1 // SPDX-License-Identifier: GPL-2.0 2 3 #define _GNU_SOURCE 4 5 #include <arpa/inet.h> 6 #include <errno.h> 7 #include <error.h> 8 #include <fcntl.h> 9 #include <poll.h> 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <unistd.h> 13 14 #include <linux/tls.h> 15 #include <linux/tcp.h> 16 #include <linux/socket.h> 17 18 #include <sys/types.h> 19 #include <sys/sendfile.h> 20 #include <sys/socket.h> 21 #include <sys/stat.h> 22 23 #include "../kselftest_harness.h" 24 25 #define TLS_PAYLOAD_MAX_LEN 16384 26 #define SOL_TLS 282 27 28 FIXTURE(tls_basic) 29 { 30 int fd, cfd; 31 bool notls; 32 }; 33 34 FIXTURE_SETUP(tls_basic) 35 { 36 struct sockaddr_in addr; 37 socklen_t len; 38 int sfd, ret; 39 40 self->notls = false; 41 len = sizeof(addr); 42 43 addr.sin_family = AF_INET; 44 addr.sin_addr.s_addr = htonl(INADDR_ANY); 45 addr.sin_port = 0; 46 47 self->fd = socket(AF_INET, SOCK_STREAM, 0); 48 sfd = socket(AF_INET, SOCK_STREAM, 0); 49 50 ret = bind(sfd, &addr, sizeof(addr)); 51 ASSERT_EQ(ret, 0); 52 ret = listen(sfd, 10); 53 ASSERT_EQ(ret, 0); 54 55 ret = getsockname(sfd, &addr, &len); 56 ASSERT_EQ(ret, 0); 57 58 ret = connect(self->fd, &addr, sizeof(addr)); 59 ASSERT_EQ(ret, 0); 60 61 self->cfd = accept(sfd, &addr, &len); 62 ASSERT_GE(self->cfd, 0); 63 64 close(sfd); 65 66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 67 if (ret != 0) { 68 ASSERT_EQ(errno, ENOENT); 69 self->notls = true; 70 printf("Failure setting TCP_ULP, testing without tls\n"); 71 return; 72 } 73 74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 75 ASSERT_EQ(ret, 0); 76 } 77 78 FIXTURE_TEARDOWN(tls_basic) 79 { 80 close(self->fd); 81 close(self->cfd); 82 } 83 84 /* Send some data through with ULP but no keys */ 85 TEST_F(tls_basic, base_base) 86 { 87 char const *test_str = "test_read"; 88 int send_len = 10; 89 char buf[10]; 90 91 ASSERT_EQ(strlen(test_str) + 1, send_len); 92 93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 96 }; 97 98 FIXTURE(tls) 99 { 100 int fd, cfd; 101 bool notls; 102 }; 103 104 FIXTURE_VARIANT(tls) 105 { 106 unsigned int tls_version; 107 }; 108 109 FIXTURE_VARIANT_ADD(tls, 12) 110 { 111 .tls_version = TLS_1_2_VERSION, 112 }; 113 114 FIXTURE_VARIANT_ADD(tls, 13) 115 { 116 .tls_version = TLS_1_3_VERSION, 117 }; 118 119 FIXTURE_SETUP(tls) 120 { 121 struct tls12_crypto_info_aes_gcm_128 tls12; 122 struct sockaddr_in addr; 123 socklen_t len; 124 int sfd, ret; 125 126 self->notls = false; 127 len = sizeof(addr); 128 129 memset(&tls12, 0, sizeof(tls12)); 130 tls12.info.version = variant->tls_version; 131 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 132 133 addr.sin_family = AF_INET; 134 addr.sin_addr.s_addr = htonl(INADDR_ANY); 135 addr.sin_port = 0; 136 137 self->fd = socket(AF_INET, SOCK_STREAM, 0); 138 sfd = socket(AF_INET, SOCK_STREAM, 0); 139 140 ret = bind(sfd, &addr, sizeof(addr)); 141 ASSERT_EQ(ret, 0); 142 ret = listen(sfd, 10); 143 ASSERT_EQ(ret, 0); 144 145 ret = getsockname(sfd, &addr, &len); 146 ASSERT_EQ(ret, 0); 147 148 ret = connect(self->fd, &addr, sizeof(addr)); 149 ASSERT_EQ(ret, 0); 150 151 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 152 if (ret != 0) { 153 self->notls = true; 154 printf("Failure setting TCP_ULP, testing without tls\n"); 155 } 156 157 if (!self->notls) { 158 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 159 sizeof(tls12)); 160 ASSERT_EQ(ret, 0); 161 } 162 163 self->cfd = accept(sfd, &addr, &len); 164 ASSERT_GE(self->cfd, 0); 165 166 if (!self->notls) { 167 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 168 sizeof("tls")); 169 ASSERT_EQ(ret, 0); 170 171 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 172 sizeof(tls12)); 173 ASSERT_EQ(ret, 0); 174 } 175 176 close(sfd); 177 } 178 179 FIXTURE_TEARDOWN(tls) 180 { 181 close(self->fd); 182 close(self->cfd); 183 } 184 185 TEST_F(tls, sendfile) 186 { 187 int filefd = open("/proc/self/exe", O_RDONLY); 188 struct stat st; 189 190 EXPECT_GE(filefd, 0); 191 fstat(filefd, &st); 192 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 193 } 194 195 TEST_F(tls, send_then_sendfile) 196 { 197 int filefd = open("/proc/self/exe", O_RDONLY); 198 char const *test_str = "test_send"; 199 int to_send = strlen(test_str) + 1; 200 char recv_buf[10]; 201 struct stat st; 202 char *buf; 203 204 EXPECT_GE(filefd, 0); 205 fstat(filefd, &st); 206 buf = (char *)malloc(st.st_size); 207 208 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 209 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 210 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 211 212 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 213 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 214 } 215 216 static void chunked_sendfile(struct __test_metadata *_metadata, 217 struct _test_data_tls *self, 218 uint16_t chunk_size, 219 uint16_t extra_payload_size) 220 { 221 char buf[TLS_PAYLOAD_MAX_LEN]; 222 uint16_t test_payload_size; 223 int size = 0; 224 int ret; 225 char filename[] = "/tmp/mytemp.XXXXXX"; 226 int fd = mkstemp(filename); 227 off_t offset = 0; 228 229 unlink(filename); 230 ASSERT_GE(fd, 0); 231 EXPECT_GE(chunk_size, 1); 232 test_payload_size = chunk_size + extra_payload_size; 233 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 234 memset(buf, 1, test_payload_size); 235 size = write(fd, buf, test_payload_size); 236 EXPECT_EQ(size, test_payload_size); 237 fsync(fd); 238 239 while (size > 0) { 240 ret = sendfile(self->fd, fd, &offset, chunk_size); 241 EXPECT_GE(ret, 0); 242 size -= ret; 243 } 244 245 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 246 test_payload_size); 247 248 close(fd); 249 } 250 251 TEST_F(tls, multi_chunk_sendfile) 252 { 253 chunked_sendfile(_metadata, self, 4096, 4096); 254 chunked_sendfile(_metadata, self, 4096, 0); 255 chunked_sendfile(_metadata, self, 4096, 1); 256 chunked_sendfile(_metadata, self, 4096, 2048); 257 chunked_sendfile(_metadata, self, 8192, 2048); 258 chunked_sendfile(_metadata, self, 4096, 8192); 259 chunked_sendfile(_metadata, self, 8192, 4096); 260 chunked_sendfile(_metadata, self, 12288, 1024); 261 chunked_sendfile(_metadata, self, 12288, 2000); 262 chunked_sendfile(_metadata, self, 15360, 100); 263 chunked_sendfile(_metadata, self, 15360, 300); 264 chunked_sendfile(_metadata, self, 1, 4096); 265 chunked_sendfile(_metadata, self, 2048, 4096); 266 chunked_sendfile(_metadata, self, 2048, 8192); 267 chunked_sendfile(_metadata, self, 4096, 8192); 268 chunked_sendfile(_metadata, self, 1024, 12288); 269 chunked_sendfile(_metadata, self, 2000, 12288); 270 chunked_sendfile(_metadata, self, 100, 15360); 271 chunked_sendfile(_metadata, self, 300, 15360); 272 } 273 274 TEST_F(tls, recv_max) 275 { 276 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 277 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 278 char buf[TLS_PAYLOAD_MAX_LEN]; 279 280 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 281 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 282 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 283 } 284 285 TEST_F(tls, recv_small) 286 { 287 char const *test_str = "test_read"; 288 int send_len = 10; 289 char buf[10]; 290 291 send_len = strlen(test_str) + 1; 292 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 293 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 294 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 295 } 296 297 TEST_F(tls, msg_more) 298 { 299 char const *test_str = "test_read"; 300 int send_len = 10; 301 char buf[10 * 2]; 302 303 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 304 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 305 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 306 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 307 send_len * 2); 308 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 309 } 310 311 TEST_F(tls, msg_more_unsent) 312 { 313 char const *test_str = "test_read"; 314 int send_len = 10; 315 char buf[10]; 316 317 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 318 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 319 } 320 321 TEST_F(tls, sendmsg_single) 322 { 323 struct msghdr msg; 324 325 char const *test_str = "test_sendmsg"; 326 size_t send_len = 13; 327 struct iovec vec; 328 char buf[13]; 329 330 vec.iov_base = (char *)test_str; 331 vec.iov_len = send_len; 332 memset(&msg, 0, sizeof(struct msghdr)); 333 msg.msg_iov = &vec; 334 msg.msg_iovlen = 1; 335 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 336 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 337 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 338 } 339 340 #define MAX_FRAGS 64 341 #define SEND_LEN 13 342 TEST_F(tls, sendmsg_fragmented) 343 { 344 char const *test_str = "test_sendmsg"; 345 char buf[SEND_LEN * MAX_FRAGS]; 346 struct iovec vec[MAX_FRAGS]; 347 struct msghdr msg; 348 int i, frags; 349 350 for (frags = 1; frags <= MAX_FRAGS; frags++) { 351 for (i = 0; i < frags; i++) { 352 vec[i].iov_base = (char *)test_str; 353 vec[i].iov_len = SEND_LEN; 354 } 355 356 memset(&msg, 0, sizeof(struct msghdr)); 357 msg.msg_iov = vec; 358 msg.msg_iovlen = frags; 359 360 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 361 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 362 SEND_LEN * frags); 363 364 for (i = 0; i < frags; i++) 365 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 366 test_str, SEND_LEN), 0); 367 } 368 } 369 #undef MAX_FRAGS 370 #undef SEND_LEN 371 372 TEST_F(tls, sendmsg_large) 373 { 374 void *mem = malloc(16384); 375 size_t send_len = 16384; 376 size_t sends = 128; 377 struct msghdr msg; 378 size_t recvs = 0; 379 size_t sent = 0; 380 381 memset(&msg, 0, sizeof(struct msghdr)); 382 while (sent++ < sends) { 383 struct iovec vec = { (void *)mem, send_len }; 384 385 msg.msg_iov = &vec; 386 msg.msg_iovlen = 1; 387 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len); 388 } 389 390 while (recvs++ < sends) 391 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1); 392 393 free(mem); 394 } 395 396 TEST_F(tls, sendmsg_multiple) 397 { 398 char const *test_str = "test_sendmsg_multiple"; 399 struct iovec vec[5]; 400 char *test_strs[5]; 401 struct msghdr msg; 402 int total_len = 0; 403 int len_cmp = 0; 404 int iov_len = 5; 405 char *buf; 406 int i; 407 408 memset(&msg, 0, sizeof(struct msghdr)); 409 for (i = 0; i < iov_len; i++) { 410 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 411 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 412 vec[i].iov_base = (void *)test_strs[i]; 413 vec[i].iov_len = strlen(test_strs[i]) + 1; 414 total_len += vec[i].iov_len; 415 } 416 msg.msg_iov = vec; 417 msg.msg_iovlen = iov_len; 418 419 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len); 420 buf = malloc(total_len); 421 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1); 422 for (i = 0; i < iov_len; i++) { 423 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 424 strlen(test_strs[i])), 425 0); 426 len_cmp += strlen(buf + len_cmp) + 1; 427 } 428 for (i = 0; i < iov_len; i++) 429 free(test_strs[i]); 430 free(buf); 431 } 432 433 TEST_F(tls, sendmsg_multiple_stress) 434 { 435 char const *test_str = "abcdefghijklmno"; 436 struct iovec vec[1024]; 437 char *test_strs[1024]; 438 int iov_len = 1024; 439 int total_len = 0; 440 char buf[1 << 14]; 441 struct msghdr msg; 442 int len_cmp = 0; 443 int i; 444 445 memset(&msg, 0, sizeof(struct msghdr)); 446 for (i = 0; i < iov_len; i++) { 447 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 448 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 449 vec[i].iov_base = (void *)test_strs[i]; 450 vec[i].iov_len = strlen(test_strs[i]) + 1; 451 total_len += vec[i].iov_len; 452 } 453 msg.msg_iov = vec; 454 msg.msg_iovlen = iov_len; 455 456 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 457 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 458 459 for (i = 0; i < iov_len; i++) 460 len_cmp += strlen(buf + len_cmp) + 1; 461 462 for (i = 0; i < iov_len; i++) 463 free(test_strs[i]); 464 } 465 466 TEST_F(tls, splice_from_pipe) 467 { 468 int send_len = TLS_PAYLOAD_MAX_LEN; 469 char mem_send[TLS_PAYLOAD_MAX_LEN]; 470 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 471 int p[2]; 472 473 ASSERT_GE(pipe(p), 0); 474 EXPECT_GE(write(p[1], mem_send, send_len), 0); 475 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 476 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 477 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 478 } 479 480 TEST_F(tls, splice_from_pipe2) 481 { 482 int send_len = 16000; 483 char mem_send[16000]; 484 char mem_recv[16000]; 485 int p2[2]; 486 int p[2]; 487 488 ASSERT_GE(pipe(p), 0); 489 ASSERT_GE(pipe(p2), 0); 490 EXPECT_GE(write(p[1], mem_send, 8000), 0); 491 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 492 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 493 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 494 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 495 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 496 } 497 498 TEST_F(tls, send_and_splice) 499 { 500 int send_len = TLS_PAYLOAD_MAX_LEN; 501 char mem_send[TLS_PAYLOAD_MAX_LEN]; 502 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 503 char const *test_str = "test_read"; 504 int send_len2 = 10; 505 char buf[10]; 506 int p[2]; 507 508 ASSERT_GE(pipe(p), 0); 509 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 510 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 511 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 512 513 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 514 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 515 516 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 517 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 518 } 519 520 TEST_F(tls, splice_to_pipe) 521 { 522 int send_len = TLS_PAYLOAD_MAX_LEN; 523 char mem_send[TLS_PAYLOAD_MAX_LEN]; 524 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 525 int p[2]; 526 527 ASSERT_GE(pipe(p), 0); 528 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 529 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 530 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 531 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 532 } 533 534 TEST_F(tls, recvmsg_single) 535 { 536 char const *test_str = "test_recvmsg_single"; 537 int send_len = strlen(test_str) + 1; 538 char buf[20]; 539 struct msghdr hdr; 540 struct iovec vec; 541 542 memset(&hdr, 0, sizeof(hdr)); 543 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 544 vec.iov_base = (char *)buf; 545 vec.iov_len = send_len; 546 hdr.msg_iovlen = 1; 547 hdr.msg_iov = &vec; 548 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 549 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 550 } 551 552 TEST_F(tls, recvmsg_single_max) 553 { 554 int send_len = TLS_PAYLOAD_MAX_LEN; 555 char send_mem[TLS_PAYLOAD_MAX_LEN]; 556 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 557 struct iovec vec; 558 struct msghdr hdr; 559 560 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 561 vec.iov_base = (char *)recv_mem; 562 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 563 564 hdr.msg_iovlen = 1; 565 hdr.msg_iov = &vec; 566 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 567 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 568 } 569 570 TEST_F(tls, recvmsg_multiple) 571 { 572 unsigned int msg_iovlen = 1024; 573 unsigned int len_compared = 0; 574 struct iovec vec[1024]; 575 char *iov_base[1024]; 576 unsigned int iov_len = 16; 577 int send_len = 1 << 14; 578 char buf[1 << 14]; 579 struct msghdr hdr; 580 int i; 581 582 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 583 for (i = 0; i < msg_iovlen; i++) { 584 iov_base[i] = (char *)malloc(iov_len); 585 vec[i].iov_base = iov_base[i]; 586 vec[i].iov_len = iov_len; 587 } 588 589 hdr.msg_iovlen = msg_iovlen; 590 hdr.msg_iov = vec; 591 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 592 for (i = 0; i < msg_iovlen; i++) 593 len_compared += iov_len; 594 595 for (i = 0; i < msg_iovlen; i++) 596 free(iov_base[i]); 597 } 598 599 TEST_F(tls, single_send_multiple_recv) 600 { 601 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 602 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 603 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 604 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 605 606 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 607 memset(recv_mem, 0, total_len); 608 609 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 610 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 611 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 612 } 613 614 TEST_F(tls, multiple_send_single_recv) 615 { 616 unsigned int total_len = 2 * 10; 617 unsigned int send_len = 10; 618 char recv_mem[2 * 10]; 619 char send_mem[10]; 620 621 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 622 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 623 memset(recv_mem, 0, total_len); 624 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 625 626 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 627 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 628 } 629 630 TEST_F(tls, single_send_multiple_recv_non_align) 631 { 632 const unsigned int total_len = 15; 633 const unsigned int recv_len = 10; 634 char recv_mem[recv_len * 2]; 635 char send_mem[total_len]; 636 637 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 638 memset(recv_mem, 0, total_len); 639 640 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 641 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 642 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 643 } 644 645 TEST_F(tls, recv_partial) 646 { 647 char const *test_str = "test_read_partial"; 648 char const *test_str_first = "test_read"; 649 char const *test_str_second = "_partial"; 650 int send_len = strlen(test_str) + 1; 651 char recv_mem[18]; 652 653 memset(recv_mem, 0, sizeof(recv_mem)); 654 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 655 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 656 MSG_WAITALL), -1); 657 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 658 memset(recv_mem, 0, sizeof(recv_mem)); 659 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 660 MSG_WAITALL), -1); 661 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 662 0); 663 } 664 665 TEST_F(tls, recv_nonblock) 666 { 667 char buf[4096]; 668 bool err; 669 670 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 671 err = (errno == EAGAIN || errno == EWOULDBLOCK); 672 EXPECT_EQ(err, true); 673 } 674 675 TEST_F(tls, recv_peek) 676 { 677 char const *test_str = "test_read_peek"; 678 int send_len = strlen(test_str) + 1; 679 char buf[15]; 680 681 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 682 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 683 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 684 memset(buf, 0, sizeof(buf)); 685 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 686 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 687 } 688 689 TEST_F(tls, recv_peek_multiple) 690 { 691 char const *test_str = "test_read_peek"; 692 int send_len = strlen(test_str) + 1; 693 unsigned int num_peeks = 100; 694 char buf[15]; 695 int i; 696 697 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 698 for (i = 0; i < num_peeks; i++) { 699 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 700 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 701 memset(buf, 0, sizeof(buf)); 702 } 703 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 704 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 705 } 706 707 TEST_F(tls, recv_peek_multiple_records) 708 { 709 char const *test_str = "test_read_peek_mult_recs"; 710 char const *test_str_first = "test_read_peek"; 711 char const *test_str_second = "_mult_recs"; 712 int len; 713 char buf[64]; 714 715 len = strlen(test_str_first); 716 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 717 718 len = strlen(test_str_second) + 1; 719 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 720 721 len = strlen(test_str_first); 722 memset(buf, 0, len); 723 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 724 725 /* MSG_PEEK can only peek into the current record. */ 726 len = strlen(test_str_first); 727 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 728 729 len = strlen(test_str) + 1; 730 memset(buf, 0, len); 731 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 732 733 /* Non-MSG_PEEK will advance strparser (and therefore record) 734 * however. 735 */ 736 len = strlen(test_str) + 1; 737 EXPECT_EQ(memcmp(test_str, buf, len), 0); 738 739 /* MSG_MORE will hold current record open, so later MSG_PEEK 740 * will see everything. 741 */ 742 len = strlen(test_str_first); 743 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 744 745 len = strlen(test_str_second) + 1; 746 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 747 748 len = strlen(test_str) + 1; 749 memset(buf, 0, len); 750 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 751 752 len = strlen(test_str) + 1; 753 EXPECT_EQ(memcmp(test_str, buf, len), 0); 754 } 755 756 TEST_F(tls, recv_peek_large_buf_mult_recs) 757 { 758 char const *test_str = "test_read_peek_mult_recs"; 759 char const *test_str_first = "test_read_peek"; 760 char const *test_str_second = "_mult_recs"; 761 int len; 762 char buf[64]; 763 764 len = strlen(test_str_first); 765 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 766 767 len = strlen(test_str_second) + 1; 768 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 769 770 len = strlen(test_str) + 1; 771 memset(buf, 0, len); 772 EXPECT_NE((len = recv(self->cfd, buf, len, 773 MSG_PEEK | MSG_WAITALL)), -1); 774 len = strlen(test_str) + 1; 775 EXPECT_EQ(memcmp(test_str, buf, len), 0); 776 } 777 778 TEST_F(tls, recv_lowat) 779 { 780 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 781 char recv_mem[20]; 782 int lowat = 8; 783 784 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 785 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 786 787 memset(recv_mem, 0, 20); 788 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 789 &lowat, sizeof(lowat)), 0); 790 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 791 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 792 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 793 794 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 795 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 796 } 797 798 TEST_F(tls, bidir) 799 { 800 char const *test_str = "test_read"; 801 int send_len = 10; 802 char buf[10]; 803 int ret; 804 805 if (!self->notls) { 806 struct tls12_crypto_info_aes_gcm_128 tls12; 807 808 memset(&tls12, 0, sizeof(tls12)); 809 tls12.info.version = variant->tls_version; 810 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 811 812 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 813 sizeof(tls12)); 814 ASSERT_EQ(ret, 0); 815 816 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 817 sizeof(tls12)); 818 ASSERT_EQ(ret, 0); 819 } 820 821 ASSERT_EQ(strlen(test_str) + 1, send_len); 822 823 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 824 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 825 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 826 827 memset(buf, 0, sizeof(buf)); 828 829 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 830 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 831 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 832 }; 833 834 TEST_F(tls, pollin) 835 { 836 char const *test_str = "test_poll"; 837 struct pollfd fd = { 0, 0, 0 }; 838 char buf[10]; 839 int send_len = 10; 840 841 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 842 fd.fd = self->cfd; 843 fd.events = POLLIN; 844 845 EXPECT_EQ(poll(&fd, 1, 20), 1); 846 EXPECT_EQ(fd.revents & POLLIN, 1); 847 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 848 /* Test timing out */ 849 EXPECT_EQ(poll(&fd, 1, 20), 0); 850 } 851 852 TEST_F(tls, poll_wait) 853 { 854 char const *test_str = "test_poll_wait"; 855 int send_len = strlen(test_str) + 1; 856 struct pollfd fd = { 0, 0, 0 }; 857 char recv_mem[15]; 858 859 fd.fd = self->cfd; 860 fd.events = POLLIN; 861 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 862 /* Set timeout to inf. secs */ 863 EXPECT_EQ(poll(&fd, 1, -1), 1); 864 EXPECT_EQ(fd.revents & POLLIN, 1); 865 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 866 } 867 868 TEST_F(tls, poll_wait_split) 869 { 870 struct pollfd fd = { 0, 0, 0 }; 871 char send_mem[20] = {}; 872 char recv_mem[15]; 873 874 fd.fd = self->cfd; 875 fd.events = POLLIN; 876 /* Send 20 bytes */ 877 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 878 sizeof(send_mem)); 879 /* Poll with inf. timeout */ 880 EXPECT_EQ(poll(&fd, 1, -1), 1); 881 EXPECT_EQ(fd.revents & POLLIN, 1); 882 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 883 sizeof(recv_mem)); 884 885 /* Now the remaining 5 bytes of record data are in TLS ULP */ 886 fd.fd = self->cfd; 887 fd.events = POLLIN; 888 EXPECT_EQ(poll(&fd, 1, -1), 1); 889 EXPECT_EQ(fd.revents & POLLIN, 1); 890 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 891 sizeof(send_mem) - sizeof(recv_mem)); 892 } 893 894 TEST_F(tls, blocking) 895 { 896 size_t data = 100000; 897 int res = fork(); 898 899 EXPECT_NE(res, -1); 900 901 if (res) { 902 /* parent */ 903 size_t left = data; 904 char buf[16384]; 905 int status; 906 int pid2; 907 908 while (left) { 909 int res = send(self->fd, buf, 910 left > 16384 ? 16384 : left, 0); 911 912 EXPECT_GE(res, 0); 913 left -= res; 914 } 915 916 pid2 = wait(&status); 917 EXPECT_EQ(status, 0); 918 EXPECT_EQ(res, pid2); 919 } else { 920 /* child */ 921 size_t left = data; 922 char buf[16384]; 923 924 while (left) { 925 int res = recv(self->cfd, buf, 926 left > 16384 ? 16384 : left, 0); 927 928 EXPECT_GE(res, 0); 929 left -= res; 930 } 931 } 932 } 933 934 TEST_F(tls, nonblocking) 935 { 936 size_t data = 100000; 937 int sendbuf = 100; 938 int flags; 939 int res; 940 941 flags = fcntl(self->fd, F_GETFL, 0); 942 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 943 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 944 945 /* Ensure nonblocking behavior by imposing a small send 946 * buffer. 947 */ 948 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 949 &sendbuf, sizeof(sendbuf)), 0); 950 951 res = fork(); 952 EXPECT_NE(res, -1); 953 954 if (res) { 955 /* parent */ 956 bool eagain = false; 957 size_t left = data; 958 char buf[16384]; 959 int status; 960 int pid2; 961 962 while (left) { 963 int res = send(self->fd, buf, 964 left > 16384 ? 16384 : left, 0); 965 966 if (res == -1 && errno == EAGAIN) { 967 eagain = true; 968 usleep(10000); 969 continue; 970 } 971 EXPECT_GE(res, 0); 972 left -= res; 973 } 974 975 EXPECT_TRUE(eagain); 976 pid2 = wait(&status); 977 978 EXPECT_EQ(status, 0); 979 EXPECT_EQ(res, pid2); 980 } else { 981 /* child */ 982 bool eagain = false; 983 size_t left = data; 984 char buf[16384]; 985 986 while (left) { 987 int res = recv(self->cfd, buf, 988 left > 16384 ? 16384 : left, 0); 989 990 if (res == -1 && errno == EAGAIN) { 991 eagain = true; 992 usleep(10000); 993 continue; 994 } 995 EXPECT_GE(res, 0); 996 left -= res; 997 } 998 EXPECT_TRUE(eagain); 999 } 1000 } 1001 1002 static void 1003 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1004 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1005 { 1006 const unsigned int n_children = n_readers + n_writers; 1007 const size_t data = 6 * 1000 * 1000; 1008 const size_t file_sz = data / 100; 1009 size_t read_bias, write_bias; 1010 int i, fd, child_id; 1011 char buf[file_sz]; 1012 pid_t pid; 1013 1014 /* Only allow multiples for simplicity */ 1015 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1016 read_bias = n_writers / n_readers ?: 1; 1017 write_bias = n_readers / n_writers ?: 1; 1018 1019 /* prep a file to send */ 1020 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1021 ASSERT_GE(fd, 0); 1022 1023 memset(buf, 0xac, file_sz); 1024 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1025 1026 /* spawn children */ 1027 for (child_id = 0; child_id < n_children; child_id++) { 1028 pid = fork(); 1029 ASSERT_NE(pid, -1); 1030 if (!pid) 1031 break; 1032 } 1033 1034 /* parent waits for all children */ 1035 if (pid) { 1036 for (i = 0; i < n_children; i++) { 1037 int status; 1038 1039 wait(&status); 1040 EXPECT_EQ(status, 0); 1041 } 1042 1043 return; 1044 } 1045 1046 /* Split threads for reading and writing */ 1047 if (child_id < n_readers) { 1048 size_t left = data * read_bias; 1049 char rb[8001]; 1050 1051 while (left) { 1052 int res; 1053 1054 res = recv(self->cfd, rb, 1055 left > sizeof(rb) ? sizeof(rb) : left, 0); 1056 1057 EXPECT_GE(res, 0); 1058 left -= res; 1059 } 1060 } else { 1061 size_t left = data * write_bias; 1062 1063 while (left) { 1064 int res; 1065 1066 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1067 if (sendpg) 1068 res = sendfile(self->fd, fd, NULL, 1069 left > file_sz ? file_sz : left); 1070 else 1071 res = send(self->fd, buf, 1072 left > file_sz ? file_sz : left, 0); 1073 1074 EXPECT_GE(res, 0); 1075 left -= res; 1076 } 1077 } 1078 } 1079 1080 TEST_F(tls, mutliproc_even) 1081 { 1082 test_mutliproc(_metadata, self, false, 6, 6); 1083 } 1084 1085 TEST_F(tls, mutliproc_readers) 1086 { 1087 test_mutliproc(_metadata, self, false, 4, 12); 1088 } 1089 1090 TEST_F(tls, mutliproc_writers) 1091 { 1092 test_mutliproc(_metadata, self, false, 10, 2); 1093 } 1094 1095 TEST_F(tls, mutliproc_sendpage_even) 1096 { 1097 test_mutliproc(_metadata, self, true, 6, 6); 1098 } 1099 1100 TEST_F(tls, mutliproc_sendpage_readers) 1101 { 1102 test_mutliproc(_metadata, self, true, 4, 12); 1103 } 1104 1105 TEST_F(tls, mutliproc_sendpage_writers) 1106 { 1107 test_mutliproc(_metadata, self, true, 10, 2); 1108 } 1109 1110 TEST_F(tls, control_msg) 1111 { 1112 if (self->notls) 1113 return; 1114 1115 char cbuf[CMSG_SPACE(sizeof(char))]; 1116 char const *test_str = "test_read"; 1117 int cmsg_len = sizeof(char); 1118 char record_type = 100; 1119 struct cmsghdr *cmsg; 1120 struct msghdr msg; 1121 int send_len = 10; 1122 struct iovec vec; 1123 char buf[10]; 1124 1125 vec.iov_base = (char *)test_str; 1126 vec.iov_len = 10; 1127 memset(&msg, 0, sizeof(struct msghdr)); 1128 msg.msg_iov = &vec; 1129 msg.msg_iovlen = 1; 1130 msg.msg_control = cbuf; 1131 msg.msg_controllen = sizeof(cbuf); 1132 cmsg = CMSG_FIRSTHDR(&msg); 1133 cmsg->cmsg_level = SOL_TLS; 1134 /* test sending non-record types. */ 1135 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 1136 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 1137 *CMSG_DATA(cmsg) = record_type; 1138 msg.msg_controllen = cmsg->cmsg_len; 1139 1140 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 1141 /* Should fail because we didn't provide a control message */ 1142 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1143 1144 vec.iov_base = buf; 1145 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 1146 1147 cmsg = CMSG_FIRSTHDR(&msg); 1148 EXPECT_NE(cmsg, NULL); 1149 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1150 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1151 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1152 EXPECT_EQ(record_type, 100); 1153 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1154 1155 /* Recv the message again without MSG_PEEK */ 1156 record_type = 0; 1157 memset(buf, 0, sizeof(buf)); 1158 1159 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 1160 cmsg = CMSG_FIRSTHDR(&msg); 1161 EXPECT_NE(cmsg, NULL); 1162 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1163 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1164 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1165 EXPECT_EQ(record_type, 100); 1166 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1167 } 1168 1169 TEST_F(tls, shutdown) 1170 { 1171 char const *test_str = "test_read"; 1172 int send_len = 10; 1173 char buf[10]; 1174 1175 ASSERT_EQ(strlen(test_str) + 1, send_len); 1176 1177 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1178 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1179 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1180 1181 shutdown(self->fd, SHUT_RDWR); 1182 shutdown(self->cfd, SHUT_RDWR); 1183 } 1184 1185 TEST_F(tls, shutdown_unsent) 1186 { 1187 char const *test_str = "test_read"; 1188 int send_len = 10; 1189 1190 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1191 1192 shutdown(self->fd, SHUT_RDWR); 1193 shutdown(self->cfd, SHUT_RDWR); 1194 } 1195 1196 TEST_F(tls, shutdown_reuse) 1197 { 1198 struct sockaddr_in addr; 1199 int ret; 1200 1201 shutdown(self->fd, SHUT_RDWR); 1202 shutdown(self->cfd, SHUT_RDWR); 1203 close(self->cfd); 1204 1205 addr.sin_family = AF_INET; 1206 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1207 addr.sin_port = 0; 1208 1209 ret = bind(self->fd, &addr, sizeof(addr)); 1210 EXPECT_EQ(ret, 0); 1211 ret = listen(self->fd, 10); 1212 EXPECT_EQ(ret, -1); 1213 EXPECT_EQ(errno, EINVAL); 1214 1215 ret = connect(self->fd, &addr, sizeof(addr)); 1216 EXPECT_EQ(ret, -1); 1217 EXPECT_EQ(errno, EISCONN); 1218 } 1219 1220 TEST(non_established) { 1221 struct tls12_crypto_info_aes_gcm_256 tls12; 1222 struct sockaddr_in addr; 1223 int sfd, ret, fd; 1224 socklen_t len; 1225 1226 len = sizeof(addr); 1227 1228 memset(&tls12, 0, sizeof(tls12)); 1229 tls12.info.version = TLS_1_2_VERSION; 1230 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1231 1232 addr.sin_family = AF_INET; 1233 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1234 addr.sin_port = 0; 1235 1236 fd = socket(AF_INET, SOCK_STREAM, 0); 1237 sfd = socket(AF_INET, SOCK_STREAM, 0); 1238 1239 ret = bind(sfd, &addr, sizeof(addr)); 1240 ASSERT_EQ(ret, 0); 1241 ret = listen(sfd, 10); 1242 ASSERT_EQ(ret, 0); 1243 1244 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1245 EXPECT_EQ(ret, -1); 1246 /* TLS ULP not supported */ 1247 if (errno == ENOENT) 1248 return; 1249 EXPECT_EQ(errno, ENOTCONN); 1250 1251 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1252 EXPECT_EQ(ret, -1); 1253 EXPECT_EQ(errno, ENOTCONN); 1254 1255 ret = getsockname(sfd, &addr, &len); 1256 ASSERT_EQ(ret, 0); 1257 1258 ret = connect(fd, &addr, sizeof(addr)); 1259 ASSERT_EQ(ret, 0); 1260 1261 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1262 ASSERT_EQ(ret, 0); 1263 1264 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1265 EXPECT_EQ(ret, -1); 1266 EXPECT_EQ(errno, EEXIST); 1267 1268 close(fd); 1269 close(sfd); 1270 } 1271 1272 TEST(keysizes) { 1273 struct tls12_crypto_info_aes_gcm_256 tls12; 1274 struct sockaddr_in addr; 1275 int sfd, ret, fd, cfd; 1276 socklen_t len; 1277 bool notls; 1278 1279 notls = false; 1280 len = sizeof(addr); 1281 1282 memset(&tls12, 0, sizeof(tls12)); 1283 tls12.info.version = TLS_1_2_VERSION; 1284 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1285 1286 addr.sin_family = AF_INET; 1287 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1288 addr.sin_port = 0; 1289 1290 fd = socket(AF_INET, SOCK_STREAM, 0); 1291 sfd = socket(AF_INET, SOCK_STREAM, 0); 1292 1293 ret = bind(sfd, &addr, sizeof(addr)); 1294 ASSERT_EQ(ret, 0); 1295 ret = listen(sfd, 10); 1296 ASSERT_EQ(ret, 0); 1297 1298 ret = getsockname(sfd, &addr, &len); 1299 ASSERT_EQ(ret, 0); 1300 1301 ret = connect(fd, &addr, sizeof(addr)); 1302 ASSERT_EQ(ret, 0); 1303 1304 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1305 if (ret != 0) { 1306 notls = true; 1307 printf("Failure setting TCP_ULP, testing without tls\n"); 1308 } 1309 1310 if (!notls) { 1311 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1312 sizeof(tls12)); 1313 EXPECT_EQ(ret, 0); 1314 } 1315 1316 cfd = accept(sfd, &addr, &len); 1317 ASSERT_GE(cfd, 0); 1318 1319 if (!notls) { 1320 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 1321 sizeof("tls")); 1322 EXPECT_EQ(ret, 0); 1323 1324 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1325 sizeof(tls12)); 1326 EXPECT_EQ(ret, 0); 1327 } 1328 1329 close(sfd); 1330 close(fd); 1331 close(cfd); 1332 } 1333 1334 TEST_HARNESS_MAIN 1335