struct pollfd fd = { 0, 0, 0 }; 955 char send_mem[20] = {}; 956 char recv_mem[15]; 957 958 fd.fd = self->cfd; 959 fd.events = POLLIN; 960 /* Send 20 bytes */ 961 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 962 sizeof(send_mem)); 963 /* Poll with inf. timeout */ 964 EXPECT_EQ(poll(&fd, 1, -1), 1); 965 EXPECT_EQ(fd.revents & POLLIN, 1); 966 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 967 sizeof(recv_mem)); 968 969 /* Now the remaining 5 bytes of record data are in TLS ULP */ 970 fd.fd = self->cfd; 971 fd.events = POLLIN; 972 EXPECT_EQ(poll(&fd, 1, -1), 1); 973 EXPECT_EQ(fd.revents & POLLIN, 1); 974 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 975 sizeof(send_mem) - sizeof(recv_mem)); 976 } 977 978 TEST_F(tls, blocking) 979 { 980 size_t data = 100000; 981 int res = fork(); 982 983 EXPECT_NE(res, -1); 984 985 if (res) { 986 /* parent */ 987 size_t left = data; 988 char buf[16384]; 989 int status; 990 int pid2; 991 992 while (left) { 993 int res = send(self->fd, buf, 994 left > 16384 ? 16384 : left, 0); 995 996 EXPECT_GE(res, 0); 997 left -= res; 998 } 999 1000 pid2 = wait(&status); 1001 EXPECT_EQ(status, 0); 1002 EXPECT_EQ(res, pid2); 1003 } else { 1004 /* child */ 1005 size_t left = data; 1006 char buf[16384]; 1007 1008 while (left) { 1009 int res = recv(self->cfd, buf, 1010 left > 16384 ? 16384 : left, 0); 1011 1012 EXPECT_GE(res, 0); 1013 left -= res; 1014 } 1015 } 1016 } 1017 1018 TEST_F(tls, nonblocking) 1019 { 1020 size_t data = 100000; 1021 int sendbuf = 100; 1022 int flags; 1023 int res; 1024 1025 flags = fcntl(self->fd, F_GETFL, 0); 1026 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 1027 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 1028 1029 /* Ensure nonblocking behavior by imposing a small send 1030 * buffer. 1031 */ 1032 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 1033 &sendbuf, sizeof(sendbuf)), 0); 1034 1035 res = fork(); 1036 EXPECT_NE(res, -1); 1037 1038 if (res) { 1039 /* parent */ 1040 bool eagain = false; 1041 size_t left = data; 1042 char buf[16384]; 1043 int status; 1044 int pid2; 1045 1046 while (left) { 1047 int res = send(self->fd, buf, 1048 left > 16384 ? 16384 : left, 0); 1049 1050 if (res == -1 && errno == EAGAIN) { 1051 eagain = true; 1052 usleep(10000); 1053 continue; 1054 } 1055 EXPECT_GE(res, 0); 1056 left -= res; 1057 } 1058 1059 EXPECT_TRUE(eagain); 1060 pid2 = wait(&status); 1061 1062 EXPECT_EQ(status, 0); 1063 EXPECT_EQ(res, pid2); 1064 } else { 1065 /* child */ 1066 bool eagain = false; 1067 size_t left = data; 1068 char buf[16384]; 1069 1070 while (left) { 1071 int res = recv(self->cfd, buf, 1072 left > 16384 ? 16384 : left, 0); 1073 1074 if (res == -1 && errno == EAGAIN) { 1075 eagain = true; 1076 usleep(10000); 1077 continue; 1078 } 1079 EXPECT_GE(res, 0); 1080 left -= res; 1081 } 1082 EXPECT_TRUE(eagain); 1083 } 1084 } 1085 1086 static void 1087 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1088 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1089 { 1090 const unsigned int n_children = n_readers + n_writers; 1091 const size_t data = 6 * 1000 * 1000; 1092 const size_t file_sz = data / 100; 1093 size_t read_bias, write_bias; 1094 int i, fd, child_id; 1095 char buf[file_sz]; 1096 pid_t pid; 1097 1098 /* Only allow multiples for simplicity */ 1099 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1100 read_bias = n_writers / n_readers ?: 1; 1101 write_bias = n_readers / n_writers ?: 1; 1102 1103 /* prep a file to send */ 1104 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1105 ASSERT_GE(fd, 0); 1106 1107 memset(buf, 0xac, file_sz); 1108 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1109 1110 /* spawn children */ 1111 for (child_id = 0; child_id < n_children; child_id++) { 1112 pid = fork(); 1113 ASSERT_NE(pid, -1); 1114 if (!pid) 1115 break; 1116 } 1117 1118 /* parent waits for all children */ 1119 if (pid) { 1120 for (i = 0; i < n_children; i++) { 1121 int status; 1122 1123 wait(&status); 1124 EXPECT_EQ(status, 0); 1125 } 1126 1127 return; 1128 } 1129 1130 /* Split threads for reading and writing */ 1131 if (child_id < n_readers) { 1132 size_t left = data * read_bias; 1133 char rb[8001]; 1134 1135 while (left) { 1136 int res; 1137 1138 res = recv(self->cfd, rb, 1139 left > sizeof(rb) ? sizeof(rb) : left, 0); 1140 1141 EXPECT_GE(res, 0); 1142 left -= res; 1143 } 1144 } else { 1145 size_t left = data * write_bias; 1146 1147 while (left) { 1148 int res; 1149 1150 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1151 if (sendpg) 1152 res = sendfile(self->fd, fd, NULL, 1153 left > file_sz ? file_sz : left); 1154 else 1155 res = send(self->fd, buf, 1156 left > file_sz ? file_sz : left, 0); 1157 1158 EXPECT_GE(res, 0); 1159 left -= res; 1160 } 1161 } 1162 } 1163 1164 TEST_F(tls, mutliproc_even) 1165 { 1166 test_mutliproc(_metadata, self, false, 6, 6); 1167 } 1168 1169 TEST_F(tls, mutliproc_readers) 1170 { 1171 test_mutliproc(_metadata, self, false, 4, 12); 1172 } 1173 1174 TEST_F(tls, mutliproc_writers) 1175 { 1176 test_mutliproc(_metadata, self, false, 10, 2); 1177 } 1178 1179 TEST_F(tls, mutliproc_sendpage_even) 1180 { 1181 test_mutliproc(_metadata, self, true, 6, 6); 1182 } 1183 1184 TEST_F(tls, mutliproc_sendpage_readers) 1185 { 1186 test_mutliproc(_metadata, self, true, 4, 12); 1187 } 1188 1189 TEST_F(tls, mutliproc_sendpage_writers) 1190 { 1191 test_mutliproc(_metadata, self, true, 10, 2); 1192 } 1193 1194 TEST_F(tls, control_msg) 1195 { 1196 if (self->notls) 1197 return; 1198 1199 char cbuf[CMSG_SPACE(sizeof(char))]; 1200 char const *test_str = "test_read"; 1201 int cmsg_len = sizeof(char); 1202 char record_type = 100; 1203 struct cmsghdr *cmsg; 1204 struct msghdr msg; 1205 int send_len = 10; 1206 struct iovec vec; 1207 char buf[10]; 1208 1209 vec.iov_base = (char *)test_str; 1210 vec.iov_len = 10; 1211 memset(&msg, 0, sizeof(struct msghdr)); 1212 msg.msg_iov = &vec; 1213 msg.msg_iovlen = 1; 1214 msg.msg_control = cbuf; 1215 msg.msg_controllen = sizeof(cbuf); 1216 cmsg = CMSG_FIRSTHDR(&msg); 1217 cmsg->cmsg_level = SOL_TLS; 1218 /* test sending non-record types. */ 1219 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 1220 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 1221 *CMSG_DATA(cmsg) = record_type; 1222 msg.msg_controllen = cmsg->cmsg_len; 1223 1224 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 1225 /* Should fail because we didn't provide a control message */ 1226 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1227 1228 vec.iov_base = buf; 1229 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 1230 1231 cmsg = CMSG_FIRSTHDR(&msg); 1232 EXPECT_NE(cmsg, NULL); 1233 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1234 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1235 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1236 EXPECT_EQ(record_type, 100); 1237 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1238 1239 /* Recv the message again without MSG_PEEK */ 1240 record_type = 0; 1241 memset(buf, 0, sizeof(buf)); 1242 1243 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 1244 cmsg = CMSG_FIRSTHDR(&msg); 1245 EXPECT_NE(cmsg, NULL); 1246 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1247 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1248 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1249 EXPECT_EQ(record_type, 100); 1250 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1251 } 1252 1253 TEST_F(tls, shutdown) 1254 { 1255 char const *test_str = "test_read"; 1256 int send_len = 10; 1257 char buf[10]; 1258 1259 ASSERT_EQ(strlen(test_str) + 1, send_len); 1260 1261 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1262 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1263 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1264 1265 shutdown(self->fd, SHUT_RDWR); 1266 shutdown(self->cfd, SHUT_RDWR); 1267 } 1268 1269 TEST_F(tls, shutdown_unsent) 1270 { 1271 char const *test_str = "test_read"; 1272 int send_len = 10; 1273 1274 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1275 1276 shutdown(self->fd, SHUT_RDWR); 1277 shutdown(self->cfd, SHUT_RDWR); 1278 } 1279 1280 TEST_F(tls, shutdown_reuse) 1281 { 1282 struct sockaddr_in addr; 1283 int ret; 1284 1285 shutdown(self->fd, SHUT_RDWR); 1286 shutdown(self->cfd, SHUT_RDWR); 1287 close(self->cfd); 1288 1289 addr.sin_family = AF_INET; 1290 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1291 addr.sin_port = 0; 1292 1293 ret = bind(self->fd, &addr, sizeof(addr)); 1294 EXPECT_EQ(ret, 0); 1295 ret = listen(self->fd, 10); 1296 EXPECT_EQ(ret, -1); 1297 EXPECT_EQ(errno, EINVAL); 1298 1299 ret = connect(self->fd, &addr, sizeof(addr)); 1300 EXPECT_EQ(ret, -1); 1301 EXPECT_EQ(errno, EISCONN); 1302 } 1303 1304 TEST(non_established) { 1305 struct tls12_crypto_info_aes_gcm_256 tls12; 1306 struct sockaddr_in addr; 1307 int sfd, ret, fd; 1308 socklen_t len; 1309 1310 len = sizeof(addr); 1311 1312 memset(&tls12, 0, sizeof(tls12)); 1313 tls12.info.version = TLS_1_2_VERSION; 1314 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1315 1316 addr.sin_family = AF_INET; 1317 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1318 addr.sin_port = 0; 1319 1320 fd = socket(AF_INET, SOCK_STREAM, 0); 1321 sfd = socket(AF_INET, SOCK_STREAM, 0); 1322 1323 ret = bind(sfd, &addr, sizeof(addr)); 1324 ASSERT_EQ(ret, 0); 1325 ret = listen(sfd, 10); 1326 ASSERT_EQ(ret, 0); 1327 1328 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1329 EXPECT_EQ(ret, -1); 1330 /* TLS ULP not supported */ 1331 if (errno == ENOENT) 1332 return; 1333 EXPECT_EQ(errno, ENOTCONN); 1334 1335 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1336 EXPECT_EQ(ret, -1); 1337 EXPECT_EQ(errno, ENOTCONN); 1338 1339 ret = getsockname(sfd, &addr, &len); 1340 ASSERT_EQ(ret, 0); 1341 1342 ret = connect(fd, &addr, sizeof(addr)); 1343 ASSERT_EQ(ret, 0); 1344 1345 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1346 ASSERT_EQ(ret, 0); 1347 1348 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1349 EXPECT_EQ(ret, -1); 1350 EXPECT_EQ(errno, EEXIST); 1351 1352 close(fd); 1353 close(sfd); 1354 } 1355 1356 TEST(keysizes) { 1357 struct tls12_crypto_info_aes_gcm_256 tls12; 1358 struct sockaddr_in addr; 1359 int sfd, ret, fd, cfd; 1360 socklen_t len; 1361 bool notls; 1362 1363 notls = false; 1364 len = sizeof(addr); 1365 1366 memset(&tls12, 0, sizeof(tls12)); 1367 tls12.info.version = TLS_1_2_VERSION; 1368 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1369 1370 addr.sin_family = AF_INET; 1371 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1372 addr.sin_port = 0; 1373 1374 fd = socket(AF_INET, SOCK_STREAM, 0); 1375 sfd = socket(AF_INET, SOCK_STREAM, 0); 1376 1377 ret = bind(sfd, &addr, sizeof(addr)); 1378 ASSERT_EQ(ret, 0); 1379 ret = listen(sfd, 10); 1380 ASSERT_EQ(ret, 0); 1381 1382 ret = getsockname(sfd, &addr, &len); 1383 ASSERT_EQ(ret, 0); 1384 1385 ret = connect(fd, &addr, sizeof(addr)); 1386 ASSERT_EQ(ret, 0); 1387 1388 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1389 if (ret != 0) { 1390 notls = true; 1391 printf("Failure setting TCP_ULP, testing without tls\n"); 1392 } 1393 1394 if (!notls) { 1395 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1396 sizeof(tls12)); 1397 EXPECT_EQ(ret, 0); 1398 } 1399 1400 cfd = accept(sfd, &addr, &len); 1401 ASSERT_GE(cfd, 0); 1402 1403 if (!notls) { 1404 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 1405 sizeof("tls")); 1406 EXPECT_EQ(ret, 0); 1407 1408 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1409 sizeof(tls12)); 1410 EXPECT_EQ(ret, 0); 1411 } 1412 1413 close(sfd); 1414 close(fd); 1415 close(cfd); 1416 } 1417 1418 TEST_HARNESS_MAIN 1419