1
2
3#define _GNU_SOURCE
4
5#include <arpa/inet.h>
6#include <errno.h>
7#include <error.h>
8#include <fcntl.h>
9#include <poll.h>
10#include <stdio.h>
11#include <stdlib.h>
12#include <unistd.h>
13
14#include <linux/tls.h>
15#include <linux/tcp.h>
16#include <linux/socket.h>
17
18#include <sys/types.h>
19#include <sys/sendfile.h>
20#include <sys/socket.h>
21#include <sys/stat.h>
22
23#include "../kselftest_harness.h"
24
25#define TLS_PAYLOAD_MAX_LEN 16384
26#define SOL_TLS 282
27
28FIXTURE(tls_basic)
29{
30 int fd, cfd;
31 bool notls;
32};
33
34FIXTURE_SETUP(tls_basic)
35{
36 struct sockaddr_in addr;
37 socklen_t len;
38 int sfd, ret;
39
40 self->notls = false;
41 len = sizeof(addr);
42
43 addr.sin_family = AF_INET;
44 addr.sin_addr.s_addr = htonl(INADDR_ANY);
45 addr.sin_port = 0;
46
47 self->fd = socket(AF_INET, SOCK_STREAM, 0);
48 sfd = socket(AF_INET, SOCK_STREAM, 0);
49
50 ret = bind(sfd, &addr, sizeof(addr));
51 ASSERT_EQ(ret, 0);
52 ret = listen(sfd, 10);
53 ASSERT_EQ(ret, 0);
54
55 ret = getsockname(sfd, &addr, &len);
56 ASSERT_EQ(ret, 0);
57
58 ret = connect(self->fd, &addr, sizeof(addr));
59 ASSERT_EQ(ret, 0);
60
61 self->cfd = accept(sfd, &addr, &len);
62 ASSERT_GE(self->cfd, 0);
63
64 close(sfd);
65
66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
67 if (ret != 0) {
68 ASSERT_EQ(errno, ENOENT);
69 self->notls = true;
70 printf("Failure setting TCP_ULP, testing without tls\n");
71 return;
72 }
73
74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
75 ASSERT_EQ(ret, 0);
76}
77
78FIXTURE_TEARDOWN(tls_basic)
79{
80 close(self->fd);
81 close(self->cfd);
82}
83
84
85TEST_F(tls_basic, base_base)
86{
87 char const *test_str = "test_read";
88 int send_len = 10;
89 char buf[10];
90
91 ASSERT_EQ(strlen(test_str) + 1, send_len);
92
93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
96};
97
98FIXTURE(tls)
99{
100 int fd, cfd;
101 bool notls;
102};
103
104FIXTURE_VARIANT(tls)
105{
106 uint16_t tls_version;
107 uint16_t cipher_type;
108};
109
110FIXTURE_VARIANT_ADD(tls, 12_gcm)
111{
112 .tls_version = TLS_1_2_VERSION,
113 .cipher_type = TLS_CIPHER_AES_GCM_128,
114};
115
116FIXTURE_VARIANT_ADD(tls, 13_gcm)
117{
118 .tls_version = TLS_1_3_VERSION,
119 .cipher_type = TLS_CIPHER_AES_GCM_128,
120};
121
122FIXTURE_VARIANT_ADD(tls, 12_chacha)
123{
124 .tls_version = TLS_1_2_VERSION,
125 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305,
126};
127
128FIXTURE_VARIANT_ADD(tls, 13_chacha)
129{
130 .tls_version = TLS_1_3_VERSION,
131 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305,
132};
133
134FIXTURE_SETUP(tls)
135{
136 union {
137 struct tls12_crypto_info_aes_gcm_128 aes128;
138 struct tls12_crypto_info_chacha20_poly1305 chacha20;
139 } tls12;
140 struct sockaddr_in addr;
141 socklen_t len;
142 int sfd, ret;
143 size_t tls12_sz;
144
145 self->notls = false;
146 len = sizeof(addr);
147
148 memset(&tls12, 0, sizeof(tls12));
149 switch (variant->cipher_type) {
150 case TLS_CIPHER_CHACHA20_POLY1305:
151 tls12_sz = sizeof(struct tls12_crypto_info_chacha20_poly1305);
152 tls12.chacha20.info.version = variant->tls_version;
153 tls12.chacha20.info.cipher_type = variant->cipher_type;
154 break;
155 case TLS_CIPHER_AES_GCM_128:
156 tls12_sz = sizeof(struct tls12_crypto_info_aes_gcm_128);
157 tls12.aes128.info.version = variant->tls_version;
158 tls12.aes128.info.cipher_type = variant->cipher_type;
159 break;
160 default:
161 tls12_sz = 0;
162 }
163
164 addr.sin_family = AF_INET;
165 addr.sin_addr.s_addr = htonl(INADDR_ANY);
166 addr.sin_port = 0;
167
168 self->fd = socket(AF_INET, SOCK_STREAM, 0);
169 sfd = socket(AF_INET, SOCK_STREAM, 0);
170
171 ret = bind(sfd, &addr, sizeof(addr));
172 ASSERT_EQ(ret, 0);
173 ret = listen(sfd, 10);
174 ASSERT_EQ(ret, 0);
175
176 ret = getsockname(sfd, &addr, &len);
177 ASSERT_EQ(ret, 0);
178
179 ret = connect(self->fd, &addr, sizeof(addr));
180 ASSERT_EQ(ret, 0);
181
182 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
183 if (ret != 0) {
184 self->notls = true;
185 printf("Failure setting TCP_ULP, testing without tls\n");
186 }
187
188 if (!self->notls) {
189 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
190 tls12_sz);
191 ASSERT_EQ(ret, 0);
192 }
193
194 self->cfd = accept(sfd, &addr, &len);
195 ASSERT_GE(self->cfd, 0);
196
197 if (!self->notls) {
198 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
199 sizeof("tls"));
200 ASSERT_EQ(ret, 0);
201
202 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
203 tls12_sz);
204 ASSERT_EQ(ret, 0);
205 }
206
207 close(sfd);
208}
209
210FIXTURE_TEARDOWN(tls)
211{
212 close(self->fd);
213 close(self->cfd);
214}
215
216TEST_F(tls, sendfile)
217{
218 int filefd = open("/proc/self/exe", O_RDONLY);
219 struct stat st;
220
221 EXPECT_GE(filefd, 0);
222 fstat(filefd, &st);
223 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
224}
225
226TEST_F(tls, send_then_sendfile)
227{
228 int filefd = open("/proc/self/exe", O_RDONLY);
229 char const *test_str = "test_send";
230 int to_send = strlen(test_str) + 1;
231 char recv_buf[10];
232 struct stat st;
233 char *buf;
234
235 EXPECT_GE(filefd, 0);
236 fstat(filefd, &st);
237 buf = (char *)malloc(st.st_size);
238
239 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
240 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
241 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
242
243 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
244 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
245}
246
247static void chunked_sendfile(struct __test_metadata *_metadata,
248 struct _test_data_tls *self,
249 uint16_t chunk_size,
250 uint16_t extra_payload_size)
251{
252 char buf[TLS_PAYLOAD_MAX_LEN];
253 uint16_t test_payload_size;
254 int size = 0;
255 int ret;
256 char filename[] = "/tmp/mytemp.XXXXXX";
257 int fd = mkstemp(filename);
258 off_t offset = 0;
259
260 unlink(filename);
261 ASSERT_GE(fd, 0);
262 EXPECT_GE(chunk_size, 1);
263 test_payload_size = chunk_size + extra_payload_size;
264 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size);
265 memset(buf, 1, test_payload_size);
266 size = write(fd, buf, test_payload_size);
267 EXPECT_EQ(size, test_payload_size);
268 fsync(fd);
269
270 while (size > 0) {
271 ret = sendfile(self->fd, fd, &offset, chunk_size);
272 EXPECT_GE(ret, 0);
273 size -= ret;
274 }
275
276 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL),
277 test_payload_size);
278
279 close(fd);
280}
281
282TEST_F(tls, multi_chunk_sendfile)
283{
284 chunked_sendfile(_metadata, self, 4096, 4096);
285 chunked_sendfile(_metadata, self, 4096, 0);
286 chunked_sendfile(_metadata, self, 4096, 1);
287 chunked_sendfile(_metadata, self, 4096, 2048);
288 chunked_sendfile(_metadata, self, 8192, 2048);
289 chunked_sendfile(_metadata, self, 4096, 8192);
290 chunked_sendfile(_metadata, self, 8192, 4096);
291 chunked_sendfile(_metadata, self, 12288, 1024);
292 chunked_sendfile(_metadata, self, 12288, 2000);
293 chunked_sendfile(_metadata, self, 15360, 100);
294 chunked_sendfile(_metadata, self, 15360, 300);
295 chunked_sendfile(_metadata, self, 1, 4096);
296 chunked_sendfile(_metadata, self, 2048, 4096);
297 chunked_sendfile(_metadata, self, 2048, 8192);
298 chunked_sendfile(_metadata, self, 4096, 8192);
299 chunked_sendfile(_metadata, self, 1024, 12288);
300 chunked_sendfile(_metadata, self, 2000, 12288);
301 chunked_sendfile(_metadata, self, 100, 15360);
302 chunked_sendfile(_metadata, self, 300, 15360);
303}
304
305TEST_F(tls, recv_max)
306{
307 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
308 char recv_mem[TLS_PAYLOAD_MAX_LEN];
309 char buf[TLS_PAYLOAD_MAX_LEN];
310
311 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
312 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
313 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
314}
315
316TEST_F(tls, recv_small)
317{
318 char const *test_str = "test_read";
319 int send_len = 10;
320 char buf[10];
321
322 send_len = strlen(test_str) + 1;
323 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
324 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
325 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
326}
327
328TEST_F(tls, msg_more)
329{
330 char const *test_str = "test_read";
331 int send_len = 10;
332 char buf[10 * 2];
333
334 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
335 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
336 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
337 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
338 send_len * 2);
339 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
340}
341
342TEST_F(tls, msg_more_unsent)
343{
344 char const *test_str = "test_read";
345 int send_len = 10;
346 char buf[10];
347
348 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
349 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
350}
351
352TEST_F(tls, sendmsg_single)
353{
354 struct msghdr msg;
355
356 char const *test_str = "test_sendmsg";
357 size_t send_len = 13;
358 struct iovec vec;
359 char buf[13];
360
361 vec.iov_base = (char *)test_str;
362 vec.iov_len = send_len;
363 memset(&msg, 0, sizeof(struct msghdr));
364 msg.msg_iov = &vec;
365 msg.msg_iovlen = 1;
366 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
367 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
368 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
369}
370
371#define MAX_FRAGS 64
372#define SEND_LEN 13
373TEST_F(tls, sendmsg_fragmented)
374{
375 char const *test_str = "test_sendmsg";
376 char buf[SEND_LEN * MAX_FRAGS];
377 struct iovec vec[MAX_FRAGS];
378 struct msghdr msg;
379 int i, frags;
380
381 for (frags = 1; frags <= MAX_FRAGS; frags++) {
382 for (i = 0; i < frags; i++) {
383 vec[i].iov_base = (char *)test_str;
384 vec[i].iov_len = SEND_LEN;
385 }
386
387 memset(&msg, 0, sizeof(struct msghdr));
388 msg.msg_iov = vec;
389 msg.msg_iovlen = frags;
390
391 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags);
392 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL),
393 SEND_LEN * frags);
394
395 for (i = 0; i < frags; i++)
396 EXPECT_EQ(memcmp(buf + SEND_LEN * i,
397 test_str, SEND_LEN), 0);
398 }
399}
400#undef MAX_FRAGS
401#undef SEND_LEN
402
403TEST_F(tls, sendmsg_large)
404{
405 void *mem = malloc(16384);
406 size_t send_len = 16384;
407 size_t sends = 128;
408 struct msghdr msg;
409 size_t recvs = 0;
410 size_t sent = 0;
411
412 memset(&msg, 0, sizeof(struct msghdr));
413 while (sent++ < sends) {
414 struct iovec vec = { (void *)mem, send_len };
415
416 msg.msg_iov = &vec;
417 msg.msg_iovlen = 1;
418 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len);
419 }
420
421 while (recvs++ < sends)
422 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1);
423
424 free(mem);
425}
426
427TEST_F(tls, sendmsg_multiple)
428{
429 char const *test_str = "test_sendmsg_multiple";
430 struct iovec vec[5];
431 char *test_strs[5];
432 struct msghdr msg;
433 int total_len = 0;
434 int len_cmp = 0;
435 int iov_len = 5;
436 char *buf;
437 int i;
438
439 memset(&msg, 0, sizeof(struct msghdr));
440 for (i = 0; i < iov_len; i++) {
441 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
442 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
443 vec[i].iov_base = (void *)test_strs[i];
444 vec[i].iov_len = strlen(test_strs[i]) + 1;
445 total_len += vec[i].iov_len;
446 }
447 msg.msg_iov = vec;
448 msg.msg_iovlen = iov_len;
449
450 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len);
451 buf = malloc(total_len);
452 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1);
453 for (i = 0; i < iov_len; i++) {
454 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
455 strlen(test_strs[i])),
456 0);
457 len_cmp += strlen(buf + len_cmp) + 1;
458 }
459 for (i = 0; i < iov_len; i++)
460 free(test_strs[i]);
461 free(buf);
462}
463
464TEST_F(tls, sendmsg_multiple_stress)
465{
466 char const *test_str = "abcdefghijklmno";
467 struct iovec vec[1024];
468 char *test_strs[1024];
469 int iov_len = 1024;
470 int total_len = 0;
471 char buf[1 << 14];
472 struct msghdr msg;
473 int len_cmp = 0;
474 int i;
475
476 memset(&msg, 0, sizeof(struct msghdr));
477 for (i = 0; i < iov_len; i++) {
478 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
479 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
480 vec[i].iov_base = (void *)test_strs[i];
481 vec[i].iov_len = strlen(test_strs[i]) + 1;
482 total_len += vec[i].iov_len;
483 }
484 msg.msg_iov = vec;
485 msg.msg_iovlen = iov_len;
486
487 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
488 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
489
490 for (i = 0; i < iov_len; i++)
491 len_cmp += strlen(buf + len_cmp) + 1;
492
493 for (i = 0; i < iov_len; i++)
494 free(test_strs[i]);
495}
496
497TEST_F(tls, splice_from_pipe)
498{
499 int send_len = TLS_PAYLOAD_MAX_LEN;
500 char mem_send[TLS_PAYLOAD_MAX_LEN];
501 char mem_recv[TLS_PAYLOAD_MAX_LEN];
502 int p[2];
503
504 ASSERT_GE(pipe(p), 0);
505 EXPECT_GE(write(p[1], mem_send, send_len), 0);
506 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
507 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
508 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
509}
510
511TEST_F(tls, splice_from_pipe2)
512{
513 int send_len = 16000;
514 char mem_send[16000];
515 char mem_recv[16000];
516 int p2[2];
517 int p[2];
518
519 ASSERT_GE(pipe(p), 0);
520 ASSERT_GE(pipe(p2), 0);
521 EXPECT_GE(write(p[1], mem_send, 8000), 0);
522 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
523 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
524 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
525 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
526 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
527}
528
529TEST_F(tls, send_and_splice)
530{
531 int send_len = TLS_PAYLOAD_MAX_LEN;
532 char mem_send[TLS_PAYLOAD_MAX_LEN];
533 char mem_recv[TLS_PAYLOAD_MAX_LEN];
534 char const *test_str = "test_read";
535 int send_len2 = 10;
536 char buf[10];
537 int p[2];
538
539 ASSERT_GE(pipe(p), 0);
540 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
541 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
542 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
543
544 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
545 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
546
547 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
548 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
549}
550
551TEST_F(tls, splice_to_pipe)
552{
553 int send_len = TLS_PAYLOAD_MAX_LEN;
554 char mem_send[TLS_PAYLOAD_MAX_LEN];
555 char mem_recv[TLS_PAYLOAD_MAX_LEN];
556 int p[2];
557
558 ASSERT_GE(pipe(p), 0);
559 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
560 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
561 EXPECT_GE(read(p[0], mem_recv, send_len), 0);
562 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
563}
564
565TEST_F(tls, recvmsg_single)
566{
567 char const *test_str = "test_recvmsg_single";
568 int send_len = strlen(test_str) + 1;
569 char buf[20];
570 struct msghdr hdr;
571 struct iovec vec;
572
573 memset(&hdr, 0, sizeof(hdr));
574 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
575 vec.iov_base = (char *)buf;
576 vec.iov_len = send_len;
577 hdr.msg_iovlen = 1;
578 hdr.msg_iov = &vec;
579 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
580 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
581}
582
583TEST_F(tls, recvmsg_single_max)
584{
585 int send_len = TLS_PAYLOAD_MAX_LEN;
586 char send_mem[TLS_PAYLOAD_MAX_LEN];
587 char recv_mem[TLS_PAYLOAD_MAX_LEN];
588 struct iovec vec;
589 struct msghdr hdr;
590
591 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
592 vec.iov_base = (char *)recv_mem;
593 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
594
595 hdr.msg_iovlen = 1;
596 hdr.msg_iov = &vec;
597 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
598 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
599}
600
601TEST_F(tls, recvmsg_multiple)
602{
603 unsigned int msg_iovlen = 1024;
604 unsigned int len_compared = 0;
605 struct iovec vec[1024];
606 char *iov_base[1024];
607 unsigned int iov_len = 16;
608 int send_len = 1 << 14;
609 char buf[1 << 14];
610 struct msghdr hdr;
611 int i;
612
613 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
614 for (i = 0; i < msg_iovlen; i++) {
615 iov_base[i] = (char *)malloc(iov_len);
616 vec[i].iov_base = iov_base[i];
617 vec[i].iov_len = iov_len;
618 }
619
620 hdr.msg_iovlen = msg_iovlen;
621 hdr.msg_iov = vec;
622 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
623 for (i = 0; i < msg_iovlen; i++)
624 len_compared += iov_len;
625
626 for (i = 0; i < msg_iovlen; i++)
627 free(iov_base[i]);
628}
629
630TEST_F(tls, single_send_multiple_recv)
631{
632 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
633 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
634 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
635 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
636
637 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
638 memset(recv_mem, 0, total_len);
639
640 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
641 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
642 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
643}
644
645TEST_F(tls, multiple_send_single_recv)
646{
647 unsigned int total_len = 2 * 10;
648 unsigned int send_len = 10;
649 char recv_mem[2 * 10];
650 char send_mem[10];
651
652 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
653 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
654 memset(recv_mem, 0, total_len);
655 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
656
657 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
658 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
659}
660
661TEST_F(tls, single_send_multiple_recv_non_align)
662{
663 const unsigned int total_len = 15;
664 const unsigned int recv_len = 10;
665 char recv_mem[recv_len * 2];
666 char send_mem[total_len];
667
668 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
669 memset(recv_mem, 0, total_len);
670
671 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
672 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
673 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
674}
675
676TEST_F(tls, recv_partial)
677{
678 char const *test_str = "test_read_partial";
679 char const *test_str_first = "test_read";
680 char const *test_str_second = "_partial";
681 int send_len = strlen(test_str) + 1;
682 char recv_mem[18];
683
684 memset(recv_mem, 0, sizeof(recv_mem));
685 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
686 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
687 MSG_WAITALL), -1);
688 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
689 memset(recv_mem, 0, sizeof(recv_mem));
690 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
691 MSG_WAITALL), -1);
692 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
693 0);
694}
695
696TEST_F(tls, recv_nonblock)
697{
698 char buf[4096];
699 bool err;
700
701 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
702 err = (errno == EAGAIN || errno == EWOULDBLOCK);
703 EXPECT_EQ(err, true);
704}
705
706TEST_F(tls, recv_peek)
707{
708 char const *test_str = "test_read_peek";
709 int send_len = strlen(test_str) + 1;
710 char buf[15];
711
712 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
713 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
714 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
715 memset(buf, 0, sizeof(buf));
716 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
717 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
718}
719
720TEST_F(tls, recv_peek_multiple)
721{
722 char const *test_str = "test_read_peek";
723 int send_len = strlen(test_str) + 1;
724 unsigned int num_peeks = 100;
725 char buf[15];
726 int i;
727
728 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
729 for (i = 0; i < num_peeks; i++) {
730 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
731 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
732 memset(buf, 0, sizeof(buf));
733 }
734 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
735 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
736}
737
738TEST_F(tls, recv_peek_multiple_records)
739{
740 char const *test_str = "test_read_peek_mult_recs";
741 char const *test_str_first = "test_read_peek";
742 char const *test_str_second = "_mult_recs";
743 int len;
744 char buf[64];
745
746 len = strlen(test_str_first);
747 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
748
749 len = strlen(test_str_second) + 1;
750 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
751
752 len = strlen(test_str_first);
753 memset(buf, 0, len);
754 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
755
756
757 len = strlen(test_str_first);
758 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
759
760 len = strlen(test_str) + 1;
761 memset(buf, 0, len);
762 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
763
764
765
766
767 len = strlen(test_str) + 1;
768 EXPECT_EQ(memcmp(test_str, buf, len), 0);
769
770
771
772
773 len = strlen(test_str_first);
774 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
775
776 len = strlen(test_str_second) + 1;
777 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
778
779 len = strlen(test_str) + 1;
780 memset(buf, 0, len);
781 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
782
783 len = strlen(test_str) + 1;
784 EXPECT_EQ(memcmp(test_str, buf, len), 0);
785}
786
787TEST_F(tls, recv_peek_large_buf_mult_recs)
788{
789 char const *test_str = "test_read_peek_mult_recs";
790 char const *test_str_first = "test_read_peek";
791 char const *test_str_second = "_mult_recs";
792 int len;
793 char buf[64];
794
795 len = strlen(test_str_first);
796 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
797
798 len = strlen(test_str_second) + 1;
799 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
800
801 len = strlen(test_str) + 1;
802 memset(buf, 0, len);
803 EXPECT_NE((len = recv(self->cfd, buf, len,
804 MSG_PEEK | MSG_WAITALL)), -1);
805 len = strlen(test_str) + 1;
806 EXPECT_EQ(memcmp(test_str, buf, len), 0);
807}
808
809TEST_F(tls, recv_lowat)
810{
811 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
812 char recv_mem[20];
813 int lowat = 8;
814
815 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
816 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
817
818 memset(recv_mem, 0, 20);
819 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
820 &lowat, sizeof(lowat)), 0);
821 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
822 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
823 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
824
825 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
826 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
827}
828
829TEST_F(tls, bidir)
830{
831 char const *test_str = "test_read";
832 int send_len = 10;
833 char buf[10];
834 int ret;
835
836 if (!self->notls) {
837 struct tls12_crypto_info_aes_gcm_128 tls12;
838
839 memset(&tls12, 0, sizeof(tls12));
840 tls12.info.version = variant->tls_version;
841 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
842
843 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
844 sizeof(tls12));
845 ASSERT_EQ(ret, 0);
846
847 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
848 sizeof(tls12));
849 ASSERT_EQ(ret, 0);
850 }
851
852 ASSERT_EQ(strlen(test_str) + 1, send_len);
853
854 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
855 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
856 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
857
858 memset(buf, 0, sizeof(buf));
859
860 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
861 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
862 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
863};
864
865TEST_F(tls, pollin)
866{
867 char const *test_str = "test_poll";
868 struct pollfd fd = { 0, 0, 0 };
869 char buf[10];
870 int send_len = 10;
871
872 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
873 fd.fd = self->cfd;
874 fd.events = POLLIN;
875
876 EXPECT_EQ(poll(&fd, 1, 20), 1);
877 EXPECT_EQ(fd.revents & POLLIN, 1);
878 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
879
880 EXPECT_EQ(poll(&fd, 1, 20), 0);
881}
882
883TEST_F(tls, poll_wait)
884{
885 char const *test_str = "test_poll_wait";
886 int send_len = strlen(test_str) + 1;
887 struct pollfd fd = { 0, 0, 0 };
888 char recv_mem[15];
889
890 fd.fd = self->cfd;
891 fd.events = POLLIN;
892 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
893
894 EXPECT_EQ(poll(&fd, 1, -1), 1);
895 EXPECT_EQ(fd.revents & POLLIN, 1);
896 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
897}
898
899TEST_F(tls, poll_wait_split)
900{
901 struct pollfd fd = { 0, 0, 0 };
902 char send_mem[20] = {};
903 char recv_mem[15];
904
905 fd.fd = self->cfd;
906 fd.events = POLLIN;
907
908 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
909 sizeof(send_mem));
910
911 EXPECT_EQ(poll(&fd, 1, -1), 1);
912 EXPECT_EQ(fd.revents & POLLIN, 1);
913 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
914 sizeof(recv_mem));
915
916
917 fd.fd = self->cfd;
918 fd.events = POLLIN;
919 EXPECT_EQ(poll(&fd, 1, -1), 1);
920 EXPECT_EQ(fd.revents & POLLIN, 1);
921 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
922 sizeof(send_mem) - sizeof(recv_mem));
923}
924
925TEST_F(tls, blocking)
926{
927 size_t data = 100000;
928 int res = fork();
929
930 EXPECT_NE(res, -1);
931
932 if (res) {
933
934 size_t left = data;
935 char buf[16384];
936 int status;
937 int pid2;
938
939 while (left) {
940 int res = send(self->fd, buf,
941 left > 16384 ? 16384 : left, 0);
942
943 EXPECT_GE(res, 0);
944 left -= res;
945 }
946
947 pid2 = wait(&status);
948 EXPECT_EQ(status, 0);
949 EXPECT_EQ(res, pid2);
950 } else {
951
952 size_t left = data;
953 char buf[16384];
954
955 while (left) {
956 int res = recv(self->cfd, buf,
957 left > 16384 ? 16384 : left, 0);
958
959 EXPECT_GE(res, 0);
960 left -= res;
961 }
962 }
963}
964
965TEST_F(tls, nonblocking)
966{
967 size_t data = 100000;
968 int sendbuf = 100;
969 int flags;
970 int res;
971
972 flags = fcntl(self->fd, F_GETFL, 0);
973 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
974 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
975
976
977
978
979 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
980 &sendbuf, sizeof(sendbuf)), 0);
981
982 res = fork();
983 EXPECT_NE(res, -1);
984
985 if (res) {
986
987 bool eagain = false;
988 size_t left = data;
989 char buf[16384];
990 int status;
991 int pid2;
992
993 while (left) {
994 int res = send(self->fd, buf,
995 left > 16384 ? 16384 : left, 0);
996
997 if (res == -1 && errno == EAGAIN) {
998 eagain = true;
999 usleep(10000);
1000 continue;
1001 }
1002 EXPECT_GE(res, 0);
1003 left -= res;
1004 }
1005
1006 EXPECT_TRUE(eagain);
1007 pid2 = wait(&status);
1008
1009 EXPECT_EQ(status, 0);
1010 EXPECT_EQ(res, pid2);
1011 } else {
1012
1013 bool eagain = false;
1014 size_t left = data;
1015 char buf[16384];
1016
1017 while (left) {
1018 int res = recv(self->cfd, buf,
1019 left > 16384 ? 16384 : left, 0);
1020
1021 if (res == -1 && errno == EAGAIN) {
1022 eagain = true;
1023 usleep(10000);
1024 continue;
1025 }
1026 EXPECT_GE(res, 0);
1027 left -= res;
1028 }
1029 EXPECT_TRUE(eagain);
1030 }
1031}
1032
1033static void
1034test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self,
1035 bool sendpg, unsigned int n_readers, unsigned int n_writers)
1036{
1037 const unsigned int n_children = n_readers + n_writers;
1038 const size_t data = 6 * 1000 * 1000;
1039 const size_t file_sz = data / 100;
1040 size_t read_bias, write_bias;
1041 int i, fd, child_id;
1042 char buf[file_sz];
1043 pid_t pid;
1044
1045
1046 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true);
1047 read_bias = n_writers / n_readers ?: 1;
1048 write_bias = n_readers / n_writers ?: 1;
1049
1050
1051 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600);
1052 ASSERT_GE(fd, 0);
1053
1054 memset(buf, 0xac, file_sz);
1055 ASSERT_EQ(write(fd, buf, file_sz), file_sz);
1056
1057
1058 for (child_id = 0; child_id < n_children; child_id++) {
1059 pid = fork();
1060 ASSERT_NE(pid, -1);
1061 if (!pid)
1062 break;
1063 }
1064
1065
1066 if (pid) {
1067 for (i = 0; i < n_children; i++) {
1068 int status;
1069
1070 wait(&status);
1071 EXPECT_EQ(status, 0);
1072 }
1073
1074 return;
1075 }
1076
1077
1078 if (child_id < n_readers) {
1079 size_t left = data * read_bias;
1080 char rb[8001];
1081
1082 while (left) {
1083 int res;
1084
1085 res = recv(self->cfd, rb,
1086 left > sizeof(rb) ? sizeof(rb) : left, 0);
1087
1088 EXPECT_GE(res, 0);
1089 left -= res;
1090 }
1091 } else {
1092 size_t left = data * write_bias;
1093
1094 while (left) {
1095 int res;
1096
1097 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0);
1098 if (sendpg)
1099 res = sendfile(self->fd, fd, NULL,
1100 left > file_sz ? file_sz : left);
1101 else
1102 res = send(self->fd, buf,
1103 left > file_sz ? file_sz : left, 0);
1104
1105 EXPECT_GE(res, 0);
1106 left -= res;
1107 }
1108 }
1109}
1110
1111TEST_F(tls, mutliproc_even)
1112{
1113 test_mutliproc(_metadata, self, false, 6, 6);
1114}
1115
1116TEST_F(tls, mutliproc_readers)
1117{
1118 test_mutliproc(_metadata, self, false, 4, 12);
1119}
1120
1121TEST_F(tls, mutliproc_writers)
1122{
1123 test_mutliproc(_metadata, self, false, 10, 2);
1124}
1125
1126TEST_F(tls, mutliproc_sendpage_even)
1127{
1128 test_mutliproc(_metadata, self, true, 6, 6);
1129}
1130
1131TEST_F(tls, mutliproc_sendpage_readers)
1132{
1133 test_mutliproc(_metadata, self, true, 4, 12);
1134}
1135
1136TEST_F(tls, mutliproc_sendpage_writers)
1137{
1138 test_mutliproc(_metadata, self, true, 10, 2);
1139}
1140
1141TEST_F(tls, control_msg)
1142{
1143 if (self->notls)
1144 return;
1145
1146 char cbuf[CMSG_SPACE(sizeof(char))];
1147 char const *test_str = "test_read";
1148 int cmsg_len = sizeof(char);
1149 char record_type = 100;
1150 struct cmsghdr *cmsg;
1151 struct msghdr msg;
1152 int send_len = 10;
1153 struct iovec vec;
1154 char buf[10];
1155
1156 vec.iov_base = (char *)test_str;
1157 vec.iov_len = 10;
1158 memset(&msg, 0, sizeof(struct msghdr));
1159 msg.msg_iov = &vec;
1160 msg.msg_iovlen = 1;
1161 msg.msg_control = cbuf;
1162 msg.msg_controllen = sizeof(cbuf);
1163 cmsg = CMSG_FIRSTHDR(&msg);
1164 cmsg->cmsg_level = SOL_TLS;
1165
1166 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
1167 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
1168 *CMSG_DATA(cmsg) = record_type;
1169 msg.msg_controllen = cmsg->cmsg_len;
1170
1171 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
1172
1173 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
1174
1175 vec.iov_base = buf;
1176 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
1177
1178 cmsg = CMSG_FIRSTHDR(&msg);
1179 EXPECT_NE(cmsg, NULL);
1180 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1181 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1182 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1183 EXPECT_EQ(record_type, 100);
1184 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1185
1186
1187 record_type = 0;
1188 memset(buf, 0, sizeof(buf));
1189
1190 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
1191 cmsg = CMSG_FIRSTHDR(&msg);
1192 EXPECT_NE(cmsg, NULL);
1193 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1194 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1195 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1196 EXPECT_EQ(record_type, 100);
1197 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1198}
1199
1200TEST_F(tls, shutdown)
1201{
1202 char const *test_str = "test_read";
1203 int send_len = 10;
1204 char buf[10];
1205
1206 ASSERT_EQ(strlen(test_str) + 1, send_len);
1207
1208 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1209 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1210 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1211
1212 shutdown(self->fd, SHUT_RDWR);
1213 shutdown(self->cfd, SHUT_RDWR);
1214}
1215
1216TEST_F(tls, shutdown_unsent)
1217{
1218 char const *test_str = "test_read";
1219 int send_len = 10;
1220
1221 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
1222
1223 shutdown(self->fd, SHUT_RDWR);
1224 shutdown(self->cfd, SHUT_RDWR);
1225}
1226
1227TEST_F(tls, shutdown_reuse)
1228{
1229 struct sockaddr_in addr;
1230 int ret;
1231
1232 shutdown(self->fd, SHUT_RDWR);
1233 shutdown(self->cfd, SHUT_RDWR);
1234 close(self->cfd);
1235
1236 addr.sin_family = AF_INET;
1237 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1238 addr.sin_port = 0;
1239
1240 ret = bind(self->fd, &addr, sizeof(addr));
1241 EXPECT_EQ(ret, 0);
1242 ret = listen(self->fd, 10);
1243 EXPECT_EQ(ret, -1);
1244 EXPECT_EQ(errno, EINVAL);
1245
1246 ret = connect(self->fd, &addr, sizeof(addr));
1247 EXPECT_EQ(ret, -1);
1248 EXPECT_EQ(errno, EISCONN);
1249}
1250
1251TEST(non_established) {
1252 struct tls12_crypto_info_aes_gcm_256 tls12;
1253 struct sockaddr_in addr;
1254 int sfd, ret, fd;
1255 socklen_t len;
1256
1257 len = sizeof(addr);
1258
1259 memset(&tls12, 0, sizeof(tls12));
1260 tls12.info.version = TLS_1_2_VERSION;
1261 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1262
1263 addr.sin_family = AF_INET;
1264 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1265 addr.sin_port = 0;
1266
1267 fd = socket(AF_INET, SOCK_STREAM, 0);
1268 sfd = socket(AF_INET, SOCK_STREAM, 0);
1269
1270 ret = bind(sfd, &addr, sizeof(addr));
1271 ASSERT_EQ(ret, 0);
1272 ret = listen(sfd, 10);
1273 ASSERT_EQ(ret, 0);
1274
1275 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1276 EXPECT_EQ(ret, -1);
1277
1278 if (errno == ENOENT)
1279 return;
1280 EXPECT_EQ(errno, ENOTCONN);
1281
1282 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1283 EXPECT_EQ(ret, -1);
1284 EXPECT_EQ(errno, ENOTCONN);
1285
1286 ret = getsockname(sfd, &addr, &len);
1287 ASSERT_EQ(ret, 0);
1288
1289 ret = connect(fd, &addr, sizeof(addr));
1290 ASSERT_EQ(ret, 0);
1291
1292 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1293 ASSERT_EQ(ret, 0);
1294
1295 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1296 EXPECT_EQ(ret, -1);
1297 EXPECT_EQ(errno, EEXIST);
1298
1299 close(fd);
1300 close(sfd);
1301}
1302
1303TEST(keysizes) {
1304 struct tls12_crypto_info_aes_gcm_256 tls12;
1305 struct sockaddr_in addr;
1306 int sfd, ret, fd, cfd;
1307 socklen_t len;
1308 bool notls;
1309
1310 notls = false;
1311 len = sizeof(addr);
1312
1313 memset(&tls12, 0, sizeof(tls12));
1314 tls12.info.version = TLS_1_2_VERSION;
1315 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1316
1317 addr.sin_family = AF_INET;
1318 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1319 addr.sin_port = 0;
1320
1321 fd = socket(AF_INET, SOCK_STREAM, 0);
1322 sfd = socket(AF_INET, SOCK_STREAM, 0);
1323
1324 ret = bind(sfd, &addr, sizeof(addr));
1325 ASSERT_EQ(ret, 0);
1326 ret = listen(sfd, 10);
1327 ASSERT_EQ(ret, 0);
1328
1329 ret = getsockname(sfd, &addr, &len);
1330 ASSERT_EQ(ret, 0);
1331
1332 ret = connect(fd, &addr, sizeof(addr));
1333 ASSERT_EQ(ret, 0);
1334
1335 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1336 if (ret != 0) {
1337 notls = true;
1338 printf("Failure setting TCP_ULP, testing without tls\n");
1339 }
1340
1341 if (!notls) {
1342 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1343 sizeof(tls12));
1344 EXPECT_EQ(ret, 0);
1345 }
1346
1347 cfd = accept(sfd, &addr, &len);
1348 ASSERT_GE(cfd, 0);
1349
1350 if (!notls) {
1351 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1352 sizeof("tls"));
1353 EXPECT_EQ(ret, 0);
1354
1355 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1356 sizeof(tls12));
1357 EXPECT_EQ(ret, 0);
1358 }
1359
1360 close(sfd);
1361 close(fd);
1362 close(cfd);
1363}
1364
1365TEST_HARNESS_MAIN
1366
