1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 FIXTURE(tls) 29 { 30 int fd, cfd; 31 bool notls; 32 }; 33 34 FIXTURE_SETUP(tls) 35 { 36 struct tls12_crypto_info_aes_gcm_128 tls12; 37 struct sockaddr_in addr; 38 socklen_t len; 39 int sfd, ret; 40 41 self->notls = false; 42 len = sizeof(addr); 43 44 memset(&tls12, 0, sizeof(tls12)); 45 tls12.info.version = TLS_1_3_VERSION; 46 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 47 48 addr.sin_family = AF_INET; 49 addr.sin_addr.s_addr = htonl(INADDR_ANY); 50 addr.sin_port = 0; 51 52 self->fd = socket(AF_INET, SOCK_STREAM, 0); 53 sfd = socket(AF_INET, SOCK_STREAM, 0); 54 55 ret = bind(sfd, &addr, sizeof(addr)); 56 ASSERT_EQ(ret, 0); 57 ret = listen(sfd, 10); 58 ASSERT_EQ(ret, 0); 59 60 ret = getsockname(sfd, &addr, &len); 61 ASSERT_EQ(ret, 0); 62 63 ret = connect(self->fd, &addr, sizeof(addr)); 64 ASSERT_EQ(ret, 0); 65 66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 67 if (ret != 0) { 68 self->notls = true; 69 printf("Failure setting TCP_ULP, testing without tls\n"); 70 } 71 72 if (!self->notls) { 73 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 74 sizeof(tls12)); 75 ASSERT_EQ(ret, 0); 76 } 77 78 self->cfd = accept(sfd, &addr, &len); 79 ASSERT_GE(self->cfd, 0); 80 81 if (!self->notls) { 82 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 83 sizeof("tls")); 84 ASSERT_EQ(ret, 0); 85 86 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 87 sizeof(tls12)); 88 ASSERT_EQ(ret, 0); 89 } 90 91 close(sfd); 92 } 93 94 FIXTURE_TEARDOWN(tls) 95 { 96 close(self->fd); 97 close(self->cfd); 98 } 99 100 TEST_F(tls, sendfile) 101 { 102 int filefd = open("/proc/self/exe", O_RDONLY); 103 struct stat st; 104 105 EXPECT_GE(filefd, 0); 106 fstat(filefd, &st); 107 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 108 } 109 110 TEST_F(tls, send_then_sendfile) 111 { 112 int filefd = open("/proc/self/exe", O_RDONLY); 113 char const *test_str = "test_send"; 114 int to_send = strlen(test_str) + 1; 115 char recv_buf[10]; 116 struct stat st; 117 char *buf; 118 119 EXPECT_GE(filefd, 0); 120 fstat(filefd, &st); 121 buf = (char *)malloc(st.st_size); 122 123 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 124 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 125 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 126 127 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 128 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 129 } 130 131 TEST_F(tls, recv_max) 132 { 133 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 134 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 135 char buf[TLS_PAYLOAD_MAX_LEN]; 136 137 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 138 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 139 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 140 } 141 142 TEST_F(tls, recv_small) 143 { 144 char const *test_str = "test_read"; 145 int send_len = 10; 146 char buf[10]; 147 148 send_len = strlen(test_str) + 1; 149 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 150 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 151 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 152 } 153 154 TEST_F(tls, msg_more) 155 { 156 char const *test_str = "test_read"; 157 int send_len = 10; 158 char buf[10 * 2]; 159 160 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 161 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 162 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 163 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 164 send_len * 2); 165 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 166 } 167 168 TEST_F(tls, sendmsg_single) 169 { 170 struct msghdr msg; 171 172 char const *test_str = "test_sendmsg"; 173 size_t send_len = 13; 174 struct iovec vec; 175 char buf[13]; 176 177 vec.iov_base = (char *)test_str; 178 vec.iov_len = send_len; 179 memset(&msg, 0, sizeof(struct msghdr)); 180 msg.msg_iov = &vec; 181 msg.msg_iovlen = 1; 182 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 183 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 184 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 185 } 186 187 TEST_F(tls, sendmsg_large) 188 { 189 void *mem = malloc(16384); 190 size_t send_len = 16384; 191 size_t sends = 128; 192 struct msghdr msg; 193 size_t recvs = 0; 194 size_t sent = 0; 195 196 memset(&msg, 0, sizeof(struct msghdr)); 197 while (sent++ < sends) { 198 struct iovec vec = { (void *)mem, send_len }; 199 200 msg.msg_iov = &vec; 201 msg.msg_iovlen = 1; 202 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 203 } 204 205 while (recvs++ < sends) 206 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 207 208 free(mem); 209 } 210 211 TEST_F(tls, sendmsg_multiple) 212 { 213 char const *test_str = "test_sendmsg_multiple"; 214 struct iovec vec[5]; 215 char *test_strs[5]; 216 struct msghdr msg; 217 int total_len = 0; 218 int len_cmp = 0; 219 int iov_len = 5; 220 char *buf; 221 int i; 222 223 memset(&msg, 0, sizeof(struct msghdr)); 224 for (i = 0; i < iov_len; i++) { 225 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 226 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 227 vec[i].iov_base = (void *)test_strs[i]; 228 vec[i].iov_len = strlen(test_strs[i]) + 1; 229 total_len += vec[i].iov_len; 230 } 231 msg.msg_iov = vec; 232 msg.msg_iovlen = iov_len; 233 234 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 235 buf = malloc(total_len); 236 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 237 for (i = 0; i < iov_len; i++) { 238 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 239 strlen(test_strs[i])), 240 0); 241 len_cmp += strlen(buf + len_cmp) + 1; 242 } 243 for (i = 0; i < iov_len; i++) 244 free(test_strs[i]); 245 free(buf); 246 } 247 248 TEST_F(tls, sendmsg_multiple_stress) 249 { 250 char const *test_str = "abcdefghijklmno"; 251 struct iovec vec[1024]; 252 char *test_strs[1024]; 253 int iov_len = 1024; 254 int total_len = 0; 255 char buf[1 << 14]; 256 struct msghdr msg; 257 int len_cmp = 0; 258 int i; 259 260 memset(&msg, 0, sizeof(struct msghdr)); 261 for (i = 0; i < iov_len; i++) { 262 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 263 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 264 vec[i].iov_base = (void *)test_strs[i]; 265 vec[i].iov_len = strlen(test_strs[i]) + 1; 266 total_len += vec[i].iov_len; 267 } 268 msg.msg_iov = vec; 269 msg.msg_iovlen = iov_len; 270 271 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 272 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 273 274 for (i = 0; i < iov_len; i++) 275 len_cmp += strlen(buf + len_cmp) + 1; 276 277 for (i = 0; i < iov_len; i++) 278 free(test_strs[i]); 279 } 280 281 TEST_F(tls, splice_from_pipe) 282 { 283 int send_len = TLS_PAYLOAD_MAX_LEN; 284 char mem_send[TLS_PAYLOAD_MAX_LEN]; 285 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 286 int p[2]; 287 288 ASSERT_GE(pipe(p), 0); 289 EXPECT_GE(write(p[1], mem_send, send_len), 0); 290 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 291 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 292 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 293 } 294 295 TEST_F(tls, splice_from_pipe2) 296 { 297 int send_len = 16000; 298 char mem_send[16000]; 299 char mem_recv[16000]; 300 int p2[2]; 301 int p[2]; 302 303 ASSERT_GE(pipe(p), 0); 304 ASSERT_GE(pipe(p2), 0); 305 EXPECT_GE(write(p[1], mem_send, 8000), 0); 306 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 307 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 308 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 309 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 310 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 311 } 312 313 TEST_F(tls, send_and_splice) 314 { 315 int send_len = TLS_PAYLOAD_MAX_LEN; 316 char mem_send[TLS_PAYLOAD_MAX_LEN]; 317 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 318 char const *test_str = "test_read"; 319 int send_len2 = 10; 320 char buf[10]; 321 int p[2]; 322 323 ASSERT_GE(pipe(p), 0); 324 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 325 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 326 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 327 328 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 329 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 330 331 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 332 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 333 } 334 335 TEST_F(tls, splice_to_pipe) 336 { 337 int send_len = TLS_PAYLOAD_MAX_LEN; 338 char mem_send[TLS_PAYLOAD_MAX_LEN]; 339 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 340 int p[2]; 341 342 ASSERT_GE(pipe(p), 0); 343 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 344 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 345 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 346 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 347 } 348 349 TEST_F(tls, recvmsg_single) 350 { 351 char const *test_str = "test_recvmsg_single"; 352 int send_len = strlen(test_str) + 1; 353 char buf[20]; 354 struct msghdr hdr; 355 struct iovec vec; 356 357 memset(&hdr, 0, sizeof(hdr)); 358 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 359 vec.iov_base = (char *)buf; 360 vec.iov_len = send_len; 361 hdr.msg_iovlen = 1; 362 hdr.msg_iov = &vec; 363 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 364 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 365 } 366 367 TEST_F(tls, recvmsg_single_max) 368 { 369 int send_len = TLS_PAYLOAD_MAX_LEN; 370 char send_mem[TLS_PAYLOAD_MAX_LEN]; 371 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 372 struct iovec vec; 373 struct msghdr hdr; 374 375 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 376 vec.iov_base = (char *)recv_mem; 377 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 378 379 hdr.msg_iovlen = 1; 380 hdr.msg_iov = &vec; 381 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 382 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 383 } 384 385 TEST_F(tls, recvmsg_multiple) 386 { 387 unsigned int msg_iovlen = 1024; 388 unsigned int len_compared = 0; 389 struct iovec vec[1024]; 390 char *iov_base[1024]; 391 unsigned int iov_len = 16; 392 int send_len = 1 << 14; 393 char buf[1 << 14]; 394 struct msghdr hdr; 395 int i; 396 397 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 398 for (i = 0; i < msg_iovlen; i++) { 399 iov_base[i] = (char *)malloc(iov_len); 400 vec[i].iov_base = iov_base[i]; 401 vec[i].iov_len = iov_len; 402 } 403 404 hdr.msg_iovlen = msg_iovlen; 405 hdr.msg_iov = vec; 406 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 407 for (i = 0; i < msg_iovlen; i++) 408 len_compared += iov_len; 409 410 for (i = 0; i < msg_iovlen; i++) 411 free(iov_base[i]); 412 } 413 414 TEST_F(tls, single_send_multiple_recv) 415 { 416 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 417 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 418 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 419 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 420 421 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 422 memset(recv_mem, 0, total_len); 423 424 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 425 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 426 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 427 } 428 429 TEST_F(tls, multiple_send_single_recv) 430 { 431 unsigned int total_len = 2 * 10; 432 unsigned int send_len = 10; 433 char recv_mem[2 * 10]; 434 char send_mem[10]; 435 436 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 437 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 438 memset(recv_mem, 0, total_len); 439 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 440 441 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 442 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 443 } 444 445 TEST_F(tls, recv_partial) 446 { 447 char const *test_str = "test_read_partial"; 448 char const *test_str_first = "test_read"; 449 char const *test_str_second = "_partial"; 450 int send_len = strlen(test_str) + 1; 451 char recv_mem[18]; 452 453 memset(recv_mem, 0, sizeof(recv_mem)); 454 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 455 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 456 MSG_WAITALL), -1); 457 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 458 memset(recv_mem, 0, sizeof(recv_mem)); 459 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 460 MSG_WAITALL), -1); 461 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 462 0); 463 } 464 465 TEST_F(tls, recv_nonblock) 466 { 467 char buf[4096]; 468 bool err; 469 470 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 471 err = (errno == EAGAIN || errno == EWOULDBLOCK); 472 EXPECT_EQ(err, true); 473 } 474 475 TEST_F(tls, recv_peek) 476 { 477 char const *test_str = "test_read_peek"; 478 int send_len = strlen(test_str) + 1; 479 char buf[15]; 480 481 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 482 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 483 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 484 memset(buf, 0, sizeof(buf)); 485 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 486 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 487 } 488 489 TEST_F(tls, recv_peek_multiple) 490 { 491 char const *test_str = "test_read_peek"; 492 int send_len = strlen(test_str) + 1; 493 unsigned int num_peeks = 100; 494 char buf[15]; 495 int i; 496 497 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 498 for (i = 0; i < num_peeks; i++) { 499 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 500 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 501 memset(buf, 0, sizeof(buf)); 502 } 503 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 504 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 505 } 506 507 TEST_F(tls, recv_peek_multiple_records) 508 { 509 char const *test_str = "test_read_peek_mult_recs"; 510 char const *test_str_first = "test_read_peek"; 511 char const *test_str_second = "_mult_recs"; 512 int len; 513 char buf[64]; 514 515 len = strlen(test_str_first); 516 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 517 518 len = strlen(test_str_second) + 1; 519 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 520 521 len = strlen(test_str_first); 522 memset(buf, 0, len); 523 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 524 525 /* MSG_PEEK can only peek into the current record. */ 526 len = strlen(test_str_first); 527 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 528 529 len = strlen(test_str) + 1; 530 memset(buf, 0, len); 531 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 532 533 /* Non-MSG_PEEK will advance strparser (and therefore record) 534 * however. 535 */ 536 len = strlen(test_str) + 1; 537 EXPECT_EQ(memcmp(test_str, buf, len), 0); 538 539 /* MSG_MORE will hold current record open, so later MSG_PEEK 540 * will see everything. 541 */ 542 len = strlen(test_str_first); 543 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 544 545 len = strlen(test_str_second) + 1; 546 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 547 548 len = strlen(test_str) + 1; 549 memset(buf, 0, len); 550 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 551 552 len = strlen(test_str) + 1; 553 EXPECT_EQ(memcmp(test_str, buf, len), 0); 554 } 555 556 TEST_F(tls, recv_peek_large_buf_mult_recs) 557 { 558 char const *test_str = "test_read_peek_mult_recs"; 559 char const *test_str_first = "test_read_peek"; 560 char const *test_str_second = "_mult_recs"; 561 int len; 562 char buf[64]; 563 564 len = strlen(test_str_first); 565 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 566 567 len = strlen(test_str_second) + 1; 568 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 569 570 len = strlen(test_str) + 1; 571 memset(buf, 0, len); 572 EXPECT_NE((len = recv(self->cfd, buf, len, 573 MSG_PEEK | MSG_WAITALL)), -1); 574 len = strlen(test_str) + 1; 575 EXPECT_EQ(memcmp(test_str, buf, len), 0); 576 } 577 578 579 TEST_F(tls, pollin) 580 { 581 char const *test_str = "test_poll"; 582 struct pollfd fd = { 0, 0, 0 }; 583 char buf[10]; 584 int send_len = 10; 585 586 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 587 fd.fd = self->cfd; 588 fd.events = POLLIN; 589 590 EXPECT_EQ(poll(&fd, 1, 20), 1); 591 EXPECT_EQ(fd.revents & POLLIN, 1); 592 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 593 /* Test timing out */ 594 EXPECT_EQ(poll(&fd, 1, 20), 0); 595 } 596 597 TEST_F(tls, poll_wait) 598 { 599 char const *test_str = "test_poll_wait"; 600 int send_len = strlen(test_str) + 1; 601 struct pollfd fd = { 0, 0, 0 }; 602 char recv_mem[15]; 603 604 fd.fd = self->cfd; 605 fd.events = POLLIN; 606 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 607 /* Set timeout to inf. secs */ 608 EXPECT_EQ(poll(&fd, 1, -1), 1); 609 EXPECT_EQ(fd.revents & POLLIN, 1); 610 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 611 } 612 613 TEST_F(tls, blocking) 614 { 615 size_t data = 100000; 616 int res = fork(); 617 618 EXPECT_NE(res, -1); 619 620 if (res) { 621 /* parent */ 622 size_t left = data; 623 char buf[16384]; 624 int status; 625 int pid2; 626 627 while (left) { 628 int res = send(self->fd, buf, 629 left > 16384 ? 16384 : left, 0); 630 631 EXPECT_GE(res, 0); 632 left -= res; 633 } 634 635 pid2 = wait(&status); 636 EXPECT_EQ(status, 0); 637 EXPECT_EQ(res, pid2); 638 } else { 639 /* child */ 640 size_t left = data; 641 char buf[16384]; 642 643 while (left) { 644 int res = recv(self->cfd, buf, 645 left > 16384 ? 16384 : left, 0); 646 647 EXPECT_GE(res, 0); 648 left -= res; 649 } 650 } 651 } 652 653 TEST_F(tls, nonblocking) 654 { 655 size_t data = 100000; 656 int sendbuf = 100; 657 int flags; 658 int res; 659 660 flags = fcntl(self->fd, F_GETFL, 0); 661 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 662 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 663 664 /* Ensure nonblocking behavior by imposing a small send 665 * buffer. 666 */ 667 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 668 &sendbuf, sizeof(sendbuf)), 0); 669 670 res = fork(); 671 EXPECT_NE(res, -1); 672 673 if (res) { 674 /* parent */ 675 bool eagain = false; 676 size_t left = data; 677 char buf[16384]; 678 int status; 679 int pid2; 680 681 while (left) { 682 int res = send(self->fd, buf, 683 left > 16384 ? 16384 : left, 0); 684 685 if (res == -1 && errno == EAGAIN) { 686 eagain = true; 687 usleep(10000); 688 continue; 689 } 690 EXPECT_GE(res, 0); 691 left -= res; 692 } 693 694 EXPECT_TRUE(eagain); 695 pid2 = wait(&status); 696 697 EXPECT_EQ(status, 0); 698 EXPECT_EQ(res, pid2); 699 } else { 700 /* child */ 701 bool eagain = false; 702 size_t left = data; 703 char buf[16384]; 704 705 while (left) { 706 int res = recv(self->cfd, buf, 707 left > 16384 ? 16384 : left, 0); 708 709 if (res == -1 && errno == EAGAIN) { 710 eagain = true; 711 usleep(10000); 712 continue; 713 } 714 EXPECT_GE(res, 0); 715 left -= res; 716 } 717 EXPECT_TRUE(eagain); 718 } 719 } 720 721 TEST_F(tls, control_msg) 722 { 723 if (self->notls) 724 return; 725 726 char cbuf[CMSG_SPACE(sizeof(char))]; 727 char const *test_str = "test_read"; 728 int cmsg_len = sizeof(char); 729 char record_type = 100; 730 struct cmsghdr *cmsg; 731 struct msghdr msg; 732 int send_len = 10; 733 struct iovec vec; 734 char buf[10]; 735 736 vec.iov_base = (char *)test_str; 737 vec.iov_len = 10; 738 memset(&msg, 0, sizeof(struct msghdr)); 739 msg.msg_iov = &vec; 740 msg.msg_iovlen = 1; 741 msg.msg_control = cbuf; 742 msg.msg_controllen = sizeof(cbuf); 743 cmsg = CMSG_FIRSTHDR(&msg); 744 cmsg->cmsg_level = SOL_TLS; 745 /* test sending non-record types. */ 746 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 747 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 748 *CMSG_DATA(cmsg) = record_type; 749 msg.msg_controllen = cmsg->cmsg_len; 750 751 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 752 /* Should fail because we didn't provide a control message */ 753 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 754 755 vec.iov_base = buf; 756 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 757 758 cmsg = CMSG_FIRSTHDR(&msg); 759 EXPECT_NE(cmsg, NULL); 760 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 761 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 762 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 763 EXPECT_EQ(record_type, 100); 764 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 765 766 /* Recv the message again without MSG_PEEK */ 767 record_type = 0; 768 memset(buf, 0, sizeof(buf)); 769 770 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 771 cmsg = CMSG_FIRSTHDR(&msg); 772 EXPECT_NE(cmsg, NULL); 773 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 774 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 775 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 776 EXPECT_EQ(record_type, 100); 777 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 778 } 779 780 TEST(keysizes) { 781 struct tls12_crypto_info_aes_gcm_256 tls12; 782 struct sockaddr_in addr; 783 int sfd, ret, fd, cfd; 784 socklen_t len; 785 bool notls; 786 787 notls = false; 788 len = sizeof(addr); 789 790 memset(&tls12, 0, sizeof(tls12)); 791 tls12.info.version = TLS_1_2_VERSION; 792 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 793 794 addr.sin_family = AF_INET; 795 addr.sin_addr.s_addr = htonl(INADDR_ANY); 796 addr.sin_port = 0; 797 798 fd = socket(AF_INET, SOCK_STREAM, 0); 799 sfd = socket(AF_INET, SOCK_STREAM, 0); 800 801 ret = bind(sfd, &addr, sizeof(addr)); 802 ASSERT_EQ(ret, 0); 803 ret = listen(sfd, 10); 804 ASSERT_EQ(ret, 0); 805 806 ret = getsockname(sfd, &addr, &len); 807 ASSERT_EQ(ret, 0); 808 809 ret = connect(fd, &addr, sizeof(addr)); 810 ASSERT_EQ(ret, 0); 811 812 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 813 if (ret != 0) { 814 notls = true; 815 printf("Failure setting TCP_ULP, testing without tls\n"); 816 } 817 818 if (!notls) { 819 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 820 sizeof(tls12)); 821 EXPECT_EQ(ret, 0); 822 } 823 824 cfd = accept(sfd, &addr, &len); 825 ASSERT_GE(cfd, 0); 826 827 if (!notls) { 828 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 829 sizeof("tls")); 830 EXPECT_EQ(ret, 0); 831 832 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 833 sizeof(tls12)); 834 EXPECT_EQ(ret, 0); 835 } 836 837 close(sfd); 838 close(fd); 839 close(cfd); 840 } 841 842 TEST(tls12) { 843 int fd, cfd; 844 bool notls; 845 846 struct tls12_crypto_info_aes_gcm_128 tls12; 847 struct sockaddr_in addr; 848 socklen_t len; 849 int sfd, ret; 850 851 notls = false; 852 len = sizeof(addr); 853 854 memset(&tls12, 0, sizeof(tls12)); 855 tls12.info.version = TLS_1_2_VERSION; 856 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 857 858 addr.sin_family = AF_INET; 859 addr.sin_addr.s_addr = htonl(INADDR_ANY); 860 addr.sin_port = 0; 861 862 fd = socket(AF_INET, SOCK_STREAM, 0); 863 sfd = socket(AF_INET, SOCK_STREAM, 0); 864 865 ret = bind(sfd, &addr, sizeof(addr)); 866 ASSERT_EQ(ret, 0); 867 ret = listen(sfd, 10); 868 ASSERT_EQ(ret, 0); 869 870 ret = getsockname(sfd, &addr, &len); 871 ASSERT_EQ(ret, 0); 872 873 ret = connect(fd, &addr, sizeof(addr)); 874 ASSERT_EQ(ret, 0); 875 876 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 877 if (ret != 0) { 878 notls = true; 879 printf("Failure setting TCP_ULP, testing without tls\n"); 880 } 881 882 if (!notls) { 883 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 884 sizeof(tls12)); 885 ASSERT_EQ(ret, 0); 886 } 887 888 cfd = accept(sfd, &addr, &len); 889 ASSERT_GE(cfd, 0); 890 891 if (!notls) { 892 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 893 sizeof("tls")); 894 ASSERT_EQ(ret, 0); 895 896 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 897 sizeof(tls12)); 898 ASSERT_EQ(ret, 0); 899 } 900 901 close(sfd); 902 903 char const *test_str = "test_read"; 904 int send_len = 10; 905 char buf[10]; 906 907 send_len = strlen(test_str) + 1; 908 EXPECT_EQ(send(fd, test_str, send_len, 0), send_len); 909 EXPECT_NE(recv(cfd, buf, send_len, 0), -1); 910 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 911 912 close(fd); 913 close(cfd); 914 } 915 916 TEST_HARNESS_MAIN 917