1
2
3#define _GNU_SOURCE
4
5#include <arpa/inet.h>
6#include <errno.h>
7#include <error.h>
8#include <fcntl.h>
9#include <poll.h>
10#include <stdio.h>
11#include <stdlib.h>
12#include <unistd.h>
13
14#include <linux/tls.h>
15#include <linux/tcp.h>
16#include <linux/socket.h>
17
18#include <sys/types.h>
19#include <sys/sendfile.h>
20#include <sys/socket.h>
21#include <sys/stat.h>
22
23#include "../kselftest_harness.h"
24
25#define TLS_PAYLOAD_MAX_LEN 16384
26#define SOL_TLS 282
27
28#ifndef ENOTSUPP
29#define ENOTSUPP 524
30#endif
31
32FIXTURE(tls_basic)
33{
34 int fd, cfd;
35 bool notls;
36};
37
38FIXTURE_SETUP(tls_basic)
39{
40 struct sockaddr_in addr;
41 socklen_t len;
42 int sfd, ret;
43
44 self->notls = false;
45 len = sizeof(addr);
46
47 addr.sin_family = AF_INET;
48 addr.sin_addr.s_addr = htonl(INADDR_ANY);
49 addr.sin_port = 0;
50
51 self->fd = socket(AF_INET, SOCK_STREAM, 0);
52 sfd = socket(AF_INET, SOCK_STREAM, 0);
53
54 ret = bind(sfd, &addr, sizeof(addr));
55 ASSERT_EQ(ret, 0);
56 ret = listen(sfd, 10);
57 ASSERT_EQ(ret, 0);
58
59 ret = getsockname(sfd, &addr, &len);
60 ASSERT_EQ(ret, 0);
61
62 ret = connect(self->fd, &addr, sizeof(addr));
63 ASSERT_EQ(ret, 0);
64
65 self->cfd = accept(sfd, &addr, &len);
66 ASSERT_GE(self->cfd, 0);
67
68 close(sfd);
69
70 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
71 if (ret != 0) {
72 ASSERT_EQ(errno, ENOENT);
73 self->notls = true;
74 printf("Failure setting TCP_ULP, testing without tls\n");
75 return;
76 }
77
78 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
79 ASSERT_EQ(ret, 0);
80}
81
82FIXTURE_TEARDOWN(tls_basic)
83{
84 close(self->fd);
85 close(self->cfd);
86}
87
88
89TEST_F(tls_basic, base_base)
90{
91 char const *test_str = "test_read";
92 int send_len = 10;
93 char buf[10];
94
95 ASSERT_EQ(strlen(test_str) + 1, send_len);
96
97 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
98 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
99 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
100};
101
102FIXTURE(tls)
103{
104 int fd, cfd;
105 bool notls;
106};
107
108FIXTURE_SETUP(tls)
109{
110 struct tls12_crypto_info_aes_gcm_128 tls12;
111 struct sockaddr_in addr;
112 socklen_t len;
113 int sfd, ret;
114
115 self->notls = false;
116 len = sizeof(addr);
117
118 memset(&tls12, 0, sizeof(tls12));
119 tls12.info.version = TLS_1_3_VERSION;
120 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
121
122 addr.sin_family = AF_INET;
123 addr.sin_addr.s_addr = htonl(INADDR_ANY);
124 addr.sin_port = 0;
125
126 self->fd = socket(AF_INET, SOCK_STREAM, 0);
127 sfd = socket(AF_INET, SOCK_STREAM, 0);
128
129 ret = bind(sfd, &addr, sizeof(addr));
130 ASSERT_EQ(ret, 0);
131 ret = listen(sfd, 10);
132 ASSERT_EQ(ret, 0);
133
134 ret = getsockname(sfd, &addr, &len);
135 ASSERT_EQ(ret, 0);
136
137 ret = connect(self->fd, &addr, sizeof(addr));
138 ASSERT_EQ(ret, 0);
139
140 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
141 if (ret != 0) {
142 self->notls = true;
143 printf("Failure setting TCP_ULP, testing without tls\n");
144 }
145
146 if (!self->notls) {
147 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
148 sizeof(tls12));
149 ASSERT_EQ(ret, 0);
150 }
151
152 self->cfd = accept(sfd, &addr, &len);
153 ASSERT_GE(self->cfd, 0);
154
155 if (!self->notls) {
156 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
157 sizeof("tls"));
158 ASSERT_EQ(ret, 0);
159
160 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
161 sizeof(tls12));
162 ASSERT_EQ(ret, 0);
163 }
164
165 close(sfd);
166}
167
168FIXTURE_TEARDOWN(tls)
169{
170 close(self->fd);
171 close(self->cfd);
172}
173
174TEST_F(tls, sendfile)
175{
176 int filefd = open("/proc/self/exe", O_RDONLY);
177 struct stat st;
178
179 EXPECT_GE(filefd, 0);
180 fstat(filefd, &st);
181 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
182}
183
184TEST_F(tls, send_then_sendfile)
185{
186 int filefd = open("/proc/self/exe", O_RDONLY);
187 char const *test_str = "test_send";
188 int to_send = strlen(test_str) + 1;
189 char recv_buf[10];
190 struct stat st;
191 char *buf;
192
193 EXPECT_GE(filefd, 0);
194 fstat(filefd, &st);
195 buf = (char *)malloc(st.st_size);
196
197 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
198 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
199 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
200
201 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
202 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
203}
204
205TEST_F(tls, recv_max)
206{
207 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
208 char recv_mem[TLS_PAYLOAD_MAX_LEN];
209 char buf[TLS_PAYLOAD_MAX_LEN];
210
211 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
212 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
213 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
214}
215
216TEST_F(tls, recv_small)
217{
218 char const *test_str = "test_read";
219 int send_len = 10;
220 char buf[10];
221
222 send_len = strlen(test_str) + 1;
223 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
224 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
225 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
226}
227
228TEST_F(tls, msg_more)
229{
230 char const *test_str = "test_read";
231 int send_len = 10;
232 char buf[10 * 2];
233
234 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
235 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
236 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
237 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
238 send_len * 2);
239 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
240}
241
242TEST_F(tls, msg_more_unsent)
243{
244 char const *test_str = "test_read";
245 int send_len = 10;
246 char buf[10];
247
248 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
249 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
250}
251
252TEST_F(tls, sendmsg_single)
253{
254 struct msghdr msg;
255
256 char const *test_str = "test_sendmsg";
257 size_t send_len = 13;
258 struct iovec vec;
259 char buf[13];
260
261 vec.iov_base = (char *)test_str;
262 vec.iov_len = send_len;
263 memset(&msg, 0, sizeof(struct msghdr));
264 msg.msg_iov = &vec;
265 msg.msg_iovlen = 1;
266 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
267 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
268 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
269}
270
271TEST_F(tls, sendmsg_large)
272{
273 void *mem = malloc(16384);
274 size_t send_len = 16384;
275 size_t sends = 128;
276 struct msghdr msg;
277 size_t recvs = 0;
278 size_t sent = 0;
279
280 memset(&msg, 0, sizeof(struct msghdr));
281 while (sent++ < sends) {
282 struct iovec vec = { (void *)mem, send_len };
283
284 msg.msg_iov = &vec;
285 msg.msg_iovlen = 1;
286 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len);
287 }
288
289 while (recvs++ < sends)
290 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1);
291
292 free(mem);
293}
294
295TEST_F(tls, sendmsg_multiple)
296{
297 char const *test_str = "test_sendmsg_multiple";
298 struct iovec vec[5];
299 char *test_strs[5];
300 struct msghdr msg;
301 int total_len = 0;
302 int len_cmp = 0;
303 int iov_len = 5;
304 char *buf;
305 int i;
306
307 memset(&msg, 0, sizeof(struct msghdr));
308 for (i = 0; i < iov_len; i++) {
309 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
310 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
311 vec[i].iov_base = (void *)test_strs[i];
312 vec[i].iov_len = strlen(test_strs[i]) + 1;
313 total_len += vec[i].iov_len;
314 }
315 msg.msg_iov = vec;
316 msg.msg_iovlen = iov_len;
317
318 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len);
319 buf = malloc(total_len);
320 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1);
321 for (i = 0; i < iov_len; i++) {
322 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
323 strlen(test_strs[i])),
324 0);
325 len_cmp += strlen(buf + len_cmp) + 1;
326 }
327 for (i = 0; i < iov_len; i++)
328 free(test_strs[i]);
329 free(buf);
330}
331
332TEST_F(tls, sendmsg_multiple_stress)
333{
334 char const *test_str = "abcdefghijklmno";
335 struct iovec vec[1024];
336 char *test_strs[1024];
337 int iov_len = 1024;
338 int total_len = 0;
339 char buf[1 << 14];
340 struct msghdr msg;
341 int len_cmp = 0;
342 int i;
343
344 memset(&msg, 0, sizeof(struct msghdr));
345 for (i = 0; i < iov_len; i++) {
346 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
347 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
348 vec[i].iov_base = (void *)test_strs[i];
349 vec[i].iov_len = strlen(test_strs[i]) + 1;
350 total_len += vec[i].iov_len;
351 }
352 msg.msg_iov = vec;
353 msg.msg_iovlen = iov_len;
354
355 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
356 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
357
358 for (i = 0; i < iov_len; i++)
359 len_cmp += strlen(buf + len_cmp) + 1;
360
361 for (i = 0; i < iov_len; i++)
362 free(test_strs[i]);
363}
364
365TEST_F(tls, splice_from_pipe)
366{
367 int send_len = TLS_PAYLOAD_MAX_LEN;
368 char mem_send[TLS_PAYLOAD_MAX_LEN];
369 char mem_recv[TLS_PAYLOAD_MAX_LEN];
370 int p[2];
371
372 ASSERT_GE(pipe(p), 0);
373 EXPECT_GE(write(p[1], mem_send, send_len), 0);
374 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
375 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
376 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
377}
378
379TEST_F(tls, splice_from_pipe2)
380{
381 int send_len = 16000;
382 char mem_send[16000];
383 char mem_recv[16000];
384 int p2[2];
385 int p[2];
386
387 ASSERT_GE(pipe(p), 0);
388 ASSERT_GE(pipe(p2), 0);
389 EXPECT_GE(write(p[1], mem_send, 8000), 0);
390 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
391 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
392 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
393 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
394 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
395}
396
397TEST_F(tls, send_and_splice)
398{
399 int send_len = TLS_PAYLOAD_MAX_LEN;
400 char mem_send[TLS_PAYLOAD_MAX_LEN];
401 char mem_recv[TLS_PAYLOAD_MAX_LEN];
402 char const *test_str = "test_read";
403 int send_len2 = 10;
404 char buf[10];
405 int p[2];
406
407 ASSERT_GE(pipe(p), 0);
408 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
409 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
410 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
411
412 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
413 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
414
415 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
416 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
417}
418
419TEST_F(tls, splice_to_pipe)
420{
421 int send_len = TLS_PAYLOAD_MAX_LEN;
422 char mem_send[TLS_PAYLOAD_MAX_LEN];
423 char mem_recv[TLS_PAYLOAD_MAX_LEN];
424 int p[2];
425
426 ASSERT_GE(pipe(p), 0);
427 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
428 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
429 EXPECT_GE(read(p[0], mem_recv, send_len), 0);
430 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
431}
432
433TEST_F(tls, recvmsg_single)
434{
435 char const *test_str = "test_recvmsg_single";
436 int send_len = strlen(test_str) + 1;
437 char buf[20];
438 struct msghdr hdr;
439 struct iovec vec;
440
441 memset(&hdr, 0, sizeof(hdr));
442 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
443 vec.iov_base = (char *)buf;
444 vec.iov_len = send_len;
445 hdr.msg_iovlen = 1;
446 hdr.msg_iov = &vec;
447 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
448 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
449}
450
451TEST_F(tls, recvmsg_single_max)
452{
453 int send_len = TLS_PAYLOAD_MAX_LEN;
454 char send_mem[TLS_PAYLOAD_MAX_LEN];
455 char recv_mem[TLS_PAYLOAD_MAX_LEN];
456 struct iovec vec;
457 struct msghdr hdr;
458
459 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
460 vec.iov_base = (char *)recv_mem;
461 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
462
463 hdr.msg_iovlen = 1;
464 hdr.msg_iov = &vec;
465 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
466 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
467}
468
469TEST_F(tls, recvmsg_multiple)
470{
471 unsigned int msg_iovlen = 1024;
472 unsigned int len_compared = 0;
473 struct iovec vec[1024];
474 char *iov_base[1024];
475 unsigned int iov_len = 16;
476 int send_len = 1 << 14;
477 char buf[1 << 14];
478 struct msghdr hdr;
479 int i;
480
481 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
482 for (i = 0; i < msg_iovlen; i++) {
483 iov_base[i] = (char *)malloc(iov_len);
484 vec[i].iov_base = iov_base[i];
485 vec[i].iov_len = iov_len;
486 }
487
488 hdr.msg_iovlen = msg_iovlen;
489 hdr.msg_iov = vec;
490 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
491 for (i = 0; i < msg_iovlen; i++)
492 len_compared += iov_len;
493
494 for (i = 0; i < msg_iovlen; i++)
495 free(iov_base[i]);
496}
497
498TEST_F(tls, single_send_multiple_recv)
499{
500 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
501 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
502 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
503 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
504
505 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
506 memset(recv_mem, 0, total_len);
507
508 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
509 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
510 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
511}
512
513TEST_F(tls, multiple_send_single_recv)
514{
515 unsigned int total_len = 2 * 10;
516 unsigned int send_len = 10;
517 char recv_mem[2 * 10];
518 char send_mem[10];
519
520 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
521 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
522 memset(recv_mem, 0, total_len);
523 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
524
525 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
526 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
527}
528
529TEST_F(tls, single_send_multiple_recv_non_align)
530{
531 const unsigned int total_len = 15;
532 const unsigned int recv_len = 10;
533 char recv_mem[recv_len * 2];
534 char send_mem[total_len];
535
536 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
537 memset(recv_mem, 0, total_len);
538
539 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
540 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
541 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
542}
543
544TEST_F(tls, recv_partial)
545{
546 char const *test_str = "test_read_partial";
547 char const *test_str_first = "test_read";
548 char const *test_str_second = "_partial";
549 int send_len = strlen(test_str) + 1;
550 char recv_mem[18];
551
552 memset(recv_mem, 0, sizeof(recv_mem));
553 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
554 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
555 MSG_WAITALL), -1);
556 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
557 memset(recv_mem, 0, sizeof(recv_mem));
558 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
559 MSG_WAITALL), -1);
560 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
561 0);
562}
563
564TEST_F(tls, recv_nonblock)
565{
566 char buf[4096];
567 bool err;
568
569 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
570 err = (errno == EAGAIN || errno == EWOULDBLOCK);
571 EXPECT_EQ(err, true);
572}
573
574TEST_F(tls, recv_peek)
575{
576 char const *test_str = "test_read_peek";
577 int send_len = strlen(test_str) + 1;
578 char buf[15];
579
580 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
581 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
582 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
583 memset(buf, 0, sizeof(buf));
584 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
585 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
586}
587
588TEST_F(tls, recv_peek_multiple)
589{
590 char const *test_str = "test_read_peek";
591 int send_len = strlen(test_str) + 1;
592 unsigned int num_peeks = 100;
593 char buf[15];
594 int i;
595
596 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
597 for (i = 0; i < num_peeks; i++) {
598 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
599 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
600 memset(buf, 0, sizeof(buf));
601 }
602 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
603 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
604}
605
606TEST_F(tls, recv_peek_multiple_records)
607{
608 char const *test_str = "test_read_peek_mult_recs";
609 char const *test_str_first = "test_read_peek";
610 char const *test_str_second = "_mult_recs";
611 int len;
612 char buf[64];
613
614 len = strlen(test_str_first);
615 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
616
617 len = strlen(test_str_second) + 1;
618 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
619
620 len = strlen(test_str_first);
621 memset(buf, 0, len);
622 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
623
624
625 len = strlen(test_str_first);
626 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
627
628 len = strlen(test_str) + 1;
629 memset(buf, 0, len);
630 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
631
632
633
634
635 len = strlen(test_str) + 1;
636 EXPECT_EQ(memcmp(test_str, buf, len), 0);
637
638
639
640
641 len = strlen(test_str_first);
642 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
643
644 len = strlen(test_str_second) + 1;
645 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
646
647 len = strlen(test_str) + 1;
648 memset(buf, 0, len);
649 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
650
651 len = strlen(test_str) + 1;
652 EXPECT_EQ(memcmp(test_str, buf, len), 0);
653}
654
655TEST_F(tls, recv_peek_large_buf_mult_recs)
656{
657 char const *test_str = "test_read_peek_mult_recs";
658 char const *test_str_first = "test_read_peek";
659 char const *test_str_second = "_mult_recs";
660 int len;
661 char buf[64];
662
663 len = strlen(test_str_first);
664 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
665
666 len = strlen(test_str_second) + 1;
667 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
668
669 len = strlen(test_str) + 1;
670 memset(buf, 0, len);
671 EXPECT_NE((len = recv(self->cfd, buf, len,
672 MSG_PEEK | MSG_WAITALL)), -1);
673 len = strlen(test_str) + 1;
674 EXPECT_EQ(memcmp(test_str, buf, len), 0);
675}
676
677TEST_F(tls, recv_lowat)
678{
679 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
680 char recv_mem[20];
681 int lowat = 8;
682
683 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
684 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
685
686 memset(recv_mem, 0, 20);
687 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
688 &lowat, sizeof(lowat)), 0);
689 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
690 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
691 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
692
693 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
694 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
695}
696
697TEST_F(tls, bidir)
698{
699 char const *test_str = "test_read";
700 int send_len = 10;
701 char buf[10];
702 int ret;
703
704 if (!self->notls) {
705 struct tls12_crypto_info_aes_gcm_128 tls12;
706
707 memset(&tls12, 0, sizeof(tls12));
708 tls12.info.version = TLS_1_3_VERSION;
709 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
710
711 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
712 sizeof(tls12));
713 ASSERT_EQ(ret, 0);
714
715 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
716 sizeof(tls12));
717 ASSERT_EQ(ret, 0);
718 }
719
720 ASSERT_EQ(strlen(test_str) + 1, send_len);
721
722 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
723 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
724 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
725
726 memset(buf, 0, sizeof(buf));
727
728 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
729 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
730 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
731};
732
733TEST_F(tls, pollin)
734{
735 char const *test_str = "test_poll";
736 struct pollfd fd = { 0, 0, 0 };
737 char buf[10];
738 int send_len = 10;
739
740 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
741 fd.fd = self->cfd;
742 fd.events = POLLIN;
743
744 EXPECT_EQ(poll(&fd, 1, 20), 1);
745 EXPECT_EQ(fd.revents & POLLIN, 1);
746 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
747
748 EXPECT_EQ(poll(&fd, 1, 20), 0);
749}
750
751TEST_F(tls, poll_wait)
752{
753 char const *test_str = "test_poll_wait";
754 int send_len = strlen(test_str) + 1;
755 struct pollfd fd = { 0, 0, 0 };
756 char recv_mem[15];
757
758 fd.fd = self->cfd;
759 fd.events = POLLIN;
760 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
761
762 EXPECT_EQ(poll(&fd, 1, -1), 1);
763 EXPECT_EQ(fd.revents & POLLIN, 1);
764 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
765}
766
767TEST_F(tls, poll_wait_split)
768{
769 struct pollfd fd = { 0, 0, 0 };
770 char send_mem[20] = {};
771 char recv_mem[15];
772
773 fd.fd = self->cfd;
774 fd.events = POLLIN;
775
776 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
777 sizeof(send_mem));
778
779 EXPECT_EQ(poll(&fd, 1, -1), 1);
780 EXPECT_EQ(fd.revents & POLLIN, 1);
781 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
782 sizeof(recv_mem));
783
784
785 fd.fd = self->cfd;
786 fd.events = POLLIN;
787 EXPECT_EQ(poll(&fd, 1, -1), 1);
788 EXPECT_EQ(fd.revents & POLLIN, 1);
789 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
790 sizeof(send_mem) - sizeof(recv_mem));
791}
792
793TEST_F(tls, blocking)
794{
795 size_t data = 100000;
796 int res = fork();
797
798 EXPECT_NE(res, -1);
799
800 if (res) {
801
802 size_t left = data;
803 char buf[16384];
804 int status;
805 int pid2;
806
807 while (left) {
808 int res = send(self->fd, buf,
809 left > 16384 ? 16384 : left, 0);
810
811 EXPECT_GE(res, 0);
812 left -= res;
813 }
814
815 pid2 = wait(&status);
816 EXPECT_EQ(status, 0);
817 EXPECT_EQ(res, pid2);
818 } else {
819
820 size_t left = data;
821 char buf[16384];
822
823 while (left) {
824 int res = recv(self->cfd, buf,
825 left > 16384 ? 16384 : left, 0);
826
827 EXPECT_GE(res, 0);
828 left -= res;
829 }
830 }
831}
832
833TEST_F(tls, nonblocking)
834{
835 size_t data = 100000;
836 int sendbuf = 100;
837 int flags;
838 int res;
839
840 flags = fcntl(self->fd, F_GETFL, 0);
841 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
842 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
843
844
845
846
847 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
848 &sendbuf, sizeof(sendbuf)), 0);
849
850 res = fork();
851 EXPECT_NE(res, -1);
852
853 if (res) {
854
855 bool eagain = false;
856 size_t left = data;
857 char buf[16384];
858 int status;
859 int pid2;
860
861 while (left) {
862 int res = send(self->fd, buf,
863 left > 16384 ? 16384 : left, 0);
864
865 if (res == -1 && errno == EAGAIN) {
866 eagain = true;
867 usleep(10000);
868 continue;
869 }
870 EXPECT_GE(res, 0);
871 left -= res;
872 }
873
874 EXPECT_TRUE(eagain);
875 pid2 = wait(&status);
876
877 EXPECT_EQ(status, 0);
878 EXPECT_EQ(res, pid2);
879 } else {
880
881 bool eagain = false;
882 size_t left = data;
883 char buf[16384];
884
885 while (left) {
886 int res = recv(self->cfd, buf,
887 left > 16384 ? 16384 : left, 0);
888
889 if (res == -1 && errno == EAGAIN) {
890 eagain = true;
891 usleep(10000);
892 continue;
893 }
894 EXPECT_GE(res, 0);
895 left -= res;
896 }
897 EXPECT_TRUE(eagain);
898 }
899}
900
901static void
902test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self,
903 bool sendpg, unsigned int n_readers, unsigned int n_writers)
904{
905 const unsigned int n_children = n_readers + n_writers;
906 const size_t data = 6 * 1000 * 1000;
907 const size_t file_sz = data / 100;
908 size_t read_bias, write_bias;
909 int i, fd, child_id;
910 char buf[file_sz];
911 pid_t pid;
912
913
914 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true);
915 read_bias = n_writers / n_readers ?: 1;
916 write_bias = n_readers / n_writers ?: 1;
917
918
919 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600);
920 ASSERT_GE(fd, 0);
921
922 memset(buf, 0xac, file_sz);
923 ASSERT_EQ(write(fd, buf, file_sz), file_sz);
924
925
926 for (child_id = 0; child_id < n_children; child_id++) {
927 pid = fork();
928 ASSERT_NE(pid, -1);
929 if (!pid)
930 break;
931 }
932
933
934 if (pid) {
935 for (i = 0; i < n_children; i++) {
936 int status;
937
938 wait(&status);
939 EXPECT_EQ(status, 0);
940 }
941
942 return;
943 }
944
945
946 if (child_id < n_readers) {
947 size_t left = data * read_bias;
948 char rb[8001];
949
950 while (left) {
951 int res;
952
953 res = recv(self->cfd, rb,
954 left > sizeof(rb) ? sizeof(rb) : left, 0);
955
956 EXPECT_GE(res, 0);
957 left -= res;
958 }
959 } else {
960 size_t left = data * write_bias;
961
962 while (left) {
963 int res;
964
965 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0);
966 if (sendpg)
967 res = sendfile(self->fd, fd, NULL,
968 left > file_sz ? file_sz : left);
969 else
970 res = send(self->fd, buf,
971 left > file_sz ? file_sz : left, 0);
972
973 EXPECT_GE(res, 0);
974 left -= res;
975 }
976 }
977}
978
979TEST_F(tls, mutliproc_even)
980{
981 test_mutliproc(_metadata, self, false, 6, 6);
982}
983
984TEST_F(tls, mutliproc_readers)
985{
986 test_mutliproc(_metadata, self, false, 4, 12);
987}
988
989TEST_F(tls, mutliproc_writers)
990{
991 test_mutliproc(_metadata, self, false, 10, 2);
992}
993
994TEST_F(tls, mutliproc_sendpage_even)
995{
996 test_mutliproc(_metadata, self, true, 6, 6);
997}
998
999TEST_F(tls, mutliproc_sendpage_readers)
1000{
1001 test_mutliproc(_metadata, self, true, 4, 12);
1002}
1003
1004TEST_F(tls, mutliproc_sendpage_writers)
1005{
1006 test_mutliproc(_metadata, self, true, 10, 2);
1007}
1008
1009TEST_F(tls, control_msg)
1010{
1011 if (self->notls)
1012 return;
1013
1014 char cbuf[CMSG_SPACE(sizeof(char))];
1015 char const *test_str = "test_read";
1016 int cmsg_len = sizeof(char);
1017 char record_type = 100;
1018 struct cmsghdr *cmsg;
1019 struct msghdr msg;
1020 int send_len = 10;
1021 struct iovec vec;
1022 char buf[10];
1023
1024 vec.iov_base = (char *)test_str;
1025 vec.iov_len = 10;
1026 memset(&msg, 0, sizeof(struct msghdr));
1027 msg.msg_iov = &vec;
1028 msg.msg_iovlen = 1;
1029 msg.msg_control = cbuf;
1030 msg.msg_controllen = sizeof(cbuf);
1031 cmsg = CMSG_FIRSTHDR(&msg);
1032 cmsg->cmsg_level = SOL_TLS;
1033
1034 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
1035 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
1036 *CMSG_DATA(cmsg) = record_type;
1037 msg.msg_controllen = cmsg->cmsg_len;
1038
1039 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
1040
1041 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
1042
1043 vec.iov_base = buf;
1044 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
1045
1046 cmsg = CMSG_FIRSTHDR(&msg);
1047 EXPECT_NE(cmsg, NULL);
1048 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1049 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1050 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1051 EXPECT_EQ(record_type, 100);
1052 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1053
1054
1055 record_type = 0;
1056 memset(buf, 0, sizeof(buf));
1057
1058 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
1059 cmsg = CMSG_FIRSTHDR(&msg);
1060 EXPECT_NE(cmsg, NULL);
1061 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1062 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1063 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1064 EXPECT_EQ(record_type, 100);
1065 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1066}
1067
1068TEST_F(tls, shutdown)
1069{
1070 char const *test_str = "test_read";
1071 int send_len = 10;
1072 char buf[10];
1073
1074 ASSERT_EQ(strlen(test_str) + 1, send_len);
1075
1076 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1077 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1078 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1079
1080 shutdown(self->fd, SHUT_RDWR);
1081 shutdown(self->cfd, SHUT_RDWR);
1082}
1083
1084TEST_F(tls, shutdown_unsent)
1085{
1086 char const *test_str = "test_read";
1087 int send_len = 10;
1088
1089 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
1090
1091 shutdown(self->fd, SHUT_RDWR);
1092 shutdown(self->cfd, SHUT_RDWR);
1093}
1094
1095TEST_F(tls, shutdown_reuse)
1096{
1097 struct sockaddr_in addr;
1098 int ret;
1099
1100 shutdown(self->fd, SHUT_RDWR);
1101 shutdown(self->cfd, SHUT_RDWR);
1102 close(self->cfd);
1103
1104 addr.sin_family = AF_INET;
1105 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1106 addr.sin_port = 0;
1107
1108 ret = bind(self->fd, &addr, sizeof(addr));
1109 EXPECT_EQ(ret, 0);
1110 ret = listen(self->fd, 10);
1111 EXPECT_EQ(ret, -1);
1112 EXPECT_EQ(errno, EINVAL);
1113
1114 ret = connect(self->fd, &addr, sizeof(addr));
1115 EXPECT_EQ(ret, -1);
1116 EXPECT_EQ(errno, EISCONN);
1117}
1118
1119TEST(non_established) {
1120 struct tls12_crypto_info_aes_gcm_256 tls12;
1121 struct sockaddr_in addr;
1122 int sfd, ret, fd;
1123 socklen_t len;
1124
1125 len = sizeof(addr);
1126
1127 memset(&tls12, 0, sizeof(tls12));
1128 tls12.info.version = TLS_1_2_VERSION;
1129 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1130
1131 addr.sin_family = AF_INET;
1132 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1133 addr.sin_port = 0;
1134
1135 fd = socket(AF_INET, SOCK_STREAM, 0);
1136 sfd = socket(AF_INET, SOCK_STREAM, 0);
1137
1138 ret = bind(sfd, &addr, sizeof(addr));
1139 ASSERT_EQ(ret, 0);
1140 ret = listen(sfd, 10);
1141 ASSERT_EQ(ret, 0);
1142
1143 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1144 EXPECT_EQ(ret, -1);
1145
1146 if (errno == ENOENT)
1147 return;
1148 EXPECT_EQ(errno, ENOTSUPP);
1149
1150 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1151 EXPECT_EQ(ret, -1);
1152 EXPECT_EQ(errno, ENOTSUPP);
1153
1154 ret = getsockname(sfd, &addr, &len);
1155 ASSERT_EQ(ret, 0);
1156
1157 ret = connect(fd, &addr, sizeof(addr));
1158 ASSERT_EQ(ret, 0);
1159
1160 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1161 ASSERT_EQ(ret, 0);
1162
1163 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1164 EXPECT_EQ(ret, -1);
1165 EXPECT_EQ(errno, EEXIST);
1166
1167 close(fd);
1168 close(sfd);
1169}
1170
1171TEST(keysizes) {
1172 struct tls12_crypto_info_aes_gcm_256 tls12;
1173 struct sockaddr_in addr;
1174 int sfd, ret, fd, cfd;
1175 socklen_t len;
1176 bool notls;
1177
1178 notls = false;
1179 len = sizeof(addr);
1180
1181 memset(&tls12, 0, sizeof(tls12));
1182 tls12.info.version = TLS_1_2_VERSION;
1183 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1184
1185 addr.sin_family = AF_INET;
1186 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1187 addr.sin_port = 0;
1188
1189 fd = socket(AF_INET, SOCK_STREAM, 0);
1190 sfd = socket(AF_INET, SOCK_STREAM, 0);
1191
1192 ret = bind(sfd, &addr, sizeof(addr));
1193 ASSERT_EQ(ret, 0);
1194 ret = listen(sfd, 10);
1195 ASSERT_EQ(ret, 0);
1196
1197 ret = getsockname(sfd, &addr, &len);
1198 ASSERT_EQ(ret, 0);
1199
1200 ret = connect(fd, &addr, sizeof(addr));
1201 ASSERT_EQ(ret, 0);
1202
1203 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1204 if (ret != 0) {
1205 notls = true;
1206 printf("Failure setting TCP_ULP, testing without tls\n");
1207 }
1208
1209 if (!notls) {
1210 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1211 sizeof(tls12));
1212 EXPECT_EQ(ret, 0);
1213 }
1214
1215 cfd = accept(sfd, &addr, &len);
1216 ASSERT_GE(cfd, 0);
1217
1218 if (!notls) {
1219 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1220 sizeof("tls"));
1221 EXPECT_EQ(ret, 0);
1222
1223 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1224 sizeof(tls12));
1225 EXPECT_EQ(ret, 0);
1226 }
1227
1228 close(sfd);
1229 close(fd);
1230 close(cfd);
1231}
1232
1233TEST(tls12) {
1234 int fd, cfd;
1235 bool notls;
1236
1237 struct tls12_crypto_info_aes_gcm_128 tls12;
1238 struct sockaddr_in addr;
1239 socklen_t len;
1240 int sfd, ret;
1241
1242 notls = false;
1243 len = sizeof(addr);
1244
1245 memset(&tls12, 0, sizeof(tls12));
1246 tls12.info.version = TLS_1_2_VERSION;
1247 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
1248
1249 addr.sin_family = AF_INET;
1250 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1251 addr.sin_port = 0;
1252
1253 fd = socket(AF_INET, SOCK_STREAM, 0);
1254 sfd = socket(AF_INET, SOCK_STREAM, 0);
1255
1256 ret = bind(sfd, &addr, sizeof(addr));
1257 ASSERT_EQ(ret, 0);
1258 ret = listen(sfd, 10);
1259 ASSERT_EQ(ret, 0);
1260
1261 ret = getsockname(sfd, &addr, &len);
1262 ASSERT_EQ(ret, 0);
1263
1264 ret = connect(fd, &addr, sizeof(addr));
1265 ASSERT_EQ(ret, 0);
1266
1267 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1268 if (ret != 0) {
1269 notls = true;
1270 printf("Failure setting TCP_ULP, testing without tls\n");
1271 }
1272
1273 if (!notls) {
1274 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1275 sizeof(tls12));
1276 ASSERT_EQ(ret, 0);
1277 }
1278
1279 cfd = accept(sfd, &addr, &len);
1280 ASSERT_GE(cfd, 0);
1281
1282 if (!notls) {
1283 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1284 sizeof("tls"));
1285 ASSERT_EQ(ret, 0);
1286
1287 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1288 sizeof(tls12));
1289 ASSERT_EQ(ret, 0);
1290 }
1291
1292 close(sfd);
1293
1294 char const *test_str = "test_read";
1295 int send_len = 10;
1296 char buf[10];
1297
1298 send_len = strlen(test_str) + 1;
1299 EXPECT_EQ(send(fd, test_str, send_len, 0), send_len);
1300 EXPECT_NE(recv(cfd, buf, send_len, 0), -1);
1301 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1302
1303 close(fd);
1304 close(cfd);
1305}
1306
1307TEST_HARNESS_MAIN
1308
