1
2
3#define _GNU_SOURCE
4
5#include <arpa/inet.h>
6#include <errno.h>
7#include <error.h>
8#include <fcntl.h>
9#include <poll.h>
10#include <stdio.h>
11#include <stdlib.h>
12#include <unistd.h>
13
14#include <linux/tls.h>
15#include <linux/tcp.h>
16#include <linux/socket.h>
17
18#include <sys/types.h>
19#include <sys/sendfile.h>
20#include <sys/socket.h>
21#include <sys/stat.h>
22
23#include "../kselftest_harness.h"
24
25#define TLS_PAYLOAD_MAX_LEN 16384
26#define SOL_TLS 282
27
28struct tls_crypto_info_keys {
29 union {
30 struct tls12_crypto_info_aes_gcm_128 aes128;
31 struct tls12_crypto_info_chacha20_poly1305 chacha20;
32 };
33 size_t len;
34};
35
36static void tls_crypto_info_init(uint16_t tls_version, uint16_t cipher_type,
37 struct tls_crypto_info_keys *tls12)
38{
39 memset(tls12, 0, sizeof(*tls12));
40
41 switch (cipher_type) {
42 case TLS_CIPHER_CHACHA20_POLY1305:
43 tls12->len = sizeof(struct tls12_crypto_info_chacha20_poly1305);
44 tls12->chacha20.info.version = tls_version;
45 tls12->chacha20.info.cipher_type = cipher_type;
46 break;
47 case TLS_CIPHER_AES_GCM_128:
48 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_128);
49 tls12->aes128.info.version = tls_version;
50 tls12->aes128.info.cipher_type = cipher_type;
51 break;
52 default:
53 break;
54 }
55}
56
57static void memrnd(void *s, size_t n)
58{
59 int *dword = s;
60 char *byte;
61
62 for (; n >= 4; n -= 4)
63 *dword++ = rand();
64 byte = (void *)dword;
65 while (n--)
66 *byte++ = rand();
67}
68
69FIXTURE(tls_basic)
70{
71 int fd, cfd;
72 bool notls;
73};
74
75FIXTURE_SETUP(tls_basic)
76{
77 struct sockaddr_in addr;
78 socklen_t len;
79 int sfd, ret;
80
81 self->notls = false;
82 len = sizeof(addr);
83
84 addr.sin_family = AF_INET;
85 addr.sin_addr.s_addr = htonl(INADDR_ANY);
86 addr.sin_port = 0;
87
88 self->fd = socket(AF_INET, SOCK_STREAM, 0);
89 sfd = socket(AF_INET, SOCK_STREAM, 0);
90
91 ret = bind(sfd, &addr, sizeof(addr));
92 ASSERT_EQ(ret, 0);
93 ret = listen(sfd, 10);
94 ASSERT_EQ(ret, 0);
95
96 ret = getsockname(sfd, &addr, &len);
97 ASSERT_EQ(ret, 0);
98
99 ret = connect(self->fd, &addr, sizeof(addr));
100 ASSERT_EQ(ret, 0);
101
102 self->cfd = accept(sfd, &addr, &len);
103 ASSERT_GE(self->cfd, 0);
104
105 close(sfd);
106
107 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
108 if (ret != 0) {
109 ASSERT_EQ(errno, ENOENT);
110 self->notls = true;
111 printf("Failure setting TCP_ULP, testing without tls\n");
112 return;
113 }
114
115 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
116 ASSERT_EQ(ret, 0);
117}
118
119FIXTURE_TEARDOWN(tls_basic)
120{
121 close(self->fd);
122 close(self->cfd);
123}
124
125
126TEST_F(tls_basic, base_base)
127{
128 char const *test_str = "test_read";
129 int send_len = 10;
130 char buf[10];
131
132 ASSERT_EQ(strlen(test_str) + 1, send_len);
133
134 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
135 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
136 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
137};
138
139FIXTURE(tls)
140{
141 int fd, cfd;
142 bool notls;
143};
144
145FIXTURE_VARIANT(tls)
146{
147 uint16_t tls_version;
148 uint16_t cipher_type;
149};
150
151FIXTURE_VARIANT_ADD(tls, 12_gcm)
152{
153 .tls_version = TLS_1_2_VERSION,
154 .cipher_type = TLS_CIPHER_AES_GCM_128,
155};
156
157FIXTURE_VARIANT_ADD(tls, 13_gcm)
158{
159 .tls_version = TLS_1_3_VERSION,
160 .cipher_type = TLS_CIPHER_AES_GCM_128,
161};
162
163FIXTURE_VARIANT_ADD(tls, 12_chacha)
164{
165 .tls_version = TLS_1_2_VERSION,
166 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305,
167};
168
169FIXTURE_VARIANT_ADD(tls, 13_chacha)
170{
171 .tls_version = TLS_1_3_VERSION,
172 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305,
173};
174
175FIXTURE_SETUP(tls)
176{
177 struct tls_crypto_info_keys tls12;
178 struct sockaddr_in addr;
179 socklen_t len;
180 int sfd, ret;
181
182 self->notls = false;
183 len = sizeof(addr);
184
185 tls_crypto_info_init(variant->tls_version, variant->cipher_type,
186 &tls12);
187
188 addr.sin_family = AF_INET;
189 addr.sin_addr.s_addr = htonl(INADDR_ANY);
190 addr.sin_port = 0;
191
192 self->fd = socket(AF_INET, SOCK_STREAM, 0);
193 sfd = socket(AF_INET, SOCK_STREAM, 0);
194
195 ret = bind(sfd, &addr, sizeof(addr));
196 ASSERT_EQ(ret, 0);
197 ret = listen(sfd, 10);
198 ASSERT_EQ(ret, 0);
199
200 ret = getsockname(sfd, &addr, &len);
201 ASSERT_EQ(ret, 0);
202
203 ret = connect(self->fd, &addr, sizeof(addr));
204 ASSERT_EQ(ret, 0);
205
206 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
207 if (ret != 0) {
208 self->notls = true;
209 printf("Failure setting TCP_ULP, testing without tls\n");
210 }
211
212 if (!self->notls) {
213 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
214 tls12.len);
215 ASSERT_EQ(ret, 0);
216 }
217
218 self->cfd = accept(sfd, &addr, &len);
219 ASSERT_GE(self->cfd, 0);
220
221 if (!self->notls) {
222 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
223 sizeof("tls"));
224 ASSERT_EQ(ret, 0);
225
226 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
227 tls12.len);
228 ASSERT_EQ(ret, 0);
229 }
230
231 close(sfd);
232}
233
234FIXTURE_TEARDOWN(tls)
235{
236 close(self->fd);
237 close(self->cfd);
238}
239
240TEST_F(tls, sendfile)
241{
242 int filefd = open("/proc/self/exe", O_RDONLY);
243 struct stat st;
244
245 EXPECT_GE(filefd, 0);
246 fstat(filefd, &st);
247 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
248}
249
250TEST_F(tls, send_then_sendfile)
251{
252 int filefd = open("/proc/self/exe", O_RDONLY);
253 char const *test_str = "test_send";
254 int to_send = strlen(test_str) + 1;
255 char recv_buf[10];
256 struct stat st;
257 char *buf;
258
259 EXPECT_GE(filefd, 0);
260 fstat(filefd, &st);
261 buf = (char *)malloc(st.st_size);
262
263 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
264 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
265 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
266
267 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
268 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
269}
270
271static void chunked_sendfile(struct __test_metadata *_metadata,
272 struct _test_data_tls *self,
273 uint16_t chunk_size,
274 uint16_t extra_payload_size)
275{
276 char buf[TLS_PAYLOAD_MAX_LEN];
277 uint16_t test_payload_size;
278 int size = 0;
279 int ret;
280 char filename[] = "/tmp/mytemp.XXXXXX";
281 int fd = mkstemp(filename);
282 off_t offset = 0;
283
284 unlink(filename);
285 ASSERT_GE(fd, 0);
286 EXPECT_GE(chunk_size, 1);
287 test_payload_size = chunk_size + extra_payload_size;
288 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size);
289 memset(buf, 1, test_payload_size);
290 size = write(fd, buf, test_payload_size);
291 EXPECT_EQ(size, test_payload_size);
292 fsync(fd);
293
294 while (size > 0) {
295 ret = sendfile(self->fd, fd, &offset, chunk_size);
296 EXPECT_GE(ret, 0);
297 size -= ret;
298 }
299
300 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL),
301 test_payload_size);
302
303 close(fd);
304}
305
306TEST_F(tls, multi_chunk_sendfile)
307{
308 chunked_sendfile(_metadata, self, 4096, 4096);
309 chunked_sendfile(_metadata, self, 4096, 0);
310 chunked_sendfile(_metadata, self, 4096, 1);
311 chunked_sendfile(_metadata, self, 4096, 2048);
312 chunked_sendfile(_metadata, self, 8192, 2048);
313 chunked_sendfile(_metadata, self, 4096, 8192);
314 chunked_sendfile(_metadata, self, 8192, 4096);
315 chunked_sendfile(_metadata, self, 12288, 1024);
316 chunked_sendfile(_metadata, self, 12288, 2000);
317 chunked_sendfile(_metadata, self, 15360, 100);
318 chunked_sendfile(_metadata, self, 15360, 300);
319 chunked_sendfile(_metadata, self, 1, 4096);
320 chunked_sendfile(_metadata, self, 2048, 4096);
321 chunked_sendfile(_metadata, self, 2048, 8192);
322 chunked_sendfile(_metadata, self, 4096, 8192);
323 chunked_sendfile(_metadata, self, 1024, 12288);
324 chunked_sendfile(_metadata, self, 2000, 12288);
325 chunked_sendfile(_metadata, self, 100, 15360);
326 chunked_sendfile(_metadata, self, 300, 15360);
327}
328
329TEST_F(tls, recv_max)
330{
331 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
332 char recv_mem[TLS_PAYLOAD_MAX_LEN];
333 char buf[TLS_PAYLOAD_MAX_LEN];
334
335 memrnd(buf, sizeof(buf));
336
337 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
338 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
339 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
340}
341
342TEST_F(tls, recv_small)
343{
344 char const *test_str = "test_read";
345 int send_len = 10;
346 char buf[10];
347
348 send_len = strlen(test_str) + 1;
349 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
350 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
351 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
352}
353
354TEST_F(tls, msg_more)
355{
356 char const *test_str = "test_read";
357 int send_len = 10;
358 char buf[10 * 2];
359
360 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
361 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
362 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
363 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
364 send_len * 2);
365 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
366}
367
368TEST_F(tls, msg_more_unsent)
369{
370 char const *test_str = "test_read";
371 int send_len = 10;
372 char buf[10];
373
374 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
375 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
376}
377
378TEST_F(tls, sendmsg_single)
379{
380 struct msghdr msg;
381
382 char const *test_str = "test_sendmsg";
383 size_t send_len = 13;
384 struct iovec vec;
385 char buf[13];
386
387 vec.iov_base = (char *)test_str;
388 vec.iov_len = send_len;
389 memset(&msg, 0, sizeof(struct msghdr));
390 msg.msg_iov = &vec;
391 msg.msg_iovlen = 1;
392 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
393 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
394 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
395}
396
397#define MAX_FRAGS 64
398#define SEND_LEN 13
399TEST_F(tls, sendmsg_fragmented)
400{
401 char const *test_str = "test_sendmsg";
402 char buf[SEND_LEN * MAX_FRAGS];
403 struct iovec vec[MAX_FRAGS];
404 struct msghdr msg;
405 int i, frags;
406
407 for (frags = 1; frags <= MAX_FRAGS; frags++) {
408 for (i = 0; i < frags; i++) {
409 vec[i].iov_base = (char *)test_str;
410 vec[i].iov_len = SEND_LEN;
411 }
412
413 memset(&msg, 0, sizeof(struct msghdr));
414 msg.msg_iov = vec;
415 msg.msg_iovlen = frags;
416
417 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags);
418 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL),
419 SEND_LEN * frags);
420
421 for (i = 0; i < frags; i++)
422 EXPECT_EQ(memcmp(buf + SEND_LEN * i,
423 test_str, SEND_LEN), 0);
424 }
425}
426#undef MAX_FRAGS
427#undef SEND_LEN
428
429TEST_F(tls, sendmsg_large)
430{
431 void *mem = malloc(16384);
432 size_t send_len = 16384;
433 size_t sends = 128;
434 struct msghdr msg;
435 size_t recvs = 0;
436 size_t sent = 0;
437
438 memset(&msg, 0, sizeof(struct msghdr));
439 while (sent++ < sends) {
440 struct iovec vec = { (void *)mem, send_len };
441
442 msg.msg_iov = &vec;
443 msg.msg_iovlen = 1;
444 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len);
445 }
446
447 while (recvs++ < sends) {
448 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1);
449 }
450
451 free(mem);
452}
453
454TEST_F(tls, sendmsg_multiple)
455{
456 char const *test_str = "test_sendmsg_multiple";
457 struct iovec vec[5];
458 char *test_strs[5];
459 struct msghdr msg;
460 int total_len = 0;
461 int len_cmp = 0;
462 int iov_len = 5;
463 char *buf;
464 int i;
465
466 memset(&msg, 0, sizeof(struct msghdr));
467 for (i = 0; i < iov_len; i++) {
468 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
469 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
470 vec[i].iov_base = (void *)test_strs[i];
471 vec[i].iov_len = strlen(test_strs[i]) + 1;
472 total_len += vec[i].iov_len;
473 }
474 msg.msg_iov = vec;
475 msg.msg_iovlen = iov_len;
476
477 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len);
478 buf = malloc(total_len);
479 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1);
480 for (i = 0; i < iov_len; i++) {
481 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
482 strlen(test_strs[i])),
483 0);
484 len_cmp += strlen(buf + len_cmp) + 1;
485 }
486 for (i = 0; i < iov_len; i++)
487 free(test_strs[i]);
488 free(buf);
489}
490
491TEST_F(tls, sendmsg_multiple_stress)
492{
493 char const *test_str = "abcdefghijklmno";
494 struct iovec vec[1024];
495 char *test_strs[1024];
496 int iov_len = 1024;
497 int total_len = 0;
498 char buf[1 << 14];
499 struct msghdr msg;
500 int len_cmp = 0;
501 int i;
502
503 memset(&msg, 0, sizeof(struct msghdr));
504 for (i = 0; i < iov_len; i++) {
505 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
506 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
507 vec[i].iov_base = (void *)test_strs[i];
508 vec[i].iov_len = strlen(test_strs[i]) + 1;
509 total_len += vec[i].iov_len;
510 }
511 msg.msg_iov = vec;
512 msg.msg_iovlen = iov_len;
513
514 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
515 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
516
517 for (i = 0; i < iov_len; i++)
518 len_cmp += strlen(buf + len_cmp) + 1;
519
520 for (i = 0; i < iov_len; i++)
521 free(test_strs[i]);
522}
523
524TEST_F(tls, splice_from_pipe)
525{
526 int send_len = TLS_PAYLOAD_MAX_LEN;
527 char mem_send[TLS_PAYLOAD_MAX_LEN];
528 char mem_recv[TLS_PAYLOAD_MAX_LEN];
529 int p[2];
530
531 ASSERT_GE(pipe(p), 0);
532 EXPECT_GE(write(p[1], mem_send, send_len), 0);
533 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
534 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
535 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
536}
537
538TEST_F(tls, splice_from_pipe2)
539{
540 int send_len = 16000;
541 char mem_send[16000];
542 char mem_recv[16000];
543 int p2[2];
544 int p[2];
545
546 ASSERT_GE(pipe(p), 0);
547 ASSERT_GE(pipe(p2), 0);
548 EXPECT_GE(write(p[1], mem_send, 8000), 0);
549 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
550 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
551 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
552 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
553 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
554}
555
556TEST_F(tls, send_and_splice)
557{
558 int send_len = TLS_PAYLOAD_MAX_LEN;
559 char mem_send[TLS_PAYLOAD_MAX_LEN];
560 char mem_recv[TLS_PAYLOAD_MAX_LEN];
561 char const *test_str = "test_read";
562 int send_len2 = 10;
563 char buf[10];
564 int p[2];
565
566 ASSERT_GE(pipe(p), 0);
567 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
568 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
569 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
570
571 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
572 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
573
574 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
575 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
576}
577
578TEST_F(tls, splice_to_pipe)
579{
580 int send_len = TLS_PAYLOAD_MAX_LEN;
581 char mem_send[TLS_PAYLOAD_MAX_LEN];
582 char mem_recv[TLS_PAYLOAD_MAX_LEN];
583 int p[2];
584
585 ASSERT_GE(pipe(p), 0);
586 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
587 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
588 EXPECT_GE(read(p[0], mem_recv, send_len), 0);
589 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
590}
591
592TEST_F(tls, recvmsg_single)
593{
594 char const *test_str = "test_recvmsg_single";
595 int send_len = strlen(test_str) + 1;
596 char buf[20];
597 struct msghdr hdr;
598 struct iovec vec;
599
600 memset(&hdr, 0, sizeof(hdr));
601 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
602 vec.iov_base = (char *)buf;
603 vec.iov_len = send_len;
604 hdr.msg_iovlen = 1;
605 hdr.msg_iov = &vec;
606 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
607 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
608}
609
610TEST_F(tls, recvmsg_single_max)
611{
612 int send_len = TLS_PAYLOAD_MAX_LEN;
613 char send_mem[TLS_PAYLOAD_MAX_LEN];
614 char recv_mem[TLS_PAYLOAD_MAX_LEN];
615 struct iovec vec;
616 struct msghdr hdr;
617
618 memrnd(send_mem, sizeof(send_mem));
619
620 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
621 vec.iov_base = (char *)recv_mem;
622 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
623
624 hdr.msg_iovlen = 1;
625 hdr.msg_iov = &vec;
626 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
627 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
628}
629
630TEST_F(tls, recvmsg_multiple)
631{
632 unsigned int msg_iovlen = 1024;
633 unsigned int len_compared = 0;
634 struct iovec vec[1024];
635 char *iov_base[1024];
636 unsigned int iov_len = 16;
637 int send_len = 1 << 14;
638 char buf[1 << 14];
639 struct msghdr hdr;
640 int i;
641
642 memrnd(buf, sizeof(buf));
643
644 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
645 for (i = 0; i < msg_iovlen; i++) {
646 iov_base[i] = (char *)malloc(iov_len);
647 vec[i].iov_base = iov_base[i];
648 vec[i].iov_len = iov_len;
649 }
650
651 hdr.msg_iovlen = msg_iovlen;
652 hdr.msg_iov = vec;
653 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
654 for (i = 0; i < msg_iovlen; i++)
655 len_compared += iov_len;
656
657 for (i = 0; i < msg_iovlen; i++)
658 free(iov_base[i]);
659}
660
661TEST_F(tls, single_send_multiple_recv)
662{
663 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
664 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
665 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
666 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
667
668 memrnd(send_mem, sizeof(send_mem));
669
670 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
671 memset(recv_mem, 0, total_len);
672
673 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
674 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
675 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
676}
677
678TEST_F(tls, multiple_send_single_recv)
679{
680 unsigned int total_len = 2 * 10;
681 unsigned int send_len = 10;
682 char recv_mem[2 * 10];
683 char send_mem[10];
684
685 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
686 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
687 memset(recv_mem, 0, total_len);
688 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
689
690 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
691 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
692}
693
694TEST_F(tls, single_send_multiple_recv_non_align)
695{
696 const unsigned int total_len = 15;
697 const unsigned int recv_len = 10;
698 char recv_mem[recv_len * 2];
699 char send_mem[total_len];
700
701 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
702 memset(recv_mem, 0, total_len);
703
704 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
705 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
706 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
707}
708
709TEST_F(tls, recv_partial)
710{
711 char const *test_str = "test_read_partial";
712 char const *test_str_first = "test_read";
713 char const *test_str_second = "_partial";
714 int send_len = strlen(test_str) + 1;
715 char recv_mem[18];
716
717 memset(recv_mem, 0, sizeof(recv_mem));
718 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
719 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
720 MSG_WAITALL), -1);
721 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
722 memset(recv_mem, 0, sizeof(recv_mem));
723 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
724 MSG_WAITALL), -1);
725 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
726 0);
727}
728
729TEST_F(tls, recv_nonblock)
730{
731 char buf[4096];
732 bool err;
733
734 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
735 err = (errno == EAGAIN || errno == EWOULDBLOCK);
736 EXPECT_EQ(err, true);
737}
738
739TEST_F(tls, recv_peek)
740{
741 char const *test_str = "test_read_peek";
742 int send_len = strlen(test_str) + 1;
743 char buf[15];
744
745 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
746 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
747 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
748 memset(buf, 0, sizeof(buf));
749 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
750 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
751}
752
753TEST_F(tls, recv_peek_multiple)
754{
755 char const *test_str = "test_read_peek";
756 int send_len = strlen(test_str) + 1;
757 unsigned int num_peeks = 100;
758 char buf[15];
759 int i;
760
761 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
762 for (i = 0; i < num_peeks; i++) {
763 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
764 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
765 memset(buf, 0, sizeof(buf));
766 }
767 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
768 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
769}
770
771TEST_F(tls, recv_peek_multiple_records)
772{
773 char const *test_str = "test_read_peek_mult_recs";
774 char const *test_str_first = "test_read_peek";
775 char const *test_str_second = "_mult_recs";
776 int len;
777 char buf[64];
778
779 len = strlen(test_str_first);
780 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
781
782 len = strlen(test_str_second) + 1;
783 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
784
785 len = strlen(test_str_first);
786 memset(buf, 0, len);
787 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
788
789
790 len = strlen(test_str_first);
791 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
792
793 len = strlen(test_str) + 1;
794 memset(buf, 0, len);
795 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
796
797
798
799
800 len = strlen(test_str) + 1;
801 EXPECT_EQ(memcmp(test_str, buf, len), 0);
802
803
804
805
806 len = strlen(test_str_first);
807 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
808
809 len = strlen(test_str_second) + 1;
810 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
811
812 len = strlen(test_str) + 1;
813 memset(buf, 0, len);
814 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
815
816 len = strlen(test_str) + 1;
817 EXPECT_EQ(memcmp(test_str, buf, len), 0);
818}
819
820TEST_F(tls, recv_peek_large_buf_mult_recs)
821{
822 char const *test_str = "test_read_peek_mult_recs";
823 char const *test_str_first = "test_read_peek";
824 char const *test_str_second = "_mult_recs";
825 int len;
826 char buf[64];
827
828 len = strlen(test_str_first);
829 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
830
831 len = strlen(test_str_second) + 1;
832 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
833
834 len = strlen(test_str) + 1;
835 memset(buf, 0, len);
836 EXPECT_NE((len = recv(self->cfd, buf, len,
837 MSG_PEEK | MSG_WAITALL)), -1);
838 len = strlen(test_str) + 1;
839 EXPECT_EQ(memcmp(test_str, buf, len), 0);
840}
841
842TEST_F(tls, recv_lowat)
843{
844 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
845 char recv_mem[20];
846 int lowat = 8;
847
848 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
849 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
850
851 memset(recv_mem, 0, 20);
852 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
853 &lowat, sizeof(lowat)), 0);
854 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
855 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
856 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
857
858 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
859 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
860}
861
862TEST_F(tls, bidir)
863{
864 char const *test_str = "test_read";
865 int send_len = 10;
866 char buf[10];
867 int ret;
868
869 if (!self->notls) {
870 struct tls_crypto_info_keys tls12;
871
872 tls_crypto_info_init(variant->tls_version, variant->cipher_type,
873 &tls12);
874
875 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
876 tls12.len);
877 ASSERT_EQ(ret, 0);
878
879 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
880 tls12.len);
881 ASSERT_EQ(ret, 0);
882 }
883
884 ASSERT_EQ(strlen(test_str) + 1, send_len);
885
886 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
887 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
888 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
889
890 memset(buf, 0, sizeof(buf));
891
892 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
893 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
894 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
895};
896
897TEST_F(tls, pollin)
898{
899 char const *test_str = "test_poll";
900 struct pollfd fd = { 0, 0, 0 };
901 char buf[10];
902 int send_len = 10;
903
904 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
905 fd.fd = self->cfd;
906 fd.events = POLLIN;
907
908 EXPECT_EQ(poll(&fd, 1, 20), 1);
909 EXPECT_EQ(fd.revents & POLLIN, 1);
910 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
911
912 EXPECT_EQ(poll(&fd, 1, 20), 0);
913}
914
915TEST_F(tls, poll_wait)
916{
917 char const *test_str = "test_poll_wait";
918 int send_len = strlen(test_str) + 1;
919 struct pollfd fd = { 0, 0, 0 };
920 char recv_mem[15];
921
922 fd.fd = self->cfd;
923 fd.events = POLLIN;
924 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
925
926 EXPECT_EQ(poll(&fd, 1, -1), 1);
927 EXPECT_EQ(fd.revents & POLLIN, 1);
928 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
929}
930
931TEST_F(tls, poll_wait_split)
932{
933 struct pollfd fd = { 0, 0, 0 };
934 char send_mem[20] = {};
935 char recv_mem[15];
936
937 fd.fd = self->cfd;
938 fd.events = POLLIN;
939
940 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
941 sizeof(send_mem));
942
943 EXPECT_EQ(poll(&fd, 1, -1), 1);
944 EXPECT_EQ(fd.revents & POLLIN, 1);
945 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
946 sizeof(recv_mem));
947
948
949 fd.fd = self->cfd;
950 fd.events = POLLIN;
951 EXPECT_EQ(poll(&fd, 1, -1), 1);
952 EXPECT_EQ(fd.revents & POLLIN, 1);
953 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
954 sizeof(send_mem) - sizeof(recv_mem));
955}
956
957TEST_F(tls, blocking)
958{
959 size_t data = 100000;
960 int res = fork();
961
962 EXPECT_NE(res, -1);
963
964 if (res) {
965
966 size_t left = data;
967 char buf[16384];
968 int status;
969 int pid2;
970
971 while (left) {
972 int res = send(self->fd, buf,
973 left > 16384 ? 16384 : left, 0);
974
975 EXPECT_GE(res, 0);
976 left -= res;
977 }
978
979 pid2 = wait(&status);
980 EXPECT_EQ(status, 0);
981 EXPECT_EQ(res, pid2);
982 } else {
983
984 size_t left = data;
985 char buf[16384];
986
987 while (left) {
988 int res = recv(self->cfd, buf,
989 left > 16384 ? 16384 : left, 0);
990
991 EXPECT_GE(res, 0);
992 left -= res;
993 }
994 }
995}
996
997TEST_F(tls, nonblocking)
998{
999 size_t data = 100000;
1000 int sendbuf = 100;
1001 int flags;
1002 int res;
1003
1004 flags = fcntl(self->fd, F_GETFL, 0);
1005 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
1006 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
1007
1008
1009
1010
1011 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
1012 &sendbuf, sizeof(sendbuf)), 0);
1013
1014 res = fork();
1015 EXPECT_NE(res, -1);
1016
1017 if (res) {
1018
1019 bool eagain = false;
1020 size_t left = data;
1021 char buf[16384];
1022 int status;
1023 int pid2;
1024
1025 while (left) {
1026 int res = send(self->fd, buf,
1027 left > 16384 ? 16384 : left, 0);
1028
1029 if (res == -1 && errno == EAGAIN) {
1030 eagain = true;
1031 usleep(10000);
1032 continue;
1033 }
1034 EXPECT_GE(res, 0);
1035 left -= res;
1036 }
1037
1038 EXPECT_TRUE(eagain);
1039 pid2 = wait(&status);
1040
1041 EXPECT_EQ(status, 0);
1042 EXPECT_EQ(res, pid2);
1043 } else {
1044
1045 bool eagain = false;
1046 size_t left = data;
1047 char buf[16384];
1048
1049 while (left) {
1050 int res = recv(self->cfd, buf,
1051 left > 16384 ? 16384 : left, 0);
1052
1053 if (res == -1 && errno == EAGAIN) {
1054 eagain = true;
1055 usleep(10000);
1056 continue;
1057 }
1058 EXPECT_GE(res, 0);
1059 left -= res;
1060 }
1061 EXPECT_TRUE(eagain);
1062 }
1063}
1064
1065static void
1066test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self,
1067 bool sendpg, unsigned int n_readers, unsigned int n_writers)
1068{
1069 const unsigned int n_children = n_readers + n_writers;
1070 const size_t data = 6 * 1000 * 1000;
1071 const size_t file_sz = data / 100;
1072 size_t read_bias, write_bias;
1073 int i, fd, child_id;
1074 char buf[file_sz];
1075 pid_t pid;
1076
1077
1078 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true);
1079 read_bias = n_writers / n_readers ?: 1;
1080 write_bias = n_readers / n_writers ?: 1;
1081
1082
1083 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600);
1084 ASSERT_GE(fd, 0);
1085
1086 memset(buf, 0xac, file_sz);
1087 ASSERT_EQ(write(fd, buf, file_sz), file_sz);
1088
1089
1090 for (child_id = 0; child_id < n_children; child_id++) {
1091 pid = fork();
1092 ASSERT_NE(pid, -1);
1093 if (!pid)
1094 break;
1095 }
1096
1097
1098 if (pid) {
1099 for (i = 0; i < n_children; i++) {
1100 int status;
1101
1102 wait(&status);
1103 EXPECT_EQ(status, 0);
1104 }
1105
1106 return;
1107 }
1108
1109
1110 if (child_id < n_readers) {
1111 size_t left = data * read_bias;
1112 char rb[8001];
1113
1114 while (left) {
1115 int res;
1116
1117 res = recv(self->cfd, rb,
1118 left > sizeof(rb) ? sizeof(rb) : left, 0);
1119
1120 EXPECT_GE(res, 0);
1121 left -= res;
1122 }
1123 } else {
1124 size_t left = data * write_bias;
1125
1126 while (left) {
1127 int res;
1128
1129 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0);
1130 if (sendpg)
1131 res = sendfile(self->fd, fd, NULL,
1132 left > file_sz ? file_sz : left);
1133 else
1134 res = send(self->fd, buf,
1135 left > file_sz ? file_sz : left, 0);
1136
1137 EXPECT_GE(res, 0);
1138 left -= res;
1139 }
1140 }
1141}
1142
1143TEST_F(tls, mutliproc_even)
1144{
1145 test_mutliproc(_metadata, self, false, 6, 6);
1146}
1147
1148TEST_F(tls, mutliproc_readers)
1149{
1150 test_mutliproc(_metadata, self, false, 4, 12);
1151}
1152
1153TEST_F(tls, mutliproc_writers)
1154{
1155 test_mutliproc(_metadata, self, false, 10, 2);
1156}
1157
1158TEST_F(tls, mutliproc_sendpage_even)
1159{
1160 test_mutliproc(_metadata, self, true, 6, 6);
1161}
1162
1163TEST_F(tls, mutliproc_sendpage_readers)
1164{
1165 test_mutliproc(_metadata, self, true, 4, 12);
1166}
1167
1168TEST_F(tls, mutliproc_sendpage_writers)
1169{
1170 test_mutliproc(_metadata, self, true, 10, 2);
1171}
1172
1173TEST_F(tls, control_msg)
1174{
1175 if (self->notls)
1176 return;
1177
1178 char cbuf[CMSG_SPACE(sizeof(char))];
1179 char const *test_str = "test_read";
1180 int cmsg_len = sizeof(char);
1181 char record_type = 100;
1182 struct cmsghdr *cmsg;
1183 struct msghdr msg;
1184 int send_len = 10;
1185 struct iovec vec;
1186 char buf[10];
1187
1188 vec.iov_base = (char *)test_str;
1189 vec.iov_len = 10;
1190 memset(&msg, 0, sizeof(struct msghdr));
1191 msg.msg_iov = &vec;
1192 msg.msg_iovlen = 1;
1193 msg.msg_control = cbuf;
1194 msg.msg_controllen = sizeof(cbuf);
1195 cmsg = CMSG_FIRSTHDR(&msg);
1196 cmsg->cmsg_level = SOL_TLS;
1197
1198 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
1199 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
1200 *CMSG_DATA(cmsg) = record_type;
1201 msg.msg_controllen = cmsg->cmsg_len;
1202
1203 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
1204
1205 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
1206
1207 vec.iov_base = buf;
1208 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
1209
1210 cmsg = CMSG_FIRSTHDR(&msg);
1211 EXPECT_NE(cmsg, NULL);
1212 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1213 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1214 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1215 EXPECT_EQ(record_type, 100);
1216 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1217
1218
1219 record_type = 0;
1220 memset(buf, 0, sizeof(buf));
1221
1222 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
1223 cmsg = CMSG_FIRSTHDR(&msg);
1224 EXPECT_NE(cmsg, NULL);
1225 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1226 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1227 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1228 EXPECT_EQ(record_type, 100);
1229 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1230}
1231
1232TEST_F(tls, shutdown)
1233{
1234 char const *test_str = "test_read";
1235 int send_len = 10;
1236 char buf[10];
1237
1238 ASSERT_EQ(strlen(test_str) + 1, send_len);
1239
1240 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1241 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1242 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1243
1244 shutdown(self->fd, SHUT_RDWR);
1245 shutdown(self->cfd, SHUT_RDWR);
1246}
1247
1248TEST_F(tls, shutdown_unsent)
1249{
1250 char const *test_str = "test_read";
1251 int send_len = 10;
1252
1253 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
1254
1255 shutdown(self->fd, SHUT_RDWR);
1256 shutdown(self->cfd, SHUT_RDWR);
1257}
1258
1259TEST_F(tls, shutdown_reuse)
1260{
1261 struct sockaddr_in addr;
1262 int ret;
1263
1264 shutdown(self->fd, SHUT_RDWR);
1265 shutdown(self->cfd, SHUT_RDWR);
1266 close(self->cfd);
1267
1268 addr.sin_family = AF_INET;
1269 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1270 addr.sin_port = 0;
1271
1272 ret = bind(self->fd, &addr, sizeof(addr));
1273 EXPECT_EQ(ret, 0);
1274 ret = listen(self->fd, 10);
1275 EXPECT_EQ(ret, -1);
1276 EXPECT_EQ(errno, EINVAL);
1277
1278 ret = connect(self->fd, &addr, sizeof(addr));
1279 EXPECT_EQ(ret, -1);
1280 EXPECT_EQ(errno, EISCONN);
1281}
1282
1283TEST(non_established) {
1284 struct tls12_crypto_info_aes_gcm_256 tls12;
1285 struct sockaddr_in addr;
1286 int sfd, ret, fd;
1287 socklen_t len;
1288
1289 len = sizeof(addr);
1290
1291 memset(&tls12, 0, sizeof(tls12));
1292 tls12.info.version = TLS_1_2_VERSION;
1293 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1294
1295 addr.sin_family = AF_INET;
1296 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1297 addr.sin_port = 0;
1298
1299 fd = socket(AF_INET, SOCK_STREAM, 0);
1300 sfd = socket(AF_INET, SOCK_STREAM, 0);
1301
1302 ret = bind(sfd, &addr, sizeof(addr));
1303 ASSERT_EQ(ret, 0);
1304 ret = listen(sfd, 10);
1305 ASSERT_EQ(ret, 0);
1306
1307 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1308 EXPECT_EQ(ret, -1);
1309
1310 if (errno == ENOENT)
1311 return;
1312 EXPECT_EQ(errno, ENOTCONN);
1313
1314 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1315 EXPECT_EQ(ret, -1);
1316 EXPECT_EQ(errno, ENOTCONN);
1317
1318 ret = getsockname(sfd, &addr, &len);
1319 ASSERT_EQ(ret, 0);
1320
1321 ret = connect(fd, &addr, sizeof(addr));
1322 ASSERT_EQ(ret, 0);
1323
1324 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1325 ASSERT_EQ(ret, 0);
1326
1327 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1328 EXPECT_EQ(ret, -1);
1329 EXPECT_EQ(errno, EEXIST);
1330
1331 close(fd);
1332 close(sfd);
1333}
1334
1335TEST(keysizes) {
1336 struct tls12_crypto_info_aes_gcm_256 tls12;
1337 struct sockaddr_in addr;
1338 int sfd, ret, fd, cfd;
1339 socklen_t len;
1340 bool notls;
1341
1342 notls = false;
1343 len = sizeof(addr);
1344
1345 memset(&tls12, 0, sizeof(tls12));
1346 tls12.info.version = TLS_1_2_VERSION;
1347 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1348
1349 addr.sin_family = AF_INET;
1350 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1351 addr.sin_port = 0;
1352
1353 fd = socket(AF_INET, SOCK_STREAM, 0);
1354 sfd = socket(AF_INET, SOCK_STREAM, 0);
1355
1356 ret = bind(sfd, &addr, sizeof(addr));
1357 ASSERT_EQ(ret, 0);
1358 ret = listen(sfd, 10);
1359 ASSERT_EQ(ret, 0);
1360
1361 ret = getsockname(sfd, &addr, &len);
1362 ASSERT_EQ(ret, 0);
1363
1364 ret = connect(fd, &addr, sizeof(addr));
1365 ASSERT_EQ(ret, 0);
1366
1367 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1368 if (ret != 0) {
1369 notls = true;
1370 printf("Failure setting TCP_ULP, testing without tls\n");
1371 }
1372
1373 if (!notls) {
1374 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1375 sizeof(tls12));
1376 EXPECT_EQ(ret, 0);
1377 }
1378
1379 cfd = accept(sfd, &addr, &len);
1380 ASSERT_GE(cfd, 0);
1381
1382 if (!notls) {
1383 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1384 sizeof("tls"));
1385 EXPECT_EQ(ret, 0);
1386
1387 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1388 sizeof(tls12));
1389 EXPECT_EQ(ret, 0);
1390 }
1391
1392 close(sfd);
1393 close(fd);
1394 close(cfd);
1395}
1396
1397TEST_HARNESS_MAIN
1398
