1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/epoll.h> 19 #include <sys/types.h> 20 #include <sys/sendfile.h> 21 #include <sys/socket.h> 22 #include <sys/stat.h> 23 24 #include "../kselftest_harness.h" 25 26 #define TLS_PAYLOAD_MAX_LEN 16384 27 #define SOL_TLS 282 28 29 struct tls_crypto_info_keys { 30 union { 31 struct tls12_crypto_info_aes_gcm_128 aes128; 32 struct tls12_crypto_info_chacha20_poly1305 chacha20; 33 struct tls12_crypto_info_sm4_gcm sm4gcm; 34 struct tls12_crypto_info_sm4_ccm sm4ccm; 35 struct tls12_crypto_info_aes_ccm_128 aesccm128; 36 struct tls12_crypto_info_aes_gcm_256 aesgcm256; 37 }; 38 size_t len; 39 }; 40 41 static void tls_crypto_info_init(uint16_t tls_version, uint16_t cipher_type, 42 struct tls_crypto_info_keys *tls12) 43 { 44 memset(tls12, 0, sizeof(*tls12)); 45 46 switch (cipher_type) { 47 case TLS_CIPHER_CHACHA20_POLY1305: 48 tls12->len = sizeof(struct tls12_crypto_info_chacha20_poly1305); 49 tls12->chacha20.info.version = tls_version; 50 tls12->chacha20.info.cipher_type = cipher_type; 51 break; 52 case TLS_CIPHER_AES_GCM_128: 53 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_128); 54 tls12->aes128.info.version = tls_version; 55 tls12->aes128.info.cipher_type = cipher_type; 56 break; 57 case TLS_CIPHER_SM4_GCM: 58 tls12->len = sizeof(struct tls12_crypto_info_sm4_gcm); 59 tls12->sm4gcm.info.version = tls_version; 60 tls12->sm4gcm.info.cipher_type = cipher_type; 61 break; 62 case TLS_CIPHER_SM4_CCM: 63 tls12->len = sizeof(struct tls12_crypto_info_sm4_ccm); 64 tls12->sm4ccm.info.version = tls_version; 65 tls12->sm4ccm.info.cipher_type = cipher_type; 66 break; 67 case TLS_CIPHER_AES_CCM_128: 68 tls12->len = sizeof(struct tls12_crypto_info_aes_ccm_128); 69 tls12->aesccm128.info.version = tls_version; 70 tls12->aesccm128.info.cipher_type = cipher_type; 71 break; 72 case TLS_CIPHER_AES_GCM_256: 73 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_256); 74 tls12->aesgcm256.info.version = tls_version; 75 tls12->aesgcm256.info.cipher_type = cipher_type; 76 break; 77 default: 78 break; 79 } 80 } 81 82 static void memrnd(void *s, size_t n) 83 { 84 int *dword = s; 85 char *byte; 86 87 for (; n >= 4; n -= 4) 88 *dword++ = rand(); 89 byte = (void *)dword; 90 while (n--) 91 *byte++ = rand(); 92 } 93 94 static void ulp_sock_pair(struct __test_metadata *_metadata, 95 int *fd, int *cfd, bool *notls) 96 { 97 struct sockaddr_in addr; 98 socklen_t len; 99 int sfd, ret; 100 101 *notls = false; 102 len = sizeof(addr); 103 104 addr.sin_family = AF_INET; 105 addr.sin_addr.s_addr = htonl(INADDR_ANY); 106 addr.sin_port = 0; 107 108 *fd = socket(AF_INET, SOCK_STREAM, 0); 109 sfd = socket(AF_INET, SOCK_STREAM, 0); 110 111 ret = bind(sfd, &addr, sizeof(addr)); 112 ASSERT_EQ(ret, 0); 113 ret = listen(sfd, 10); 114 ASSERT_EQ(ret, 0); 115 116 ret = getsockname(sfd, &addr, &len); 117 ASSERT_EQ(ret, 0); 118 119 ret = connect(*fd, &addr, sizeof(addr)); 120 ASSERT_EQ(ret, 0); 121 122 *cfd = accept(sfd, &addr, &len); 123 ASSERT_GE(*cfd, 0); 124 125 close(sfd); 126 127 ret = setsockopt(*fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 128 if (ret != 0) { 129 ASSERT_EQ(errno, ENOENT); 130 *notls = true; 131 printf("Failure setting TCP_ULP, testing without tls\n"); 132 return; 133 } 134 135 ret = setsockopt(*cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 136 ASSERT_EQ(ret, 0); 137 } 138 139 /* Produce a basic cmsg */ 140 static int tls_send_cmsg(int fd, unsigned char record_type, 141 void *data, size_t len, int flags) 142 { 143 char cbuf[CMSG_SPACE(sizeof(char))]; 144 int cmsg_len = sizeof(char); 145 struct cmsghdr *cmsg; 146 struct msghdr msg; 147 struct iovec vec; 148 149 vec.iov_base = data; 150 vec.iov_len = len; 151 memset(&msg, 0, sizeof(struct msghdr)); 152 msg.msg_iov = &vec; 153 msg.msg_iovlen = 1; 154 msg.msg_control = cbuf; 155 msg.msg_controllen = sizeof(cbuf); 156 cmsg = CMSG_FIRSTHDR(&msg); 157 cmsg->cmsg_level = SOL_TLS; 158 /* test sending non-record types. */ 159 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 160 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 161 *CMSG_DATA(cmsg) = record_type; 162 msg.msg_controllen = cmsg->cmsg_len; 163 164 return sendmsg(fd, &msg, flags); 165 } 166 167 static int tls_recv_cmsg(struct __test_metadata *_metadata, 168 int fd, unsigned char record_type, 169 void *data, size_t len, int flags) 170 { 171 char cbuf[CMSG_SPACE(sizeof(char))]; 172 struct cmsghdr *cmsg; 173 unsigned char ctype; 174 struct msghdr msg; 175 struct iovec vec; 176 int n; 177 178 vec.iov_base = data; 179 vec.iov_len = len; 180 memset(&msg, 0, sizeof(struct msghdr)); 181 msg.msg_iov = &vec; 182 msg.msg_iovlen = 1; 183 msg.msg_control = cbuf; 184 msg.msg_controllen = sizeof(cbuf); 185 186 n = recvmsg(fd, &msg, flags); 187 188 cmsg = CMSG_FIRSTHDR(&msg); 189 EXPECT_NE(cmsg, NULL); 190 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 191 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 192 ctype = *((unsigned char *)CMSG_DATA(cmsg)); 193 EXPECT_EQ(ctype, record_type); 194 195 return n; 196 } 197 198 FIXTURE(tls_basic) 199 { 200 int fd, cfd; 201 bool notls; 202 }; 203 204 FIXTURE_SETUP(tls_basic) 205 { 206 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); 207 } 208 209 FIXTURE_TEARDOWN(tls_basic) 210 { 211 close(self->fd); 212 close(self->cfd); 213 } 214 215 /* Send some data through with ULP but no keys */ 216 TEST_F(tls_basic, base_base) 217 { 218 char const *test_str = "test_read"; 219 int send_len = 10; 220 char buf[10]; 221 222 ASSERT_EQ(strlen(test_str) + 1, send_len); 223 224 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 225 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 226 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 227 }; 228 229 FIXTURE(tls) 230 { 231 int fd, cfd; 232 bool notls; 233 }; 234 235 FIXTURE_VARIANT(tls) 236 { 237 uint16_t tls_version; 238 uint16_t cipher_type; 239 bool nopad; 240 }; 241 242 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm) 243 { 244 .tls_version = TLS_1_2_VERSION, 245 .cipher_type = TLS_CIPHER_AES_GCM_128, 246 }; 247 248 FIXTURE_VARIANT_ADD(tls, 13_aes_gcm) 249 { 250 .tls_version = TLS_1_3_VERSION, 251 .cipher_type = TLS_CIPHER_AES_GCM_128, 252 }; 253 254 FIXTURE_VARIANT_ADD(tls, 12_chacha) 255 { 256 .tls_version = TLS_1_2_VERSION, 257 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 258 }; 259 260 FIXTURE_VARIANT_ADD(tls, 13_chacha) 261 { 262 .tls_version = TLS_1_3_VERSION, 263 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305, 264 }; 265 266 FIXTURE_VARIANT_ADD(tls, 13_sm4_gcm) 267 { 268 .tls_version = TLS_1_3_VERSION, 269 .cipher_type = TLS_CIPHER_SM4_GCM, 270 }; 271 272 FIXTURE_VARIANT_ADD(tls, 13_sm4_ccm) 273 { 274 .tls_version = TLS_1_3_VERSION, 275 .cipher_type = TLS_CIPHER_SM4_CCM, 276 }; 277 278 FIXTURE_VARIANT_ADD(tls, 12_aes_ccm) 279 { 280 .tls_version = TLS_1_2_VERSION, 281 .cipher_type = TLS_CIPHER_AES_CCM_128, 282 }; 283 284 FIXTURE_VARIANT_ADD(tls, 13_aes_ccm) 285 { 286 .tls_version = TLS_1_3_VERSION, 287 .cipher_type = TLS_CIPHER_AES_CCM_128, 288 }; 289 290 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm_256) 291 { 292 .tls_version = TLS_1_2_VERSION, 293 .cipher_type = TLS_CIPHER_AES_GCM_256, 294 }; 295 296 FIXTURE_VARIANT_ADD(tls, 13_aes_gcm_256) 297 { 298 .tls_version = TLS_1_3_VERSION, 299 .cipher_type = TLS_CIPHER_AES_GCM_256, 300 }; 301 302 FIXTURE_VARIANT_ADD(tls, 13_nopad) 303 { 304 .tls_version = TLS_1_3_VERSION, 305 .cipher_type = TLS_CIPHER_AES_GCM_128, 306 .nopad = true, 307 }; 308 309 FIXTURE_SETUP(tls) 310 { 311 struct tls_crypto_info_keys tls12; 312 int one = 1; 313 int ret; 314 315 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 316 &tls12); 317 318 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); 319 320 if (self->notls) 321 return; 322 323 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, tls12.len); 324 ASSERT_EQ(ret, 0); 325 326 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, tls12.len); 327 ASSERT_EQ(ret, 0); 328 329 if (variant->nopad) { 330 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 331 (void *)&one, sizeof(one)); 332 ASSERT_EQ(ret, 0); 333 } 334 } 335 336 FIXTURE_TEARDOWN(tls) 337 { 338 close(self->fd); 339 close(self->cfd); 340 } 341 342 TEST_F(tls, sendfile) 343 { 344 int filefd = open("/proc/self/exe", O_RDONLY); 345 struct stat st; 346 347 EXPECT_GE(filefd, 0); 348 fstat(filefd, &st); 349 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 350 } 351 352 TEST_F(tls, send_then_sendfile) 353 { 354 int filefd = open("/proc/self/exe", O_RDONLY); 355 char const *test_str = "test_send"; 356 int to_send = strlen(test_str) + 1; 357 char recv_buf[10]; 358 struct stat st; 359 char *buf; 360 361 EXPECT_GE(filefd, 0); 362 fstat(filefd, &st); 363 buf = (char *)malloc(st.st_size); 364 365 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 366 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 367 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 368 369 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 370 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 371 } 372 373 static void chunked_sendfile(struct __test_metadata *_metadata, 374 struct _test_data_tls *self, 375 uint16_t chunk_size, 376 uint16_t extra_payload_size) 377 { 378 char buf[TLS_PAYLOAD_MAX_LEN]; 379 uint16_t test_payload_size; 380 int size = 0; 381 int ret; 382 char filename[] = "/tmp/mytemp.XXXXXX"; 383 int fd = mkstemp(filename); 384 off_t offset = 0; 385 386 unlink(filename); 387 ASSERT_GE(fd, 0); 388 EXPECT_GE(chunk_size, 1); 389 test_payload_size = chunk_size + extra_payload_size; 390 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 391 memset(buf, 1, test_payload_size); 392 size = write(fd, buf, test_payload_size); 393 EXPECT_EQ(size, test_payload_size); 394 fsync(fd); 395 396 while (size > 0) { 397 ret = sendfile(self->fd, fd, &offset, chunk_size); 398 EXPECT_GE(ret, 0); 399 size -= ret; 400 } 401 402 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 403 test_payload_size); 404 405 close(fd); 406 } 407 408 TEST_F(tls, multi_chunk_sendfile) 409 { 410 chunked_sendfile(_metadata, self, 4096, 4096); 411 chunked_sendfile(_metadata, self, 4096, 0); 412 chunked_sendfile(_metadata, self, 4096, 1); 413 chunked_sendfile(_metadata, self, 4096, 2048); 414 chunked_sendfile(_metadata, self, 8192, 2048); 415 chunked_sendfile(_metadata, self, 4096, 8192); 416 chunked_sendfile(_metadata, self, 8192, 4096); 417 chunked_sendfile(_metadata, self, 12288, 1024); 418 chunked_sendfile(_metadata, self, 12288, 2000); 419 chunked_sendfile(_metadata, self, 15360, 100); 420 chunked_sendfile(_metadata, self, 15360, 300); 421 chunked_sendfile(_metadata, self, 1, 4096); 422 chunked_sendfile(_metadata, self, 2048, 4096); 423 chunked_sendfile(_metadata, self, 2048, 8192); 424 chunked_sendfile(_metadata, self, 4096, 8192); 425 chunked_sendfile(_metadata, self, 1024, 12288); 426 chunked_sendfile(_metadata, self, 2000, 12288); 427 chunked_sendfile(_metadata, self, 100, 15360); 428 chunked_sendfile(_metadata, self, 300, 15360); 429 } 430 431 TEST_F(tls, recv_max) 432 { 433 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 434 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 435 char buf[TLS_PAYLOAD_MAX_LEN]; 436 437 memrnd(buf, sizeof(buf)); 438 439 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 440 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 441 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 442 } 443 444 TEST_F(tls, recv_small) 445 { 446 char const *test_str = "test_read"; 447 int send_len = 10; 448 char buf[10]; 449 450 send_len = strlen(test_str) + 1; 451 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 452 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 453 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 454 } 455 456 TEST_F(tls, msg_more) 457 { 458 char const *test_str = "test_read"; 459 int send_len = 10; 460 char buf[10 * 2]; 461 462 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 463 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 464 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 465 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 466 send_len * 2); 467 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 468 } 469 470 TEST_F(tls, msg_more_unsent) 471 { 472 char const *test_str = "test_read"; 473 int send_len = 10; 474 char buf[10]; 475 476 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 477 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 478 } 479 480 TEST_F(tls, sendmsg_single) 481 { 482 struct msghdr msg; 483 484 char const *test_str = "test_sendmsg"; 485 size_t send_len = 13; 486 struct iovec vec; 487 char buf[13]; 488 489 vec.iov_base = (char *)test_str; 490 vec.iov_len = send_len; 491 memset(&msg, 0, sizeof(struct msghdr)); 492 msg.msg_iov = &vec; 493 msg.msg_iovlen = 1; 494 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 495 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 496 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 497 } 498 499 #define MAX_FRAGS 64 500 #define SEND_LEN 13 501 TEST_F(tls, sendmsg_fragmented) 502 { 503 char const *test_str = "test_sendmsg"; 504 char buf[SEND_LEN * MAX_FRAGS]; 505 struct iovec vec[MAX_FRAGS]; 506 struct msghdr msg; 507 int i, frags; 508 509 for (frags = 1; frags <= MAX_FRAGS; frags++) { 510 for (i = 0; i < frags; i++) { 511 vec[i].iov_base = (char *)test_str; 512 vec[i].iov_len = SEND_LEN; 513 } 514 515 memset(&msg, 0, sizeof(struct msghdr)); 516 msg.msg_iov = vec; 517 msg.msg_iovlen = frags; 518 519 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 520 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 521 SEND_LEN * frags); 522 523 for (i = 0; i < frags; i++) 524 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 525 test_str, SEND_LEN), 0); 526 } 527 } 528 #undef MAX_FRAGS 529 #undef SEND_LEN 530 531 TEST_F(tls, sendmsg_large) 532 { 533 void *mem = malloc(16384); 534 size_t send_len = 16384; 535 size_t sends = 128; 536 struct msghdr msg; 537 size_t recvs = 0; 538 size_t sent = 0; 539 540 memset(&msg, 0, sizeof(struct msghdr)); 541 while (sent++ < sends) { 542 struct iovec vec = { (void *)mem, send_len }; 543 544 msg.msg_iov = &vec; 545 msg.msg_iovlen = 1; 546 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 547 } 548 549 while (recvs++ < sends) { 550 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 551 } 552 553 free(mem); 554 } 555 556 TEST_F(tls, sendmsg_multiple) 557 { 558 char const *test_str = "test_sendmsg_multiple"; 559 struct iovec vec[5]; 560 char *test_strs[5]; 561 struct msghdr msg; 562 int total_len = 0; 563 int len_cmp = 0; 564 int iov_len = 5; 565 char *buf; 566 int i; 567 568 memset(&msg, 0, sizeof(struct msghdr)); 569 for (i = 0; i < iov_len; i++) { 570 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 571 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 572 vec[i].iov_base = (void *)test_strs[i]; 573 vec[i].iov_len = strlen(test_strs[i]) + 1; 574 total_len += vec[i].iov_len; 575 } 576 msg.msg_iov = vec; 577 msg.msg_iovlen = iov_len; 578 579 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 580 buf = malloc(total_len); 581 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 582 for (i = 0; i < iov_len; i++) { 583 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 584 strlen(test_strs[i])), 585 0); 586 len_cmp += strlen(buf + len_cmp) + 1; 587 } 588 for (i = 0; i < iov_len; i++) 589 free(test_strs[i]); 590 free(buf); 591 } 592 593 TEST_F(tls, sendmsg_multiple_stress) 594 { 595 char const *test_str = "abcdefghijklmno"; 596 struct iovec vec[1024]; 597 char *test_strs[1024]; 598 int iov_len = 1024; 599 int total_len = 0; 600 char buf[1 << 14]; 601 struct msghdr msg; 602 int len_cmp = 0; 603 int i; 604 605 memset(&msg, 0, sizeof(struct msghdr)); 606 for (i = 0; i < iov_len; i++) { 607 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 608 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 609 vec[i].iov_base = (void *)test_strs[i]; 610 vec[i].iov_len = strlen(test_strs[i]) + 1; 611 total_len += vec[i].iov_len; 612 } 613 msg.msg_iov = vec; 614 msg.msg_iovlen = iov_len; 615 616 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 617 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 618 619 for (i = 0; i < iov_len; i++) 620 len_cmp += strlen(buf + len_cmp) + 1; 621 622 for (i = 0; i < iov_len; i++) 623 free(test_strs[i]); 624 } 625 626 TEST_F(tls, splice_from_pipe) 627 { 628 int send_len = TLS_PAYLOAD_MAX_LEN; 629 char mem_send[TLS_PAYLOAD_MAX_LEN]; 630 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 631 int p[2]; 632 633 ASSERT_GE(pipe(p), 0); 634 EXPECT_GE(write(p[1], mem_send, send_len), 0); 635 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 636 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 637 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 638 } 639 640 TEST_F(tls, splice_from_pipe2) 641 { 642 int send_len = 16000; 643 char mem_send[16000]; 644 char mem_recv[16000]; 645 int p2[2]; 646 int p[2]; 647 648 memrnd(mem_send, sizeof(mem_send)); 649 650 ASSERT_GE(pipe(p), 0); 651 ASSERT_GE(pipe(p2), 0); 652 EXPECT_EQ(write(p[1], mem_send, 8000), 8000); 653 EXPECT_EQ(splice(p[0], NULL, self->fd, NULL, 8000, 0), 8000); 654 EXPECT_EQ(write(p2[1], mem_send + 8000, 8000), 8000); 655 EXPECT_EQ(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 8000); 656 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 657 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 658 } 659 660 TEST_F(tls, send_and_splice) 661 { 662 int send_len = TLS_PAYLOAD_MAX_LEN; 663 char mem_send[TLS_PAYLOAD_MAX_LEN]; 664 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 665 char const *test_str = "test_read"; 666 int send_len2 = 10; 667 char buf[10]; 668 int p[2]; 669 670 ASSERT_GE(pipe(p), 0); 671 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 672 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 673 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 674 675 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 676 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 677 678 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 679 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 680 } 681 682 TEST_F(tls, splice_to_pipe) 683 { 684 int send_len = TLS_PAYLOAD_MAX_LEN; 685 char mem_send[TLS_PAYLOAD_MAX_LEN]; 686 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 687 int p[2]; 688 689 memrnd(mem_send, sizeof(mem_send)); 690 691 ASSERT_GE(pipe(p), 0); 692 EXPECT_EQ(send(self->fd, mem_send, send_len, 0), send_len); 693 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), send_len); 694 EXPECT_EQ(read(p[0], mem_recv, send_len), send_len); 695 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 696 } 697 698 TEST_F(tls, splice_cmsg_to_pipe) 699 { 700 char *test_str = "test_read"; 701 char record_type = 100; 702 int send_len = 10; 703 char buf[10]; 704 int p[2]; 705 706 if (self->notls) 707 SKIP(return, "no TLS support"); 708 709 ASSERT_GE(pipe(p), 0); 710 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10); 711 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), -1); 712 EXPECT_EQ(errno, EINVAL); 713 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 714 EXPECT_EQ(errno, EIO); 715 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 716 buf, sizeof(buf), MSG_WAITALL), 717 send_len); 718 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 719 } 720 721 TEST_F(tls, splice_dec_cmsg_to_pipe) 722 { 723 char *test_str = "test_read"; 724 char record_type = 100; 725 int send_len = 10; 726 char buf[10]; 727 int p[2]; 728 729 if (self->notls) 730 SKIP(return, "no TLS support"); 731 732 ASSERT_GE(pipe(p), 0); 733 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10); 734 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 735 EXPECT_EQ(errno, EIO); 736 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), -1); 737 EXPECT_EQ(errno, EINVAL); 738 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 739 buf, sizeof(buf), MSG_WAITALL), 740 send_len); 741 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 742 } 743 744 TEST_F(tls, recv_and_splice) 745 { 746 int send_len = TLS_PAYLOAD_MAX_LEN; 747 char mem_send[TLS_PAYLOAD_MAX_LEN]; 748 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 749 int half = send_len / 2; 750 int p[2]; 751 752 ASSERT_GE(pipe(p), 0); 753 EXPECT_EQ(send(self->fd, mem_send, send_len, 0), send_len); 754 /* Recv hald of the record, splice the other half */ 755 EXPECT_EQ(recv(self->cfd, mem_recv, half, MSG_WAITALL), half); 756 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, half, SPLICE_F_NONBLOCK), 757 half); 758 EXPECT_EQ(read(p[0], &mem_recv[half], half), half); 759 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 760 } 761 762 TEST_F(tls, peek_and_splice) 763 { 764 int send_len = TLS_PAYLOAD_MAX_LEN; 765 char mem_send[TLS_PAYLOAD_MAX_LEN]; 766 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 767 int chunk = TLS_PAYLOAD_MAX_LEN / 4; 768 int n, i, p[2]; 769 770 memrnd(mem_send, sizeof(mem_send)); 771 772 ASSERT_GE(pipe(p), 0); 773 for (i = 0; i < 4; i++) 774 EXPECT_EQ(send(self->fd, &mem_send[chunk * i], chunk, 0), 775 chunk); 776 777 EXPECT_EQ(recv(self->cfd, mem_recv, chunk * 5 / 2, 778 MSG_WAITALL | MSG_PEEK), 779 chunk * 5 / 2); 780 EXPECT_EQ(memcmp(mem_send, mem_recv, chunk * 5 / 2), 0); 781 782 n = 0; 783 while (n < send_len) { 784 i = splice(self->cfd, NULL, p[1], NULL, send_len - n, 0); 785 EXPECT_GT(i, 0); 786 n += i; 787 } 788 EXPECT_EQ(n, send_len); 789 EXPECT_EQ(read(p[0], mem_recv, send_len), send_len); 790 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 791 } 792 793 TEST_F(tls, recvmsg_single) 794 { 795 char const *test_str = "test_recvmsg_single"; 796 int send_len = strlen(test_str) + 1; 797 char buf[20]; 798 struct msghdr hdr; 799 struct iovec vec; 800 801 memset(&hdr, 0, sizeof(hdr)); 802 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 803 vec.iov_base = (char *)buf; 804 vec.iov_len = send_len; 805 hdr.msg_iovlen = 1; 806 hdr.msg_iov = &vec; 807 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 808 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 809 } 810 811 TEST_F(tls, recvmsg_single_max) 812 { 813 int send_len = TLS_PAYLOAD_MAX_LEN; 814 char send_mem[TLS_PAYLOAD_MAX_LEN]; 815 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 816 struct iovec vec; 817 struct msghdr hdr; 818 819 memrnd(send_mem, sizeof(send_mem)); 820 821 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 822 vec.iov_base = (char *)recv_mem; 823 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 824 825 hdr.msg_iovlen = 1; 826 hdr.msg_iov = &vec; 827 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 828 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 829 } 830 831 TEST_F(tls, recvmsg_multiple) 832 { 833 unsigned int msg_iovlen = 1024; 834 struct iovec vec[1024]; 835 char *iov_base[1024]; 836 unsigned int iov_len = 16; 837 int send_len = 1 << 14; 838 char buf[1 << 14]; 839 struct msghdr hdr; 840 int i; 841 842 memrnd(buf, sizeof(buf)); 843 844 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 845 for (i = 0; i < msg_iovlen; i++) { 846 iov_base[i] = (char *)malloc(iov_len); 847 vec[i].iov_base = iov_base[i]; 848 vec[i].iov_len = iov_len; 849 } 850 851 hdr.msg_iovlen = msg_iovlen; 852 hdr.msg_iov = vec; 853 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 854 855 for (i = 0; i < msg_iovlen; i++) 856 free(iov_base[i]); 857 } 858 859 TEST_F(tls, single_send_multiple_recv) 860 { 861 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 862 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 863 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 864 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 865 866 memrnd(send_mem, sizeof(send_mem)); 867 868 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 869 memset(recv_mem, 0, total_len); 870 871 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 872 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 873 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 874 } 875 876 TEST_F(tls, multiple_send_single_recv) 877 { 878 unsigned int total_len = 2 * 10; 879 unsigned int send_len = 10; 880 char recv_mem[2 * 10]; 881 char send_mem[10]; 882 883 memrnd(send_mem, sizeof(send_mem)); 884 885 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 886 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 887 memset(recv_mem, 0, total_len); 888 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 889 890 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 891 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 892 } 893 894 TEST_F(tls, single_send_multiple_recv_non_align) 895 { 896 const unsigned int total_len = 15; 897 const unsigned int recv_len = 10; 898 char recv_mem[recv_len * 2]; 899 char send_mem[total_len]; 900 901 memrnd(send_mem, sizeof(send_mem)); 902 903 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 904 memset(recv_mem, 0, total_len); 905 906 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 907 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 908 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 909 } 910 911 TEST_F(tls, recv_partial) 912 { 913 char const *test_str = "test_read_partial"; 914 char const *test_str_first = "test_read"; 915 char const *test_str_second = "_partial"; 916 int send_len = strlen(test_str) + 1; 917 char recv_mem[18]; 918 919 memset(recv_mem, 0, sizeof(recv_mem)); 920 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 921 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 922 MSG_WAITALL), -1); 923 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 924 memset(recv_mem, 0, sizeof(recv_mem)); 925 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 926 MSG_WAITALL), -1); 927 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 928 0); 929 } 930 931 TEST_F(tls, recv_nonblock) 932 { 933 char buf[4096]; 934 bool err; 935 936 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 937 err = (errno == EAGAIN || errno == EWOULDBLOCK); 938 EXPECT_EQ(err, true); 939 } 940 941 TEST_F(tls, recv_peek) 942 { 943 char const *test_str = "test_read_peek"; 944 int send_len = strlen(test_str) + 1; 945 char buf[15]; 946 947 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 948 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_PEEK), send_len); 949 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 950 memset(buf, 0, sizeof(buf)); 951 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), send_len); 952 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 953 } 954 955 TEST_F(tls, recv_peek_multiple) 956 { 957 char const *test_str = "test_read_peek"; 958 int send_len = strlen(test_str) + 1; 959 unsigned int num_peeks = 100; 960 char buf[15]; 961 int i; 962 963 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 964 for (i = 0; i < num_peeks; i++) { 965 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 966 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 967 memset(buf, 0, sizeof(buf)); 968 } 969 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 970 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 971 } 972 973 TEST_F(tls, recv_peek_multiple_records) 974 { 975 char const *test_str = "test_read_peek_mult_recs"; 976 char const *test_str_first = "test_read_peek"; 977 char const *test_str_second = "_mult_recs"; 978 int len; 979 char buf[64]; 980 981 len = strlen(test_str_first); 982 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 983 984 len = strlen(test_str_second) + 1; 985 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 986 987 len = strlen(test_str_first); 988 memset(buf, 0, len); 989 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 990 991 /* MSG_PEEK can only peek into the current record. */ 992 len = strlen(test_str_first); 993 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 994 995 len = strlen(test_str) + 1; 996 memset(buf, 0, len); 997 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 998 999 /* Non-MSG_PEEK will advance strparser (and therefore record) 1000 * however. 1001 */ 1002 len = strlen(test_str) + 1; 1003 EXPECT_EQ(memcmp(test_str, buf, len), 0); 1004 1005 /* MSG_MORE will hold current record open, so later MSG_PEEK 1006 * will see everything. 1007 */ 1008 len = strlen(test_str_first); 1009 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 1010 1011 len = strlen(test_str_second) + 1; 1012 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 1013 1014 len = strlen(test_str) + 1; 1015 memset(buf, 0, len); 1016 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 1017 1018 len = strlen(test_str) + 1; 1019 EXPECT_EQ(memcmp(test_str, buf, len), 0); 1020 } 1021 1022 TEST_F(tls, recv_peek_large_buf_mult_recs) 1023 { 1024 char const *test_str = "test_read_peek_mult_recs"; 1025 char const *test_str_first = "test_read_peek"; 1026 char const *test_str_second = "_mult_recs"; 1027 int len; 1028 char buf[64]; 1029 1030 len = strlen(test_str_first); 1031 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 1032 1033 len = strlen(test_str_second) + 1; 1034 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 1035 1036 len = strlen(test_str) + 1; 1037 memset(buf, 0, len); 1038 EXPECT_NE((len = recv(self->cfd, buf, len, 1039 MSG_PEEK | MSG_WAITALL)), -1); 1040 len = strlen(test_str) + 1; 1041 EXPECT_EQ(memcmp(test_str, buf, len), 0); 1042 } 1043 1044 TEST_F(tls, recv_lowat) 1045 { 1046 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 1047 char recv_mem[20]; 1048 int lowat = 8; 1049 1050 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 1051 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 1052 1053 memset(recv_mem, 0, 20); 1054 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 1055 &lowat, sizeof(lowat)), 0); 1056 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 1057 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 1058 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 1059 1060 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 1061 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 1062 } 1063 1064 TEST_F(tls, bidir) 1065 { 1066 char const *test_str = "test_read"; 1067 int send_len = 10; 1068 char buf[10]; 1069 int ret; 1070 1071 if (!self->notls) { 1072 struct tls_crypto_info_keys tls12; 1073 1074 tls_crypto_info_init(variant->tls_version, variant->cipher_type, 1075 &tls12); 1076 1077 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 1078 tls12.len); 1079 ASSERT_EQ(ret, 0); 1080 1081 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 1082 tls12.len); 1083 ASSERT_EQ(ret, 0); 1084 } 1085 1086 ASSERT_EQ(strlen(test_str) + 1, send_len); 1087 1088 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1089 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1090 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1091 1092 memset(buf, 0, sizeof(buf)); 1093 1094 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 1095 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 1096 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1097 }; 1098 1099 TEST_F(tls, pollin) 1100 { 1101 char const *test_str = "test_poll"; 1102 struct pollfd fd = { 0, 0, 0 }; 1103 char buf[10]; 1104 int send_len = 10; 1105 1106 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1107 fd.fd = self->cfd; 1108 fd.events = POLLIN; 1109 1110 EXPECT_EQ(poll(&fd, 1, 20), 1); 1111 EXPECT_EQ(fd.revents & POLLIN, 1); 1112 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 1113 /* Test timing out */ 1114 EXPECT_EQ(poll(&fd, 1, 20), 0); 1115 } 1116 1117 TEST_F(tls, poll_wait) 1118 { 1119 char const *test_str = "test_poll_wait"; 1120 int send_len = strlen(test_str) + 1; 1121 struct pollfd fd = { 0, 0, 0 }; 1122 char recv_mem[15]; 1123 1124 fd.fd = self->cfd; 1125 fd.events = POLLIN; 1126 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1127 /* Set timeout to inf. secs */ 1128 EXPECT_EQ(poll(&fd, 1, -1), 1); 1129 EXPECT_EQ(fd.revents & POLLIN, 1); 1130 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 1131 } 1132 1133 TEST_F(tls, poll_wait_split) 1134 { 1135 struct pollfd fd = { 0, 0, 0 }; 1136 char send_mem[20] = {}; 1137 char recv_mem[15]; 1138 1139 fd.fd = self->cfd; 1140 fd.events = POLLIN; 1141 /* Send 20 bytes */ 1142 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 1143 sizeof(send_mem)); 1144 /* Poll with inf. timeout */ 1145 EXPECT_EQ(poll(&fd, 1, -1), 1); 1146 EXPECT_EQ(fd.revents & POLLIN, 1); 1147 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 1148 sizeof(recv_mem)); 1149 1150 /* Now the remaining 5 bytes of record data are in TLS ULP */ 1151 fd.fd = self->cfd; 1152 fd.events = POLLIN; 1153 EXPECT_EQ(poll(&fd, 1, -1), 1); 1154 EXPECT_EQ(fd.revents & POLLIN, 1); 1155 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 1156 sizeof(send_mem) - sizeof(recv_mem)); 1157 } 1158 1159 TEST_F(tls, blocking) 1160 { 1161 size_t data = 100000; 1162 int res = fork(); 1163 1164 EXPECT_NE(res, -1); 1165 1166 if (res) { 1167 /* parent */ 1168 size_t left = data; 1169 char buf[16384]; 1170 int status; 1171 int pid2; 1172 1173 while (left) { 1174 int res = send(self->fd, buf, 1175 left > 16384 ? 16384 : left, 0); 1176 1177 EXPECT_GE(res, 0); 1178 left -= res; 1179 } 1180 1181 pid2 = wait(&status); 1182 EXPECT_EQ(status, 0); 1183 EXPECT_EQ(res, pid2); 1184 } else { 1185 /* child */ 1186 size_t left = data; 1187 char buf[16384]; 1188 1189 while (left) { 1190 int res = recv(self->cfd, buf, 1191 left > 16384 ? 16384 : left, 0); 1192 1193 EXPECT_GE(res, 0); 1194 left -= res; 1195 } 1196 } 1197 } 1198 1199 TEST_F(tls, nonblocking) 1200 { 1201 size_t data = 100000; 1202 int sendbuf = 100; 1203 int flags; 1204 int res; 1205 1206 flags = fcntl(self->fd, F_GETFL, 0); 1207 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 1208 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 1209 1210 /* Ensure nonblocking behavior by imposing a small send 1211 * buffer. 1212 */ 1213 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 1214 &sendbuf, sizeof(sendbuf)), 0); 1215 1216 res = fork(); 1217 EXPECT_NE(res, -1); 1218 1219 if (res) { 1220 /* parent */ 1221 bool eagain = false; 1222 size_t left = data; 1223 char buf[16384]; 1224 int status; 1225 int pid2; 1226 1227 while (left) { 1228 int res = send(self->fd, buf, 1229 left > 16384 ? 16384 : left, 0); 1230 1231 if (res == -1 && errno == EAGAIN) { 1232 eagain = true; 1233 usleep(10000); 1234 continue; 1235 } 1236 EXPECT_GE(res, 0); 1237 left -= res; 1238 } 1239 1240 EXPECT_TRUE(eagain); 1241 pid2 = wait(&status); 1242 1243 EXPECT_EQ(status, 0); 1244 EXPECT_EQ(res, pid2); 1245 } else { 1246 /* child */ 1247 bool eagain = false; 1248 size_t left = data; 1249 char buf[16384]; 1250 1251 while (left) { 1252 int res = recv(self->cfd, buf, 1253 left > 16384 ? 16384 : left, 0); 1254 1255 if (res == -1 && errno == EAGAIN) { 1256 eagain = true; 1257 usleep(10000); 1258 continue; 1259 } 1260 EXPECT_GE(res, 0); 1261 left -= res; 1262 } 1263 EXPECT_TRUE(eagain); 1264 } 1265 } 1266 1267 static void 1268 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1269 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1270 { 1271 const unsigned int n_children = n_readers + n_writers; 1272 const size_t data = 6 * 1000 * 1000; 1273 const size_t file_sz = data / 100; 1274 size_t read_bias, write_bias; 1275 int i, fd, child_id; 1276 char buf[file_sz]; 1277 pid_t pid; 1278 1279 /* Only allow multiples for simplicity */ 1280 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1281 read_bias = n_writers / n_readers ?: 1; 1282 write_bias = n_readers / n_writers ?: 1; 1283 1284 /* prep a file to send */ 1285 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1286 ASSERT_GE(fd, 0); 1287 1288 memset(buf, 0xac, file_sz); 1289 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1290 1291 /* spawn children */ 1292 for (child_id = 0; child_id < n_children; child_id++) { 1293 pid = fork(); 1294 ASSERT_NE(pid, -1); 1295 if (!pid) 1296 break; 1297 } 1298 1299 /* parent waits for all children */ 1300 if (pid) { 1301 for (i = 0; i < n_children; i++) { 1302 int status; 1303 1304 wait(&status); 1305 EXPECT_EQ(status, 0); 1306 } 1307 1308 return; 1309 } 1310 1311 /* Split threads for reading and writing */ 1312 if (child_id < n_readers) { 1313 size_t left = data * read_bias; 1314 char rb[8001]; 1315 1316 while (left) { 1317 int res; 1318 1319 res = recv(self->cfd, rb, 1320 left > sizeof(rb) ? sizeof(rb) : left, 0); 1321 1322 EXPECT_GE(res, 0); 1323 left -= res; 1324 } 1325 } else { 1326 size_t left = data * write_bias; 1327 1328 while (left) { 1329 int res; 1330 1331 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1332 if (sendpg) 1333 res = sendfile(self->fd, fd, NULL, 1334 left > file_sz ? file_sz : left); 1335 else 1336 res = send(self->fd, buf, 1337 left > file_sz ? file_sz : left, 0); 1338 1339 EXPECT_GE(res, 0); 1340 left -= res; 1341 } 1342 } 1343 } 1344 1345 TEST_F(tls, mutliproc_even) 1346 { 1347 test_mutliproc(_metadata, self, false, 6, 6); 1348 } 1349 1350 TEST_F(tls, mutliproc_readers) 1351 { 1352 test_mutliproc(_metadata, self, false, 4, 12); 1353 } 1354 1355 TEST_F(tls, mutliproc_writers) 1356 { 1357 test_mutliproc(_metadata, self, false, 10, 2); 1358 } 1359 1360 TEST_F(tls, mutliproc_sendpage_even) 1361 { 1362 test_mutliproc(_metadata, self, true, 6, 6); 1363 } 1364 1365 TEST_F(tls, mutliproc_sendpage_readers) 1366 { 1367 test_mutliproc(_metadata, self, true, 4, 12); 1368 } 1369 1370 TEST_F(tls, mutliproc_sendpage_writers) 1371 { 1372 test_mutliproc(_metadata, self, true, 10, 2); 1373 } 1374 1375 TEST_F(tls, control_msg) 1376 { 1377 char *test_str = "test_read"; 1378 char record_type = 100; 1379 int send_len = 10; 1380 char buf[10]; 1381 1382 if (self->notls) 1383 SKIP(return, "no TLS support"); 1384 1385 EXPECT_EQ(tls_send_cmsg(self->fd, record_type, test_str, send_len, 0), 1386 send_len); 1387 /* Should fail because we didn't provide a control message */ 1388 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1389 1390 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 1391 buf, sizeof(buf), MSG_WAITALL | MSG_PEEK), 1392 send_len); 1393 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1394 1395 /* Recv the message again without MSG_PEEK */ 1396 memset(buf, 0, sizeof(buf)); 1397 1398 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type, 1399 buf, sizeof(buf), MSG_WAITALL), 1400 send_len); 1401 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1402 } 1403 1404 TEST_F(tls, shutdown) 1405 { 1406 char const *test_str = "test_read"; 1407 int send_len = 10; 1408 char buf[10]; 1409 1410 ASSERT_EQ(strlen(test_str) + 1, send_len); 1411 1412 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1413 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1414 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1415 1416 shutdown(self->fd, SHUT_RDWR); 1417 shutdown(self->cfd, SHUT_RDWR); 1418 } 1419 1420 TEST_F(tls, shutdown_unsent) 1421 { 1422 char const *test_str = "test_read"; 1423 int send_len = 10; 1424 1425 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1426 1427 shutdown(self->fd, SHUT_RDWR); 1428 shutdown(self->cfd, SHUT_RDWR); 1429 } 1430 1431 TEST_F(tls, shutdown_reuse) 1432 { 1433 struct sockaddr_in addr; 1434 int ret; 1435 1436 shutdown(self->fd, SHUT_RDWR); 1437 shutdown(self->cfd, SHUT_RDWR); 1438 close(self->cfd); 1439 1440 addr.sin_family = AF_INET; 1441 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1442 addr.sin_port = 0; 1443 1444 ret = bind(self->fd, &addr, sizeof(addr)); 1445 EXPECT_EQ(ret, 0); 1446 ret = listen(self->fd, 10); 1447 EXPECT_EQ(ret, -1); 1448 EXPECT_EQ(errno, EINVAL); 1449 1450 ret = connect(self->fd, &addr, sizeof(addr)); 1451 EXPECT_EQ(ret, -1); 1452 EXPECT_EQ(errno, EISCONN); 1453 } 1454 1455 FIXTURE(tls_err) 1456 { 1457 int fd, cfd; 1458 int fd2, cfd2; 1459 bool notls; 1460 }; 1461 1462 FIXTURE_VARIANT(tls_err) 1463 { 1464 uint16_t tls_version; 1465 }; 1466 1467 FIXTURE_VARIANT_ADD(tls_err, 12_aes_gcm) 1468 { 1469 .tls_version = TLS_1_2_VERSION, 1470 }; 1471 1472 FIXTURE_VARIANT_ADD(tls_err, 13_aes_gcm) 1473 { 1474 .tls_version = TLS_1_3_VERSION, 1475 }; 1476 1477 FIXTURE_SETUP(tls_err) 1478 { 1479 struct tls_crypto_info_keys tls12; 1480 int ret; 1481 1482 tls_crypto_info_init(variant->tls_version, TLS_CIPHER_AES_GCM_128, 1483 &tls12); 1484 1485 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); 1486 ulp_sock_pair(_metadata, &self->fd2, &self->cfd2, &self->notls); 1487 if (self->notls) 1488 return; 1489 1490 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, tls12.len); 1491 ASSERT_EQ(ret, 0); 1492 1493 ret = setsockopt(self->cfd2, SOL_TLS, TLS_RX, &tls12, tls12.len); 1494 ASSERT_EQ(ret, 0); 1495 } 1496 1497 FIXTURE_TEARDOWN(tls_err) 1498 { 1499 close(self->fd); 1500 close(self->cfd); 1501 close(self->fd2); 1502 close(self->cfd2); 1503 } 1504 1505 TEST_F(tls_err, bad_rec) 1506 { 1507 char buf[64]; 1508 1509 if (self->notls) 1510 SKIP(return, "no TLS support"); 1511 1512 memset(buf, 0x55, sizeof(buf)); 1513 EXPECT_EQ(send(self->fd2, buf, sizeof(buf), 0), sizeof(buf)); 1514 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1515 EXPECT_EQ(errno, EMSGSIZE); 1516 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), MSG_DONTWAIT), -1); 1517 EXPECT_EQ(errno, EAGAIN); 1518 } 1519 1520 TEST_F(tls_err, bad_auth) 1521 { 1522 char buf[128]; 1523 int n; 1524 1525 if (self->notls) 1526 SKIP(return, "no TLS support"); 1527 1528 memrnd(buf, sizeof(buf) / 2); 1529 EXPECT_EQ(send(self->fd, buf, sizeof(buf) / 2, 0), sizeof(buf) / 2); 1530 n = recv(self->cfd, buf, sizeof(buf), 0); 1531 EXPECT_GT(n, sizeof(buf) / 2); 1532 1533 buf[n - 1]++; 1534 1535 EXPECT_EQ(send(self->fd2, buf, n, 0), n); 1536 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1537 EXPECT_EQ(errno, EBADMSG); 1538 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1539 EXPECT_EQ(errno, EBADMSG); 1540 } 1541 1542 TEST_F(tls_err, bad_in_large_read) 1543 { 1544 char txt[3][64]; 1545 char cip[3][128]; 1546 char buf[3 * 128]; 1547 int i, n; 1548 1549 if (self->notls) 1550 SKIP(return, "no TLS support"); 1551 1552 /* Put 3 records in the sockets */ 1553 for (i = 0; i < 3; i++) { 1554 memrnd(txt[i], sizeof(txt[i])); 1555 EXPECT_EQ(send(self->fd, txt[i], sizeof(txt[i]), 0), 1556 sizeof(txt[i])); 1557 n = recv(self->cfd, cip[i], sizeof(cip[i]), 0); 1558 EXPECT_GT(n, sizeof(txt[i])); 1559 /* Break the third message */ 1560 if (i == 2) 1561 cip[2][n - 1]++; 1562 EXPECT_EQ(send(self->fd2, cip[i], n, 0), n); 1563 } 1564 1565 /* We should be able to receive the first two messages */ 1566 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), sizeof(txt[0]) * 2); 1567 EXPECT_EQ(memcmp(buf, txt[0], sizeof(txt[0])), 0); 1568 EXPECT_EQ(memcmp(buf + sizeof(txt[0]), txt[1], sizeof(txt[1])), 0); 1569 /* Third mesasge is bad */ 1570 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1571 EXPECT_EQ(errno, EBADMSG); 1572 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1573 EXPECT_EQ(errno, EBADMSG); 1574 } 1575 1576 TEST_F(tls_err, bad_cmsg) 1577 { 1578 char *test_str = "test_read"; 1579 int send_len = 10; 1580 char cip[128]; 1581 char buf[128]; 1582 char txt[64]; 1583 int n; 1584 1585 if (self->notls) 1586 SKIP(return, "no TLS support"); 1587 1588 /* Queue up one data record */ 1589 memrnd(txt, sizeof(txt)); 1590 EXPECT_EQ(send(self->fd, txt, sizeof(txt), 0), sizeof(txt)); 1591 n = recv(self->cfd, cip, sizeof(cip), 0); 1592 EXPECT_GT(n, sizeof(txt)); 1593 EXPECT_EQ(send(self->fd2, cip, n, 0), n); 1594 1595 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10); 1596 n = recv(self->cfd, cip, sizeof(cip), 0); 1597 cip[n - 1]++; /* Break it */ 1598 EXPECT_GT(n, send_len); 1599 EXPECT_EQ(send(self->fd2, cip, n, 0), n); 1600 1601 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), sizeof(txt)); 1602 EXPECT_EQ(memcmp(buf, txt, sizeof(txt)), 0); 1603 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1604 EXPECT_EQ(errno, EBADMSG); 1605 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1606 EXPECT_EQ(errno, EBADMSG); 1607 } 1608 1609 TEST_F(tls_err, timeo) 1610 { 1611 struct timeval tv = { .tv_usec = 10000, }; 1612 char buf[128]; 1613 int ret; 1614 1615 if (self->notls) 1616 SKIP(return, "no TLS support"); 1617 1618 ret = setsockopt(self->cfd2, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)); 1619 ASSERT_EQ(ret, 0); 1620 1621 ret = fork(); 1622 ASSERT_GE(ret, 0); 1623 1624 if (ret) { 1625 usleep(1000); /* Give child a head start */ 1626 1627 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1628 EXPECT_EQ(errno, EAGAIN); 1629 1630 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1631 EXPECT_EQ(errno, EAGAIN); 1632 1633 wait(&ret); 1634 } else { 1635 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1); 1636 EXPECT_EQ(errno, EAGAIN); 1637 exit(0); 1638 } 1639 } 1640 1641 TEST_F(tls_err, poll_partial_rec) 1642 { 1643 struct pollfd pfd = { }; 1644 ssize_t rec_len; 1645 char rec[256]; 1646 char buf[128]; 1647 1648 if (self->notls) 1649 SKIP(return, "no TLS support"); 1650 1651 pfd.fd = self->cfd2; 1652 pfd.events = POLLIN; 1653 EXPECT_EQ(poll(&pfd, 1, 1), 0); 1654 1655 memrnd(buf, sizeof(buf)); 1656 EXPECT_EQ(send(self->fd, buf, sizeof(buf), 0), sizeof(buf)); 1657 rec_len = recv(self->cfd, rec, sizeof(rec), 0); 1658 EXPECT_GT(rec_len, sizeof(buf)); 1659 1660 /* Write 100B, not the full record ... */ 1661 EXPECT_EQ(send(self->fd2, rec, 100, 0), 100); 1662 /* ... no full record should mean no POLLIN */ 1663 pfd.fd = self->cfd2; 1664 pfd.events = POLLIN; 1665 EXPECT_EQ(poll(&pfd, 1, 1), 0); 1666 /* Now write the rest, and it should all pop out of the other end. */ 1667 EXPECT_EQ(send(self->fd2, rec + 100, rec_len - 100, 0), rec_len - 100); 1668 pfd.fd = self->cfd2; 1669 pfd.events = POLLIN; 1670 EXPECT_EQ(poll(&pfd, 1, 1), 1); 1671 EXPECT_EQ(recv(self->cfd2, rec, sizeof(rec), 0), sizeof(buf)); 1672 EXPECT_EQ(memcmp(buf, rec, sizeof(buf)), 0); 1673 } 1674 1675 TEST_F(tls_err, epoll_partial_rec) 1676 { 1677 struct epoll_event ev, events[10]; 1678 ssize_t rec_len; 1679 char rec[256]; 1680 char buf[128]; 1681 int epollfd; 1682 1683 if (self->notls) 1684 SKIP(return, "no TLS support"); 1685 1686 epollfd = epoll_create1(0); 1687 ASSERT_GE(epollfd, 0); 1688 1689 memset(&ev, 0, sizeof(ev)); 1690 ev.events = EPOLLIN; 1691 ev.data.fd = self->cfd2; 1692 ASSERT_GE(epoll_ctl(epollfd, EPOLL_CTL_ADD, self->cfd2, &ev), 0); 1693 1694 EXPECT_EQ(epoll_wait(epollfd, events, 10, 0), 0); 1695 1696 memrnd(buf, sizeof(buf)); 1697 EXPECT_EQ(send(self->fd, buf, sizeof(buf), 0), sizeof(buf)); 1698 rec_len = recv(self->cfd, rec, sizeof(rec), 0); 1699 EXPECT_GT(rec_len, sizeof(buf)); 1700 1701 /* Write 100B, not the full record ... */ 1702 EXPECT_EQ(send(self->fd2, rec, 100, 0), 100); 1703 /* ... no full record should mean no POLLIN */ 1704 EXPECT_EQ(epoll_wait(epollfd, events, 10, 0), 0); 1705 /* Now write the rest, and it should all pop out of the other end. */ 1706 EXPECT_EQ(send(self->fd2, rec + 100, rec_len - 100, 0), rec_len - 100); 1707 EXPECT_EQ(epoll_wait(epollfd, events, 10, 0), 1); 1708 EXPECT_EQ(recv(self->cfd2, rec, sizeof(rec), 0), sizeof(buf)); 1709 EXPECT_EQ(memcmp(buf, rec, sizeof(buf)), 0); 1710 1711 close(epollfd); 1712 } 1713 1714 TEST_F(tls_err, poll_partial_rec_async) 1715 { 1716 struct pollfd pfd = { }; 1717 ssize_t rec_len; 1718 char rec[256]; 1719 char buf[128]; 1720 char token; 1721 int p[2]; 1722 int ret; 1723 1724 if (self->notls) 1725 SKIP(return, "no TLS support"); 1726 1727 ASSERT_GE(pipe(p), 0); 1728 1729 memrnd(buf, sizeof(buf)); 1730 EXPECT_EQ(send(self->fd, buf, sizeof(buf), 0), sizeof(buf)); 1731 rec_len = recv(self->cfd, rec, sizeof(rec), 0); 1732 EXPECT_GT(rec_len, sizeof(buf)); 1733 1734 ret = fork(); 1735 ASSERT_GE(ret, 0); 1736 1737 if (ret) { 1738 int status, pid2; 1739 1740 close(p[1]); 1741 usleep(1000); /* Give child a head start */ 1742 1743 EXPECT_EQ(send(self->fd2, rec, 100, 0), 100); 1744 1745 EXPECT_EQ(read(p[0], &token, 1), 1); /* Barrier #1 */ 1746 1747 EXPECT_EQ(send(self->fd2, rec + 100, rec_len - 100, 0), 1748 rec_len - 100); 1749 1750 pid2 = wait(&status); 1751 EXPECT_EQ(pid2, ret); 1752 EXPECT_EQ(status, 0); 1753 } else { 1754 close(p[0]); 1755 1756 /* Child should sleep in poll(), never get a wake */ 1757 pfd.fd = self->cfd2; 1758 pfd.events = POLLIN; 1759 EXPECT_EQ(poll(&pfd, 1, 5), 0); 1760 1761 EXPECT_EQ(write(p[1], &token, 1), 1); /* Barrier #1 */ 1762 1763 pfd.fd = self->cfd2; 1764 pfd.events = POLLIN; 1765 EXPECT_EQ(poll(&pfd, 1, 5), 1); 1766 1767 exit(!_metadata->passed); 1768 } 1769 } 1770 1771 TEST(non_established) { 1772 struct tls12_crypto_info_aes_gcm_256 tls12; 1773 struct sockaddr_in addr; 1774 int sfd, ret, fd; 1775 socklen_t len; 1776 1777 len = sizeof(addr); 1778 1779 memset(&tls12, 0, sizeof(tls12)); 1780 tls12.info.version = TLS_1_2_VERSION; 1781 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1782 1783 addr.sin_family = AF_INET; 1784 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1785 addr.sin_port = 0; 1786 1787 fd = socket(AF_INET, SOCK_STREAM, 0); 1788 sfd = socket(AF_INET, SOCK_STREAM, 0); 1789 1790 ret = bind(sfd, &addr, sizeof(addr)); 1791 ASSERT_EQ(ret, 0); 1792 ret = listen(sfd, 10); 1793 ASSERT_EQ(ret, 0); 1794 1795 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1796 EXPECT_EQ(ret, -1); 1797 /* TLS ULP not supported */ 1798 if (errno == ENOENT) 1799 return; 1800 EXPECT_EQ(errno, ENOTCONN); 1801 1802 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1803 EXPECT_EQ(ret, -1); 1804 EXPECT_EQ(errno, ENOTCONN); 1805 1806 ret = getsockname(sfd, &addr, &len); 1807 ASSERT_EQ(ret, 0); 1808 1809 ret = connect(fd, &addr, sizeof(addr)); 1810 ASSERT_EQ(ret, 0); 1811 1812 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1813 ASSERT_EQ(ret, 0); 1814 1815 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1816 EXPECT_EQ(ret, -1); 1817 EXPECT_EQ(errno, EEXIST); 1818 1819 close(fd); 1820 close(sfd); 1821 } 1822 1823 TEST(keysizes) { 1824 struct tls12_crypto_info_aes_gcm_256 tls12; 1825 int ret, fd, cfd; 1826 bool notls; 1827 1828 memset(&tls12, 0, sizeof(tls12)); 1829 tls12.info.version = TLS_1_2_VERSION; 1830 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1831 1832 ulp_sock_pair(_metadata, &fd, &cfd, ¬ls); 1833 1834 if (!notls) { 1835 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1836 sizeof(tls12)); 1837 EXPECT_EQ(ret, 0); 1838 1839 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1840 sizeof(tls12)); 1841 EXPECT_EQ(ret, 0); 1842 } 1843 1844 close(fd); 1845 close(cfd); 1846 } 1847 1848 TEST(no_pad) { 1849 struct tls12_crypto_info_aes_gcm_256 tls12; 1850 int ret, fd, cfd, val; 1851 socklen_t len; 1852 bool notls; 1853 1854 memset(&tls12, 0, sizeof(tls12)); 1855 tls12.info.version = TLS_1_3_VERSION; 1856 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1857 1858 ulp_sock_pair(_metadata, &fd, &cfd, ¬ls); 1859 1860 if (notls) 1861 exit(KSFT_SKIP); 1862 1863 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, sizeof(tls12)); 1864 EXPECT_EQ(ret, 0); 1865 1866 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, sizeof(tls12)); 1867 EXPECT_EQ(ret, 0); 1868 1869 val = 1; 1870 ret = setsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1871 (void *)&val, sizeof(val)); 1872 EXPECT_EQ(ret, 0); 1873 1874 len = sizeof(val); 1875 val = 2; 1876 ret = getsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1877 (void *)&val, &len); 1878 EXPECT_EQ(ret, 0); 1879 EXPECT_EQ(val, 1); 1880 EXPECT_EQ(len, 4); 1881 1882 val = 0; 1883 ret = setsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1884 (void *)&val, sizeof(val)); 1885 EXPECT_EQ(ret, 0); 1886 1887 len = sizeof(val); 1888 val = 2; 1889 ret = getsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD, 1890 (void *)&val, &len); 1891 EXPECT_EQ(ret, 0); 1892 EXPECT_EQ(val, 0); 1893 EXPECT_EQ(len, 4); 1894 1895 close(fd); 1896 close(cfd); 1897 } 1898 1899 TEST(tls_v6ops) { 1900 struct tls_crypto_info_keys tls12; 1901 struct sockaddr_in6 addr, addr2; 1902 int sfd, ret, fd; 1903 socklen_t len, len2; 1904 1905 tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_128, &tls12); 1906 1907 addr.sin6_family = AF_INET6; 1908 addr.sin6_addr = in6addr_any; 1909 addr.sin6_port = 0; 1910 1911 fd = socket(AF_INET6, SOCK_STREAM, 0); 1912 sfd = socket(AF_INET6, SOCK_STREAM, 0); 1913 1914 ret = bind(sfd, &addr, sizeof(addr)); 1915 ASSERT_EQ(ret, 0); 1916 ret = listen(sfd, 10); 1917 ASSERT_EQ(ret, 0); 1918 1919 len = sizeof(addr); 1920 ret = getsockname(sfd, &addr, &len); 1921 ASSERT_EQ(ret, 0); 1922 1923 ret = connect(fd, &addr, sizeof(addr)); 1924 ASSERT_EQ(ret, 0); 1925 1926 len = sizeof(addr); 1927 ret = getsockname(fd, &addr, &len); 1928 ASSERT_EQ(ret, 0); 1929 1930 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1931 if (ret) { 1932 ASSERT_EQ(errno, ENOENT); 1933 SKIP(return, "no TLS support"); 1934 } 1935 ASSERT_EQ(ret, 0); 1936 1937 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, tls12.len); 1938 ASSERT_EQ(ret, 0); 1939 1940 ret = setsockopt(fd, SOL_TLS, TLS_RX, &tls12, tls12.len); 1941 ASSERT_EQ(ret, 0); 1942 1943 len2 = sizeof(addr2); 1944 ret = getsockname(fd, &addr2, &len2); 1945 ASSERT_EQ(ret, 0); 1946 1947 EXPECT_EQ(len2, len); 1948 EXPECT_EQ(memcmp(&addr, &addr2, len), 0); 1949 1950 close(fd); 1951 close(sfd); 1952 } 1953 1954 TEST(prequeue) { 1955 struct tls_crypto_info_keys tls12; 1956 char buf[20000], buf2[20000]; 1957 struct sockaddr_in addr; 1958 int sfd, cfd, ret, fd; 1959 socklen_t len; 1960 1961 len = sizeof(addr); 1962 memrnd(buf, sizeof(buf)); 1963 1964 tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_256, &tls12); 1965 1966 addr.sin_family = AF_INET; 1967 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1968 addr.sin_port = 0; 1969 1970 fd = socket(AF_INET, SOCK_STREAM, 0); 1971 sfd = socket(AF_INET, SOCK_STREAM, 0); 1972 1973 ASSERT_EQ(bind(sfd, &addr, sizeof(addr)), 0); 1974 ASSERT_EQ(listen(sfd, 10), 0); 1975 ASSERT_EQ(getsockname(sfd, &addr, &len), 0); 1976 ASSERT_EQ(connect(fd, &addr, sizeof(addr)), 0); 1977 ASSERT_GE(cfd = accept(sfd, &addr, &len), 0); 1978 close(sfd); 1979 1980 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1981 if (ret) { 1982 ASSERT_EQ(errno, ENOENT); 1983 SKIP(return, "no TLS support"); 1984 } 1985 1986 ASSERT_EQ(setsockopt(fd, SOL_TLS, TLS_TX, &tls12, tls12.len), 0); 1987 EXPECT_EQ(send(fd, buf, sizeof(buf), MSG_DONTWAIT), sizeof(buf)); 1988 1989 ASSERT_EQ(setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")), 0); 1990 ASSERT_EQ(setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, tls12.len), 0); 1991 EXPECT_EQ(recv(cfd, buf2, sizeof(buf2), MSG_WAITALL), sizeof(buf2)); 1992 1993 EXPECT_EQ(memcmp(buf, buf2, sizeof(buf)), 0); 1994 1995 close(fd); 1996 close(cfd); 1997 } 1998 1999 TEST_HARNESS_MAIN 2000