1
2
3#define _GNU_SOURCE
4
5#include <arpa/inet.h>
6#include <errno.h>
7#include <error.h>
8#include <fcntl.h>
9#include <poll.h>
10#include <stdio.h>
11#include <stdlib.h>
12#include <unistd.h>
13
14#include <linux/tls.h>
15#include <linux/tcp.h>
16#include <linux/socket.h>
17
18#include <sys/types.h>
19#include <sys/sendfile.h>
20#include <sys/socket.h>
21#include <sys/stat.h>
22
23#include "../kselftest_harness.h"
24
25#define TLS_PAYLOAD_MAX_LEN 16384
26#define SOL_TLS 282
27
28FIXTURE(tls_basic)
29{
30 int fd, cfd;
31 bool notls;
32};
33
34FIXTURE_SETUP(tls_basic)
35{
36 struct sockaddr_in addr;
37 socklen_t len;
38 int sfd, ret;
39
40 self->notls = false;
41 len = sizeof(addr);
42
43 addr.sin_family = AF_INET;
44 addr.sin_addr.s_addr = htonl(INADDR_ANY);
45 addr.sin_port = 0;
46
47 self->fd = socket(AF_INET, SOCK_STREAM, 0);
48 sfd = socket(AF_INET, SOCK_STREAM, 0);
49
50 ret = bind(sfd, &addr, sizeof(addr));
51 ASSERT_EQ(ret, 0);
52 ret = listen(sfd, 10);
53 ASSERT_EQ(ret, 0);
54
55 ret = getsockname(sfd, &addr, &len);
56 ASSERT_EQ(ret, 0);
57
58 ret = connect(self->fd, &addr, sizeof(addr));
59 ASSERT_EQ(ret, 0);
60
61 self->cfd = accept(sfd, &addr, &len);
62 ASSERT_GE(self->cfd, 0);
63
64 close(sfd);
65
66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
67 if (ret != 0) {
68 ASSERT_EQ(errno, ENOENT);
69 self->notls = true;
70 printf("Failure setting TCP_ULP, testing without tls\n");
71 return;
72 }
73
74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
75 ASSERT_EQ(ret, 0);
76}
77
78FIXTURE_TEARDOWN(tls_basic)
79{
80 close(self->fd);
81 close(self->cfd);
82}
83
84
85TEST_F(tls_basic, base_base)
86{
87 char const *test_str = "test_read";
88 int send_len = 10;
89 char buf[10];
90
91 ASSERT_EQ(strlen(test_str) + 1, send_len);
92
93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
96};
97
98FIXTURE(tls)
99{
100 int fd, cfd;
101 bool notls;
102};
103
104FIXTURE_VARIANT(tls)
105{
106 unsigned int tls_version;
107};
108
109FIXTURE_VARIANT_ADD(tls, 12)
110{
111 .tls_version = TLS_1_2_VERSION,
112};
113
114FIXTURE_VARIANT_ADD(tls, 13)
115{
116 .tls_version = TLS_1_3_VERSION,
117};
118
119FIXTURE_SETUP(tls)
120{
121 struct tls12_crypto_info_aes_gcm_128 tls12;
122 struct sockaddr_in addr;
123 socklen_t len;
124 int sfd, ret;
125
126 self->notls = false;
127 len = sizeof(addr);
128
129 memset(&tls12, 0, sizeof(tls12));
130 tls12.info.version = variant->tls_version;
131 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
132
133 addr.sin_family = AF_INET;
134 addr.sin_addr.s_addr = htonl(INADDR_ANY);
135 addr.sin_port = 0;
136
137 self->fd = socket(AF_INET, SOCK_STREAM, 0);
138 sfd = socket(AF_INET, SOCK_STREAM, 0);
139
140 ret = bind(sfd, &addr, sizeof(addr));
141 ASSERT_EQ(ret, 0);
142 ret = listen(sfd, 10);
143 ASSERT_EQ(ret, 0);
144
145 ret = getsockname(sfd, &addr, &len);
146 ASSERT_EQ(ret, 0);
147
148 ret = connect(self->fd, &addr, sizeof(addr));
149 ASSERT_EQ(ret, 0);
150
151 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
152 if (ret != 0) {
153 self->notls = true;
154 printf("Failure setting TCP_ULP, testing without tls\n");
155 }
156
157 if (!self->notls) {
158 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
159 sizeof(tls12));
160 ASSERT_EQ(ret, 0);
161 }
162
163 self->cfd = accept(sfd, &addr, &len);
164 ASSERT_GE(self->cfd, 0);
165
166 if (!self->notls) {
167 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
168 sizeof("tls"));
169 ASSERT_EQ(ret, 0);
170
171 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
172 sizeof(tls12));
173 ASSERT_EQ(ret, 0);
174 }
175
176 close(sfd);
177}
178
179FIXTURE_TEARDOWN(tls)
180{
181 close(self->fd);
182 close(self->cfd);
183}
184
185TEST_F(tls, sendfile)
186{
187 int filefd = open("/proc/self/exe", O_RDONLY);
188 struct stat st;
189
190 EXPECT_GE(filefd, 0);
191 fstat(filefd, &st);
192 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
193}
194
195TEST_F(tls, send_then_sendfile)
196{
197 int filefd = open("/proc/self/exe", O_RDONLY);
198 char const *test_str = "test_send";
199 int to_send = strlen(test_str) + 1;
200 char recv_buf[10];
201 struct stat st;
202 char *buf;
203
204 EXPECT_GE(filefd, 0);
205 fstat(filefd, &st);
206 buf = (char *)malloc(st.st_size);
207
208 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
209 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
210 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
211
212 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
213 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
214}
215
216static void chunked_sendfile(struct __test_metadata *_metadata,
217 struct _test_data_tls *self,
218 uint16_t chunk_size,
219 uint16_t extra_payload_size)
220{
221 char buf[TLS_PAYLOAD_MAX_LEN];
222 uint16_t test_payload_size;
223 int size = 0;
224 int ret;
225 char filename[] = "/tmp/mytemp.XXXXXX";
226 int fd = mkstemp(filename);
227 off_t offset = 0;
228
229 unlink(filename);
230 ASSERT_GE(fd, 0);
231 EXPECT_GE(chunk_size, 1);
232 test_payload_size = chunk_size + extra_payload_size;
233 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size);
234 memset(buf, 1, test_payload_size);
235 size = write(fd, buf, test_payload_size);
236 EXPECT_EQ(size, test_payload_size);
237 fsync(fd);
238
239 while (size > 0) {
240 ret = sendfile(self->fd, fd, &offset, chunk_size);
241 EXPECT_GE(ret, 0);
242 size -= ret;
243 }
244
245 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL),
246 test_payload_size);
247
248 close(fd);
249}
250
251TEST_F(tls, multi_chunk_sendfile)
252{
253 chunked_sendfile(_metadata, self, 4096, 4096);
254 chunked_sendfile(_metadata, self, 4096, 0);
255 chunked_sendfile(_metadata, self, 4096, 1);
256 chunked_sendfile(_metadata, self, 4096, 2048);
257 chunked_sendfile(_metadata, self, 8192, 2048);
258 chunked_sendfile(_metadata, self, 4096, 8192);
259 chunked_sendfile(_metadata, self, 8192, 4096);
260 chunked_sendfile(_metadata, self, 12288, 1024);
261 chunked_sendfile(_metadata, self, 12288, 2000);
262 chunked_sendfile(_metadata, self, 15360, 100);
263 chunked_sendfile(_metadata, self, 15360, 300);
264 chunked_sendfile(_metadata, self, 1, 4096);
265 chunked_sendfile(_metadata, self, 2048, 4096);
266 chunked_sendfile(_metadata, self, 2048, 8192);
267 chunked_sendfile(_metadata, self, 4096, 8192);
268 chunked_sendfile(_metadata, self, 1024, 12288);
269 chunked_sendfile(_metadata, self, 2000, 12288);
270 chunked_sendfile(_metadata, self, 100, 15360);
271 chunked_sendfile(_metadata, self, 300, 15360);
272}
273
274TEST_F(tls, recv_max)
275{
276 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
277 char recv_mem[TLS_PAYLOAD_MAX_LEN];
278 char buf[TLS_PAYLOAD_MAX_LEN];
279
280 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
281 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
282 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
283}
284
285TEST_F(tls, recv_small)
286{
287 char const *test_str = "test_read";
288 int send_len = 10;
289 char buf[10];
290
291 send_len = strlen(test_str) + 1;
292 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
293 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
294 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
295}
296
297TEST_F(tls, msg_more)
298{
299 char const *test_str = "test_read";
300 int send_len = 10;
301 char buf[10 * 2];
302
303 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
304 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
305 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
306 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
307 send_len * 2);
308 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
309}
310
311TEST_F(tls, msg_more_unsent)
312{
313 char const *test_str = "test_read";
314 int send_len = 10;
315 char buf[10];
316
317 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
318 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
319}
320
321TEST_F(tls, sendmsg_single)
322{
323 struct msghdr msg;
324
325 char const *test_str = "test_sendmsg";
326 size_t send_len = 13;
327 struct iovec vec;
328 char buf[13];
329
330 vec.iov_base = (char *)test_str;
331 vec.iov_len = send_len;
332 memset(&msg, 0, sizeof(struct msghdr));
333 msg.msg_iov = &vec;
334 msg.msg_iovlen = 1;
335 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
336 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
337 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
338}
339
340#define MAX_FRAGS 64
341#define SEND_LEN 13
342TEST_F(tls, sendmsg_fragmented)
343{
344 char const *test_str = "test_sendmsg";
345 char buf[SEND_LEN * MAX_FRAGS];
346 struct iovec vec[MAX_FRAGS];
347 struct msghdr msg;
348 int i, frags;
349
350 for (frags = 1; frags <= MAX_FRAGS; frags++) {
351 for (i = 0; i < frags; i++) {
352 vec[i].iov_base = (char *)test_str;
353 vec[i].iov_len = SEND_LEN;
354 }
355
356 memset(&msg, 0, sizeof(struct msghdr));
357 msg.msg_iov = vec;
358 msg.msg_iovlen = frags;
359
360 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags);
361 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL),
362 SEND_LEN * frags);
363
364 for (i = 0; i < frags; i++)
365 EXPECT_EQ(memcmp(buf + SEND_LEN * i,
366 test_str, SEND_LEN), 0);
367 }
368}
369#undef MAX_FRAGS
370#undef SEND_LEN
371
372TEST_F(tls, sendmsg_large)
373{
374 void *mem = malloc(16384);
375 size_t send_len = 16384;
376 size_t sends = 128;
377 struct msghdr msg;
378 size_t recvs = 0;
379 size_t sent = 0;
380
381 memset(&msg, 0, sizeof(struct msghdr));
382 while (sent++ < sends) {
383 struct iovec vec = { (void *)mem, send_len };
384
385 msg.msg_iov = &vec;
386 msg.msg_iovlen = 1;
387 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len);
388 }
389
390 while (recvs++ < sends)
391 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1);
392
393 free(mem);
394}
395
396TEST_F(tls, sendmsg_multiple)
397{
398 char const *test_str = "test_sendmsg_multiple";
399 struct iovec vec[5];
400 char *test_strs[5];
401 struct msghdr msg;
402 int total_len = 0;
403 int len_cmp = 0;
404 int iov_len = 5;
405 char *buf;
406 int i;
407
408 memset(&msg, 0, sizeof(struct msghdr));
409 for (i = 0; i < iov_len; i++) {
410 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
411 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
412 vec[i].iov_base = (void *)test_strs[i];
413 vec[i].iov_len = strlen(test_strs[i]) + 1;
414 total_len += vec[i].iov_len;
415 }
416 msg.msg_iov = vec;
417 msg.msg_iovlen = iov_len;
418
419 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len);
420 buf = malloc(total_len);
421 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1);
422 for (i = 0; i < iov_len; i++) {
423 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
424 strlen(test_strs[i])),
425 0);
426 len_cmp += strlen(buf + len_cmp) + 1;
427 }
428 for (i = 0; i < iov_len; i++)
429 free(test_strs[i]);
430 free(buf);
431}
432
433TEST_F(tls, sendmsg_multiple_stress)
434{
435 char const *test_str = "abcdefghijklmno";
436 struct iovec vec[1024];
437 char *test_strs[1024];
438 int iov_len = 1024;
439 int total_len = 0;
440 char buf[1 << 14];
441 struct msghdr msg;
442 int len_cmp = 0;
443 int i;
444
445 memset(&msg, 0, sizeof(struct msghdr));
446 for (i = 0; i < iov_len; i++) {
447 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
448 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
449 vec[i].iov_base = (void *)test_strs[i];
450 vec[i].iov_len = strlen(test_strs[i]) + 1;
451 total_len += vec[i].iov_len;
452 }
453 msg.msg_iov = vec;
454 msg.msg_iovlen = iov_len;
455
456 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
457 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
458
459 for (i = 0; i < iov_len; i++)
460 len_cmp += strlen(buf + len_cmp) + 1;
461
462 for (i = 0; i < iov_len; i++)
463 free(test_strs[i]);
464}
465
466TEST_F(tls, splice_from_pipe)
467{
468 int send_len = TLS_PAYLOAD_MAX_LEN;
469 char mem_send[TLS_PAYLOAD_MAX_LEN];
470 char mem_recv[TLS_PAYLOAD_MAX_LEN];
471 int p[2];
472
473 ASSERT_GE(pipe(p), 0);
474 EXPECT_GE(write(p[1], mem_send, send_len), 0);
475 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
476 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
477 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
478}
479
480TEST_F(tls, splice_from_pipe2)
481{
482 int send_len = 16000;
483 char mem_send[16000];
484 char mem_recv[16000];
485 int p2[2];
486 int p[2];
487
488 ASSERT_GE(pipe(p), 0);
489 ASSERT_GE(pipe(p2), 0);
490 EXPECT_GE(write(p[1], mem_send, 8000), 0);
491 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
492 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
493 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
494 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
495 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
496}
497
498TEST_F(tls, send_and_splice)
499{
500 int send_len = TLS_PAYLOAD_MAX_LEN;
501 char mem_send[TLS_PAYLOAD_MAX_LEN];
502 char mem_recv[TLS_PAYLOAD_MAX_LEN];
503 char const *test_str = "test_read";
504 int send_len2 = 10;
505 char buf[10];
506 int p[2];
507
508 ASSERT_GE(pipe(p), 0);
509 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
510 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
511 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
512
513 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
514 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
515
516 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
517 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
518}
519
520TEST_F(tls, splice_to_pipe)
521{
522 int send_len = TLS_PAYLOAD_MAX_LEN;
523 char mem_send[TLS_PAYLOAD_MAX_LEN];
524 char mem_recv[TLS_PAYLOAD_MAX_LEN];
525 int p[2];
526
527 ASSERT_GE(pipe(p), 0);
528 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
529 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
530 EXPECT_GE(read(p[0], mem_recv, send_len), 0);
531 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
532}
533
534TEST_F(tls, recvmsg_single)
535{
536 char const *test_str = "test_recvmsg_single";
537 int send_len = strlen(test_str) + 1;
538 char buf[20];
539 struct msghdr hdr;
540 struct iovec vec;
541
542 memset(&hdr, 0, sizeof(hdr));
543 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
544 vec.iov_base = (char *)buf;
545 vec.iov_len = send_len;
546 hdr.msg_iovlen = 1;
547 hdr.msg_iov = &vec;
548 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
549 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
550}
551
552TEST_F(tls, recvmsg_single_max)
553{
554 int send_len = TLS_PAYLOAD_MAX_LEN;
555 char send_mem[TLS_PAYLOAD_MAX_LEN];
556 char recv_mem[TLS_PAYLOAD_MAX_LEN];
557 struct iovec vec;
558 struct msghdr hdr;
559
560 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
561 vec.iov_base = (char *)recv_mem;
562 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
563
564 hdr.msg_iovlen = 1;
565 hdr.msg_iov = &vec;
566 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
567 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
568}
569
570TEST_F(tls, recvmsg_multiple)
571{
572 unsigned int msg_iovlen = 1024;
573 unsigned int len_compared = 0;
574 struct iovec vec[1024];
575 char *iov_base[1024];
576 unsigned int iov_len = 16;
577 int send_len = 1 << 14;
578 char buf[1 << 14];
579 struct msghdr hdr;
580 int i;
581
582 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
583 for (i = 0; i < msg_iovlen; i++) {
584 iov_base[i] = (char *)malloc(iov_len);
585 vec[i].iov_base = iov_base[i];
586 vec[i].iov_len = iov_len;
587 }
588
589 hdr.msg_iovlen = msg_iovlen;
590 hdr.msg_iov = vec;
591 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
592 for (i = 0; i < msg_iovlen; i++)
593 len_compared += iov_len;
594
595 for (i = 0; i < msg_iovlen; i++)
596 free(iov_base[i]);
597}
598
599TEST_F(tls, single_send_multiple_recv)
600{
601 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
602 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
603 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
604 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
605
606 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
607 memset(recv_mem, 0, total_len);
608
609 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
610 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
611 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
612}
613
614TEST_F(tls, multiple_send_single_recv)
615{
616 unsigned int total_len = 2 * 10;
617 unsigned int send_len = 10;
618 char recv_mem[2 * 10];
619 char send_mem[10];
620
621 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
622 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
623 memset(recv_mem, 0, total_len);
624 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
625
626 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
627 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
628}
629
630TEST_F(tls, single_send_multiple_recv_non_align)
631{
632 const unsigned int total_len = 15;
633 const unsigned int recv_len = 10;
634 char recv_mem[recv_len * 2];
635 char send_mem[total_len];
636
637 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
638 memset(recv_mem, 0, total_len);
639
640 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
641 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
642 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
643}
644
645TEST_F(tls, recv_partial)
646{
647 char const *test_str = "test_read_partial";
648 char const *test_str_first = "test_read";
649 char const *test_str_second = "_partial";
650 int send_len = strlen(test_str) + 1;
651 char recv_mem[18];
652
653 memset(recv_mem, 0, sizeof(recv_mem));
654 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
655 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
656 MSG_WAITALL), -1);
657 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
658 memset(recv_mem, 0, sizeof(recv_mem));
659 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
660 MSG_WAITALL), -1);
661 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
662 0);
663}
664
665TEST_F(tls, recv_nonblock)
666{
667 char buf[4096];
668 bool err;
669
670 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
671 err = (errno == EAGAIN || errno == EWOULDBLOCK);
672 EXPECT_EQ(err, true);
673}
674
675TEST_F(tls, recv_peek)
676{
677 char const *test_str = "test_read_peek";
678 int send_len = strlen(test_str) + 1;
679 char buf[15];
680
681 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
682 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
683 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
684 memset(buf, 0, sizeof(buf));
685 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
686 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
687}
688
689TEST_F(tls, recv_peek_multiple)
690{
691 char const *test_str = "test_read_peek";
692 int send_len = strlen(test_str) + 1;
693 unsigned int num_peeks = 100;
694 char buf[15];
695 int i;
696
697 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
698 for (i = 0; i < num_peeks; i++) {
699 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
700 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
701 memset(buf, 0, sizeof(buf));
702 }
703 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
704 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
705}
706
707TEST_F(tls, recv_peek_multiple_records)
708{
709 char const *test_str = "test_read_peek_mult_recs";
710 char const *test_str_first = "test_read_peek";
711 char const *test_str_second = "_mult_recs";
712 int len;
713 char buf[64];
714
715 len = strlen(test_str_first);
716 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
717
718 len = strlen(test_str_second) + 1;
719 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
720
721 len = strlen(test_str_first);
722 memset(buf, 0, len);
723 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
724
725
726 len = strlen(test_str_first);
727 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
728
729 len = strlen(test_str) + 1;
730 memset(buf, 0, len);
731 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
732
733
734
735
736 len = strlen(test_str) + 1;
737 EXPECT_EQ(memcmp(test_str, buf, len), 0);
738
739
740
741
742 len = strlen(test_str_first);
743 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
744
745 len = strlen(test_str_second) + 1;
746 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
747
748 len = strlen(test_str) + 1;
749 memset(buf, 0, len);
750 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
751
752 len = strlen(test_str) + 1;
753 EXPECT_EQ(memcmp(test_str, buf, len), 0);
754}
755
756TEST_F(tls, recv_peek_large_buf_mult_recs)
757{
758 char const *test_str = "test_read_peek_mult_recs";
759 char const *test_str_first = "test_read_peek";
760 char const *test_str_second = "_mult_recs";
761 int len;
762 char buf[64];
763
764 len = strlen(test_str_first);
765 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
766
767 len = strlen(test_str_second) + 1;
768 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
769
770 len = strlen(test_str) + 1;
771 memset(buf, 0, len);
772 EXPECT_NE((len = recv(self->cfd, buf, len,
773 MSG_PEEK | MSG_WAITALL)), -1);
774 len = strlen(test_str) + 1;
775 EXPECT_EQ(memcmp(test_str, buf, len), 0);
776}
777
778TEST_F(tls, recv_lowat)
779{
780 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
781 char recv_mem[20];
782 int lowat = 8;
783
784 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
785 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
786
787 memset(recv_mem, 0, 20);
788 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
789 &lowat, sizeof(lowat)), 0);
790 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
791 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
792 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
793
794 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
795 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
796}
797
798TEST_F(tls, bidir)
799{
800 char const *test_str = "test_read";
801 int send_len = 10;
802 char buf[10];
803 int ret;
804
805 if (!self->notls) {
806 struct tls12_crypto_info_aes_gcm_128 tls12;
807
808 memset(&tls12, 0, sizeof(tls12));
809 tls12.info.version = variant->tls_version;
810 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
811
812 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
813 sizeof(tls12));
814 ASSERT_EQ(ret, 0);
815
816 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
817 sizeof(tls12));
818 ASSERT_EQ(ret, 0);
819 }
820
821 ASSERT_EQ(strlen(test_str) + 1, send_len);
822
823 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
824 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
825 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
826
827 memset(buf, 0, sizeof(buf));
828
829 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
830 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
831 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
832};
833
834TEST_F(tls, pollin)
835{
836 char const *test_str = "test_poll";
837 struct pollfd fd = { 0, 0, 0 };
838 char buf[10];
839 int send_len = 10;
840
841 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
842 fd.fd = self->cfd;
843 fd.events = POLLIN;
844
845 EXPECT_EQ(poll(&fd, 1, 20), 1);
846 EXPECT_EQ(fd.revents & POLLIN, 1);
847 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
848
849 EXPECT_EQ(poll(&fd, 1, 20), 0);
850}
851
852TEST_F(tls, poll_wait)
853{
854 char const *test_str = "test_poll_wait";
855 int send_len = strlen(test_str) + 1;
856 struct pollfd fd = { 0, 0, 0 };
857 char recv_mem[15];
858
859 fd.fd = self->cfd;
860 fd.events = POLLIN;
861 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
862
863 EXPECT_EQ(poll(&fd, 1, -1), 1);
864 EXPECT_EQ(fd.revents & POLLIN, 1);
865 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
866}
867
868TEST_F(tls, poll_wait_split)
869{
870 struct pollfd fd = { 0, 0, 0 };
871 char send_mem[20] = {};
872 char recv_mem[15];
873
874 fd.fd = self->cfd;
875 fd.events = POLLIN;
876
877 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
878 sizeof(send_mem));
879
880 EXPECT_EQ(poll(&fd, 1, -1), 1);
881 EXPECT_EQ(fd.revents & POLLIN, 1);
882 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
883 sizeof(recv_mem));
884
885
886 fd.fd = self->cfd;
887 fd.events = POLLIN;
888 EXPECT_EQ(poll(&fd, 1, -1), 1);
889 EXPECT_EQ(fd.revents & POLLIN, 1);
890 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
891 sizeof(send_mem) - sizeof(recv_mem));
892}
893
894TEST_F(tls, blocking)
895{
896 size_t data = 100000;
897 int res = fork();
898
899 EXPECT_NE(res, -1);
900
901 if (res) {
902
903 size_t left = data;
904 char buf[16384];
905 int status;
906 int pid2;
907
908 while (left) {
909 int res = send(self->fd, buf,
910 left > 16384 ? 16384 : left, 0);
911
912 EXPECT_GE(res, 0);
913 left -= res;
914 }
915
916 pid2 = wait(&status);
917 EXPECT_EQ(status, 0);
918 EXPECT_EQ(res, pid2);
919 } else {
920
921 size_t left = data;
922 char buf[16384];
923
924 while (left) {
925 int res = recv(self->cfd, buf,
926 left > 16384 ? 16384 : left, 0);
927
928 EXPECT_GE(res, 0);
929 left -= res;
930 }
931 }
932}
933
934TEST_F(tls, nonblocking)
935{
936 size_t data = 100000;
937 int sendbuf = 100;
938 int flags;
939 int res;
940
941 flags = fcntl(self->fd, F_GETFL, 0);
942 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
943 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
944
945
946
947
948 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
949 &sendbuf, sizeof(sendbuf)), 0);
950
951 res = fork();
952 EXPECT_NE(res, -1);
953
954 if (res) {
955
956 bool eagain = false;
957 size_t left = data;
958 char buf[16384];
959 int status;
960 int pid2;
961
962 while (left) {
963 int res = send(self->fd, buf,
964 left > 16384 ? 16384 : left, 0);
965
966 if (res == -1 && errno == EAGAIN) {
967 eagain = true;
968 usleep(10000);
969 continue;
970 }
971 EXPECT_GE(res, 0);
972 left -= res;
973 }
974
975 EXPECT_TRUE(eagain);
976 pid2 = wait(&status);
977
978 EXPECT_EQ(status, 0);
979 EXPECT_EQ(res, pid2);
980 } else {
981
982 bool eagain = false;
983 size_t left = data;
984 char buf[16384];
985
986 while (left) {
987 int res = recv(self->cfd, buf,
988 left > 16384 ? 16384 : left, 0);
989
990 if (res == -1 && errno == EAGAIN) {
991 eagain = true;
992 usleep(10000);
993 continue;
994 }
995 EXPECT_GE(res, 0);
996 left -= res;
997 }
998 EXPECT_TRUE(eagain);
999 }
1000}
1001
1002static void
1003test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self,
1004 bool sendpg, unsigned int n_readers, unsigned int n_writers)
1005{
1006 const unsigned int n_children = n_readers + n_writers;
1007 const size_t data = 6 * 1000 * 1000;
1008 const size_t file_sz = data / 100;
1009 size_t read_bias, write_bias;
1010 int i, fd, child_id;
1011 char buf[file_sz];
1012 pid_t pid;
1013
1014
1015 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true);
1016 read_bias = n_writers / n_readers ?: 1;
1017 write_bias = n_readers / n_writers ?: 1;
1018
1019
1020 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600);
1021 ASSERT_GE(fd, 0);
1022
1023 memset(buf, 0xac, file_sz);
1024 ASSERT_EQ(write(fd, buf, file_sz), file_sz);
1025
1026
1027 for (child_id = 0; child_id < n_children; child_id++) {
1028 pid = fork();
1029 ASSERT_NE(pid, -1);
1030 if (!pid)
1031 break;
1032 }
1033
1034
1035 if (pid) {
1036 for (i = 0; i < n_children; i++) {
1037 int status;
1038
1039 wait(&status);
1040 EXPECT_EQ(status, 0);
1041 }
1042
1043 return;
1044 }
1045
1046
1047 if (child_id < n_readers) {
1048 size_t left = data * read_bias;
1049 char rb[8001];
1050
1051 while (left) {
1052 int res;
1053
1054 res = recv(self->cfd, rb,
1055 left > sizeof(rb) ? sizeof(rb) : left, 0);
1056
1057 EXPECT_GE(res, 0);
1058 left -= res;
1059 }
1060 } else {
1061 size_t left = data * write_bias;
1062
1063 while (left) {
1064 int res;
1065
1066 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0);
1067 if (sendpg)
1068 res = sendfile(self->fd, fd, NULL,
1069 left > file_sz ? file_sz : left);
1070 else
1071 res = send(self->fd, buf,
1072 left > file_sz ? file_sz : left, 0);
1073
1074 EXPECT_GE(res, 0);
1075 left -= res;
1076 }
1077 }
1078}
1079
1080TEST_F(tls, mutliproc_even)
1081{
1082 test_mutliproc(_metadata, self, false, 6, 6);
1083}
1084
1085TEST_F(tls, mutliproc_readers)
1086{
1087 test_mutliproc(_metadata, self, false, 4, 12);
1088}
1089
1090TEST_F(tls, mutliproc_writers)
1091{
1092 test_mutliproc(_metadata, self, false, 10, 2);
1093}
1094
1095TEST_F(tls, mutliproc_sendpage_even)
1096{
1097 test_mutliproc(_metadata, self, true, 6, 6);
1098}
1099
1100TEST_F(tls, mutliproc_sendpage_readers)
1101{
1102 test_mutliproc(_metadata, self, true, 4, 12);
1103}
1104
1105TEST_F(tls, mutliproc_sendpage_writers)
1106{
1107 test_mutliproc(_metadata, self, true, 10, 2);
1108}
1109
1110TEST_F(tls, control_msg)
1111{
1112 if (self->notls)
1113 return;
1114
1115 char cbuf[CMSG_SPACE(sizeof(char))];
1116 char const *test_str = "test_read";
1117 int cmsg_len = sizeof(char);
1118 char record_type = 100;
1119 struct cmsghdr *cmsg;
1120 struct msghdr msg;
1121 int send_len = 10;
1122 struct iovec vec;
1123 char buf[10];
1124
1125 vec.iov_base = (char *)test_str;
1126 vec.iov_len = 10;
1127 memset(&msg, 0, sizeof(struct msghdr));
1128 msg.msg_iov = &vec;
1129 msg.msg_iovlen = 1;
1130 msg.msg_control = cbuf;
1131 msg.msg_controllen = sizeof(cbuf);
1132 cmsg = CMSG_FIRSTHDR(&msg);
1133 cmsg->cmsg_level = SOL_TLS;
1134
1135 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
1136 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
1137 *CMSG_DATA(cmsg) = record_type;
1138 msg.msg_controllen = cmsg->cmsg_len;
1139
1140 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
1141
1142 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
1143
1144 vec.iov_base = buf;
1145 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
1146
1147 cmsg = CMSG_FIRSTHDR(&msg);
1148 EXPECT_NE(cmsg, NULL);
1149 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1150 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1151 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1152 EXPECT_EQ(record_type, 100);
1153 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1154
1155
1156 record_type = 0;
1157 memset(buf, 0, sizeof(buf));
1158
1159 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
1160 cmsg = CMSG_FIRSTHDR(&msg);
1161 EXPECT_NE(cmsg, NULL);
1162 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1163 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1164 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1165 EXPECT_EQ(record_type, 100);
1166 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1167}
1168
1169TEST_F(tls, shutdown)
1170{
1171 char const *test_str = "test_read";
1172 int send_len = 10;
1173 char buf[10];
1174
1175 ASSERT_EQ(strlen(test_str) + 1, send_len);
1176
1177 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1178 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1179 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1180
1181 shutdown(self->fd, SHUT_RDWR);
1182 shutdown(self->cfd, SHUT_RDWR);
1183}
1184
1185TEST_F(tls, shutdown_unsent)
1186{
1187 char const *test_str = "test_read";
1188 int send_len = 10;
1189
1190 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
1191
1192 shutdown(self->fd, SHUT_RDWR);
1193 shutdown(self->cfd, SHUT_RDWR);
1194}
1195
1196TEST_F(tls, shutdown_reuse)
1197{
1198 struct sockaddr_in addr;
1199 int ret;
1200
1201 shutdown(self->fd, SHUT_RDWR);
1202 shutdown(self->cfd, SHUT_RDWR);
1203 close(self->cfd);
1204
1205 addr.sin_family = AF_INET;
1206 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1207 addr.sin_port = 0;
1208
1209 ret = bind(self->fd, &addr, sizeof(addr));
1210 EXPECT_EQ(ret, 0);
1211 ret = listen(self->fd, 10);
1212 EXPECT_EQ(ret, -1);
1213 EXPECT_EQ(errno, EINVAL);
1214
1215 ret = connect(self->fd, &addr, sizeof(addr));
1216 EXPECT_EQ(ret, -1);
1217 EXPECT_EQ(errno, EISCONN);
1218}
1219
1220TEST(non_established) {
1221 struct tls12_crypto_info_aes_gcm_256 tls12;
1222 struct sockaddr_in addr;
1223 int sfd, ret, fd;
1224 socklen_t len;
1225
1226 len = sizeof(addr);
1227
1228 memset(&tls12, 0, sizeof(tls12));
1229 tls12.info.version = TLS_1_2_VERSION;
1230 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1231
1232 addr.sin_family = AF_INET;
1233 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1234 addr.sin_port = 0;
1235
1236 fd = socket(AF_INET, SOCK_STREAM, 0);
1237 sfd = socket(AF_INET, SOCK_STREAM, 0);
1238
1239 ret = bind(sfd, &addr, sizeof(addr));
1240 ASSERT_EQ(ret, 0);
1241 ret = listen(sfd, 10);
1242 ASSERT_EQ(ret, 0);
1243
1244 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1245 EXPECT_EQ(ret, -1);
1246
1247 if (errno == ENOENT)
1248 return;
1249 EXPECT_EQ(errno, ENOTCONN);
1250
1251 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1252 EXPECT_EQ(ret, -1);
1253 EXPECT_EQ(errno, ENOTCONN);
1254
1255 ret = getsockname(sfd, &addr, &len);
1256 ASSERT_EQ(ret, 0);
1257
1258 ret = connect(fd, &addr, sizeof(addr));
1259 ASSERT_EQ(ret, 0);
1260
1261 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1262 ASSERT_EQ(ret, 0);
1263
1264 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1265 EXPECT_EQ(ret, -1);
1266 EXPECT_EQ(errno, EEXIST);
1267
1268 close(fd);
1269 close(sfd);
1270}
1271
1272TEST(keysizes) {
1273 struct tls12_crypto_info_aes_gcm_256 tls12;
1274 struct sockaddr_in addr;
1275 int sfd, ret, fd, cfd;
1276 socklen_t len;
1277 bool notls;
1278
1279 notls = false;
1280 len = sizeof(addr);
1281
1282 memset(&tls12, 0, sizeof(tls12));
1283 tls12.info.version = TLS_1_2_VERSION;
1284 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1285
1286 addr.sin_family = AF_INET;
1287 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1288 addr.sin_port = 0;
1289
1290 fd = socket(AF_INET, SOCK_STREAM, 0);
1291 sfd = socket(AF_INET, SOCK_STREAM, 0);
1292
1293 ret = bind(sfd, &addr, sizeof(addr));
1294 ASSERT_EQ(ret, 0);
1295 ret = listen(sfd, 10);
1296 ASSERT_EQ(ret, 0);
1297
1298 ret = getsockname(sfd, &addr, &len);
1299 ASSERT_EQ(ret, 0);
1300
1301 ret = connect(fd, &addr, sizeof(addr));
1302 ASSERT_EQ(ret, 0);
1303
1304 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1305 if (ret != 0) {
1306 notls = true;
1307 printf("Failure setting TCP_ULP, testing without tls\n");
1308 }
1309
1310 if (!notls) {
1311 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1312 sizeof(tls12));
1313 EXPECT_EQ(ret, 0);
1314 }
1315
1316 cfd = accept(sfd, &addr, &len);
1317 ASSERT_GE(cfd, 0);
1318
1319 if (!notls) {
1320 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1321 sizeof("tls"));
1322 EXPECT_EQ(ret, 0);
1323
1324 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1325 sizeof(tls12));
1326 EXPECT_EQ(ret, 0);
1327 }
1328
1329 close(sfd);
1330 close(fd);
1331 close(cfd);
1332}
1333
1334TEST_HARNESS_MAIN
1335
