1// SPDX-License-Identifier: GPL-2.0 2 3#define _GNU_SOURCE 4 5#include <arpa/inet.h> 6#include <errno.h> 7#include <error.h> 8#include <fcntl.h> 9#include <poll.h> 10#include <stdio.h> 11#include <stdlib.h> 12#include <unistd.h> 13 14#include <linux/tls.h> 15#include <linux/tcp.h> 16#include <linux/socket.h> 17 18#include <sys/types.h> 19#include <sys/sendfile.h> 20#include <sys/socket.h> 21#include <sys/stat.h> 22 23#include "../kselftest_harness.h" 24 25#define TLS_PAYLOAD_MAX_LEN 16384 26#define SOL_TLS 282 27 28FIXTURE(tls_basic) 29{ 30 int fd, cfd; 31 bool notls; 32}; 33 34FIXTURE_SETUP(tls_basic) 35{ 36 struct sockaddr_in addr; 37 socklen_t len; 38 int sfd, ret; 39 40 self->notls = false; 41 len = sizeof(addr); 42 43 addr.sin_family = AF_INET; 44 addr.sin_addr.s_addr = htonl(INADDR_ANY); 45 addr.sin_port = 0; 46 47 self->fd = socket(AF_INET, SOCK_STREAM, 0); 48 sfd = socket(AF_INET, SOCK_STREAM, 0); 49 50 ret = bind(sfd, &addr, sizeof(addr)); 51 ASSERT_EQ(ret, 0); 52 ret = listen(sfd, 10); 53 ASSERT_EQ(ret, 0); 54 55 ret = getsockname(sfd, &addr, &len); 56 ASSERT_EQ(ret, 0); 57 58 ret = connect(self->fd, &addr, sizeof(addr)); 59 ASSERT_EQ(ret, 0); 60 61 self->cfd = accept(sfd, &addr, &len); 62 ASSERT_GE(self->cfd, 0); 63 64 close(sfd); 65 66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 67 if (ret != 0) { 68 ASSERT_EQ(errno, ENOENT); 69 self->notls = true; 70 printf("Failure setting TCP_ULP, testing without tls\n"); 71 return; 72 } 73 74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 75 ASSERT_EQ(ret, 0); 76} 77 78FIXTURE_TEARDOWN(tls_basic) 79{ 80 close(self->fd); 81 close(self->cfd); 82} 83 84/* Send some data through with ULP but no keys */ 85TEST_F(tls_basic, base_base) 86{ 87 char const *test_str = "test_read"; 88 int send_len = 10; 89 char buf[10]; 90 91 ASSERT_EQ(strlen(test_str) + 1, send_len); 92 93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 96}; 97 98FIXTURE(tls) 99{ 100 int fd, cfd; 101 bool notls; 102}; 103 104FIXTURE_VARIANT(tls) 105{ 106 unsigned int tls_version; 107}; 108 109FIXTURE_VARIANT_ADD(tls, 12) 110{ 111 .tls_version = TLS_1_2_VERSION, 112}; 113 114FIXTURE_VARIANT_ADD(tls, 13) 115{ 116 .tls_version = TLS_1_3_VERSION, 117}; 118 119FIXTURE_SETUP(tls) 120{ 121 struct tls12_crypto_info_aes_gcm_128 tls12; 122 struct sockaddr_in addr; 123 socklen_t len; 124 int sfd, ret; 125 126 self->notls = false; 127 len = sizeof(addr); 128 129 memset(&tls12, 0, sizeof(tls12)); 130 tls12.info.version = variant->tls_version; 131 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 132 133 addr.sin_family = AF_INET; 134 addr.sin_addr.s_addr = htonl(INADDR_ANY); 135 addr.sin_port = 0; 136 137 self->fd = socket(AF_INET, SOCK_STREAM, 0); 138 sfd = socket(AF_INET, SOCK_STREAM, 0); 139 140 ret = bind(sfd, &addr, sizeof(addr)); 141 ASSERT_EQ(ret, 0); 142 ret = listen(sfd, 10); 143 ASSERT_EQ(ret, 0); 144 145 ret = getsockname(sfd, &addr, &len); 146 ASSERT_EQ(ret, 0); 147 148 ret = connect(self->fd, &addr, sizeof(addr)); 149 ASSERT_EQ(ret, 0); 150 151 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 152 if (ret != 0) { 153 self->notls = true; 154 printf("Failure setting TCP_ULP, testing without tls\n"); 155 } 156 157 if (!self->notls) { 158 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, 159 sizeof(tls12)); 160 ASSERT_EQ(ret, 0); 161 } 162 163 self->cfd = accept(sfd, &addr, &len); 164 ASSERT_GE(self->cfd, 0); 165 166 if (!self->notls) { 167 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", 168 sizeof("tls")); 169 ASSERT_EQ(ret, 0); 170 171 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, 172 sizeof(tls12)); 173 ASSERT_EQ(ret, 0); 174 } 175 176 close(sfd); 177} 178 179FIXTURE_TEARDOWN(tls) 180{ 181 close(self->fd); 182 close(self->cfd); 183} 184 185TEST_F(tls, sendfile) 186{ 187 int filefd = open("/proc/self/exe", O_RDONLY); 188 struct stat st; 189 190 EXPECT_GE(filefd, 0); 191 fstat(filefd, &st); 192 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 193} 194 195TEST_F(tls, send_then_sendfile) 196{ 197 int filefd = open("/proc/self/exe", O_RDONLY); 198 char const *test_str = "test_send"; 199 int to_send = strlen(test_str) + 1; 200 char recv_buf[10]; 201 struct stat st; 202 char *buf; 203 204 EXPECT_GE(filefd, 0); 205 fstat(filefd, &st); 206 buf = (char *)malloc(st.st_size); 207 208 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send); 209 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send); 210 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0); 211 212 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0); 213 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size); 214} 215 216static void chunked_sendfile(struct __test_metadata *_metadata, 217 struct _test_data_tls *self, 218 uint16_t chunk_size, 219 uint16_t extra_payload_size) 220{ 221 char buf[TLS_PAYLOAD_MAX_LEN]; 222 uint16_t test_payload_size; 223 int size = 0; 224 int ret; 225 char filename[] = "/tmp/mytemp.XXXXXX"; 226 int fd = mkstemp(filename); 227 off_t offset = 0; 228 229 unlink(filename); 230 ASSERT_GE(fd, 0); 231 EXPECT_GE(chunk_size, 1); 232 test_payload_size = chunk_size + extra_payload_size; 233 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size); 234 memset(buf, 1, test_payload_size); 235 size = write(fd, buf, test_payload_size); 236 EXPECT_EQ(size, test_payload_size); 237 fsync(fd); 238 239 while (size > 0) { 240 ret = sendfile(self->fd, fd, &offset, chunk_size); 241 EXPECT_GE(ret, 0); 242 size -= ret; 243 } 244 245 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL), 246 test_payload_size); 247 248 close(fd); 249} 250 251TEST_F(tls, multi_chunk_sendfile) 252{ 253 chunked_sendfile(_metadata, self, 4096, 4096); 254 chunked_sendfile(_metadata, self, 4096, 0); 255 chunked_sendfile(_metadata, self, 4096, 1); 256 chunked_sendfile(_metadata, self, 4096, 2048); 257 chunked_sendfile(_metadata, self, 8192, 2048); 258 chunked_sendfile(_metadata, self, 4096, 8192); 259 chunked_sendfile(_metadata, self, 8192, 4096); 260 chunked_sendfile(_metadata, self, 12288, 1024); 261 chunked_sendfile(_metadata, self, 12288, 2000); 262 chunked_sendfile(_metadata, self, 15360, 100); 263 chunked_sendfile(_metadata, self, 15360, 300); 264 chunked_sendfile(_metadata, self, 1, 4096); 265 chunked_sendfile(_metadata, self, 2048, 4096); 266 chunked_sendfile(_metadata, self, 2048, 8192); 267 chunked_sendfile(_metadata, self, 4096, 8192); 268 chunked_sendfile(_metadata, self, 1024, 12288); 269 chunked_sendfile(_metadata, self, 2000, 12288); 270 chunked_sendfile(_metadata, self, 100, 15360); 271 chunked_sendfile(_metadata, self, 300, 15360); 272} 273 274TEST_F(tls, recv_max) 275{ 276 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 277 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 278 char buf[TLS_PAYLOAD_MAX_LEN]; 279 280 EXPECT_GE(send(self->fd, buf, send_len, 0), 0); 281 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 282 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0); 283} 284 285TEST_F(tls, recv_small) 286{ 287 char const *test_str = "test_read"; 288 int send_len = 10; 289 char buf[10]; 290 291 send_len = strlen(test_str) + 1; 292 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 293 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 294 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 295} 296 297TEST_F(tls, msg_more) 298{ 299 char const *test_str = "test_read"; 300 int send_len = 10; 301 char buf[10 * 2]; 302 303 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 304 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 305 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 306 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL), 307 send_len * 2); 308 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 309} 310 311TEST_F(tls, msg_more_unsent) 312{ 313 char const *test_str = "test_read"; 314 int send_len = 10; 315 char buf[10]; 316 317 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 318 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1); 319} 320 321TEST_F(tls, sendmsg_single) 322{ 323 struct msghdr msg; 324 325 char const *test_str = "test_sendmsg"; 326 size_t send_len = 13; 327 struct iovec vec; 328 char buf[13]; 329 330 vec.iov_base = (char *)test_str; 331 vec.iov_len = send_len; 332 memset(&msg, 0, sizeof(struct msghdr)); 333 msg.msg_iov = &vec; 334 msg.msg_iovlen = 1; 335 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 336 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 337 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 338} 339 340#define MAX_FRAGS 64 341#define SEND_LEN 13 342TEST_F(tls, sendmsg_fragmented) 343{ 344 char const *test_str = "test_sendmsg"; 345 char buf[SEND_LEN * MAX_FRAGS]; 346 struct iovec vec[MAX_FRAGS]; 347 struct msghdr msg; 348 int i, frags; 349 350 for (frags = 1; frags <= MAX_FRAGS; frags++) { 351 for (i = 0; i < frags; i++) { 352 vec[i].iov_base = (char *)test_str; 353 vec[i].iov_len = SEND_LEN; 354 } 355 356 memset(&msg, 0, sizeof(struct msghdr)); 357 msg.msg_iov = vec; 358 msg.msg_iovlen = frags; 359 360 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags); 361 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL), 362 SEND_LEN * frags); 363 364 for (i = 0; i < frags; i++) 365 EXPECT_EQ(memcmp(buf + SEND_LEN * i, 366 test_str, SEND_LEN), 0); 367 } 368} 369#undef MAX_FRAGS 370#undef SEND_LEN 371 372TEST_F(tls, sendmsg_large) 373{ 374 void *mem = malloc(16384); 375 size_t send_len = 16384; 376 size_t sends = 128; 377 struct msghdr msg; 378 size_t recvs = 0; 379 size_t sent = 0; 380 381 memset(&msg, 0, sizeof(struct msghdr)); 382 while (sent++ < sends) { 383 struct iovec vec = { (void *)mem, send_len }; 384 385 msg.msg_iov = &vec; 386 msg.msg_iovlen = 1; 387 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 388 } 389 390 while (recvs++ < sends) { 391 EXPECT_NE(recv(self->cfd, mem, send_len, 0), -1); 392 } 393 394 free(mem); 395} 396 397TEST_F(tls, sendmsg_multiple) 398{ 399 char const *test_str = "test_sendmsg_multiple"; 400 struct iovec vec[5]; 401 char *test_strs[5]; 402 struct msghdr msg; 403 int total_len = 0; 404 int len_cmp = 0; 405 int iov_len = 5; 406 char *buf; 407 int i; 408 409 memset(&msg, 0, sizeof(struct msghdr)); 410 for (i = 0; i < iov_len; i++) { 411 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 412 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 413 vec[i].iov_base = (void *)test_strs[i]; 414 vec[i].iov_len = strlen(test_strs[i]) + 1; 415 total_len += vec[i].iov_len; 416 } 417 msg.msg_iov = vec; 418 msg.msg_iovlen = iov_len; 419 420 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 421 buf = malloc(total_len); 422 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 423 for (i = 0; i < iov_len; i++) { 424 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp, 425 strlen(test_strs[i])), 426 0); 427 len_cmp += strlen(buf + len_cmp) + 1; 428 } 429 for (i = 0; i < iov_len; i++) 430 free(test_strs[i]); 431 free(buf); 432} 433 434TEST_F(tls, sendmsg_multiple_stress) 435{ 436 char const *test_str = "abcdefghijklmno"; 437 struct iovec vec[1024]; 438 char *test_strs[1024]; 439 int iov_len = 1024; 440 int total_len = 0; 441 char buf[1 << 14]; 442 struct msghdr msg; 443 int len_cmp = 0; 444 int i; 445 446 memset(&msg, 0, sizeof(struct msghdr)); 447 for (i = 0; i < iov_len; i++) { 448 test_strs[i] = (char *)malloc(strlen(test_str) + 1); 449 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str); 450 vec[i].iov_base = (void *)test_strs[i]; 451 vec[i].iov_len = strlen(test_strs[i]) + 1; 452 total_len += vec[i].iov_len; 453 } 454 msg.msg_iov = vec; 455 msg.msg_iovlen = iov_len; 456 457 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len); 458 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1); 459 460 for (i = 0; i < iov_len; i++) 461 len_cmp += strlen(buf + len_cmp) + 1; 462 463 for (i = 0; i < iov_len; i++) 464 free(test_strs[i]); 465} 466 467TEST_F(tls, splice_from_pipe) 468{ 469 int send_len = TLS_PAYLOAD_MAX_LEN; 470 char mem_send[TLS_PAYLOAD_MAX_LEN]; 471 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 472 int p[2]; 473 474 ASSERT_GE(pipe(p), 0); 475 EXPECT_GE(write(p[1], mem_send, send_len), 0); 476 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0); 477 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 478 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 479} 480 481TEST_F(tls, splice_from_pipe2) 482{ 483 int send_len = 16000; 484 char mem_send[16000]; 485 char mem_recv[16000]; 486 int p2[2]; 487 int p[2]; 488 489 ASSERT_GE(pipe(p), 0); 490 ASSERT_GE(pipe(p2), 0); 491 EXPECT_GE(write(p[1], mem_send, 8000), 0); 492 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0); 493 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0); 494 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0); 495 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 496 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 497} 498 499TEST_F(tls, send_and_splice) 500{ 501 int send_len = TLS_PAYLOAD_MAX_LEN; 502 char mem_send[TLS_PAYLOAD_MAX_LEN]; 503 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 504 char const *test_str = "test_read"; 505 int send_len2 = 10; 506 char buf[10]; 507 int p[2]; 508 509 ASSERT_GE(pipe(p), 0); 510 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2); 511 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2); 512 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0); 513 514 EXPECT_GE(write(p[1], mem_send, send_len), send_len); 515 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len); 516 517 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len); 518 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 519} 520 521TEST_F(tls, splice_to_pipe) 522{ 523 int send_len = TLS_PAYLOAD_MAX_LEN; 524 char mem_send[TLS_PAYLOAD_MAX_LEN]; 525 char mem_recv[TLS_PAYLOAD_MAX_LEN]; 526 int p[2]; 527 528 ASSERT_GE(pipe(p), 0); 529 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0); 530 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0); 531 EXPECT_GE(read(p[0], mem_recv, send_len), 0); 532 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0); 533} 534 535TEST_F(tls, recvmsg_single) 536{ 537 char const *test_str = "test_recvmsg_single"; 538 int send_len = strlen(test_str) + 1; 539 char buf[20]; 540 struct msghdr hdr; 541 struct iovec vec; 542 543 memset(&hdr, 0, sizeof(hdr)); 544 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 545 vec.iov_base = (char *)buf; 546 vec.iov_len = send_len; 547 hdr.msg_iovlen = 1; 548 hdr.msg_iov = &vec; 549 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 550 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 551} 552 553TEST_F(tls, recvmsg_single_max) 554{ 555 int send_len = TLS_PAYLOAD_MAX_LEN; 556 char send_mem[TLS_PAYLOAD_MAX_LEN]; 557 char recv_mem[TLS_PAYLOAD_MAX_LEN]; 558 struct iovec vec; 559 struct msghdr hdr; 560 561 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len); 562 vec.iov_base = (char *)recv_mem; 563 vec.iov_len = TLS_PAYLOAD_MAX_LEN; 564 565 hdr.msg_iovlen = 1; 566 hdr.msg_iov = &vec; 567 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 568 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 569} 570 571TEST_F(tls, recvmsg_multiple) 572{ 573 unsigned int msg_iovlen = 1024; 574 unsigned int len_compared = 0; 575 struct iovec vec[1024]; 576 char *iov_base[1024]; 577 unsigned int iov_len = 16; 578 int send_len = 1 << 14; 579 char buf[1 << 14]; 580 struct msghdr hdr; 581 int i; 582 583 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len); 584 for (i = 0; i < msg_iovlen; i++) { 585 iov_base[i] = (char *)malloc(iov_len); 586 vec[i].iov_base = iov_base[i]; 587 vec[i].iov_len = iov_len; 588 } 589 590 hdr.msg_iovlen = msg_iovlen; 591 hdr.msg_iov = vec; 592 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1); 593 for (i = 0; i < msg_iovlen; i++) 594 len_compared += iov_len; 595 596 for (i = 0; i < msg_iovlen; i++) 597 free(iov_base[i]); 598} 599 600TEST_F(tls, single_send_multiple_recv) 601{ 602 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2; 603 unsigned int send_len = TLS_PAYLOAD_MAX_LEN; 604 char send_mem[TLS_PAYLOAD_MAX_LEN * 2]; 605 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2]; 606 607 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 608 memset(recv_mem, 0, total_len); 609 610 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1); 611 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1); 612 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 613} 614 615TEST_F(tls, multiple_send_single_recv) 616{ 617 unsigned int total_len = 2 * 10; 618 unsigned int send_len = 10; 619 char recv_mem[2 * 10]; 620 char send_mem[10]; 621 622 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 623 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0); 624 memset(recv_mem, 0, total_len); 625 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len); 626 627 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0); 628 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0); 629} 630 631TEST_F(tls, single_send_multiple_recv_non_align) 632{ 633 const unsigned int total_len = 15; 634 const unsigned int recv_len = 10; 635 char recv_mem[recv_len * 2]; 636 char send_mem[total_len]; 637 638 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0); 639 memset(recv_mem, 0, total_len); 640 641 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len); 642 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5); 643 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0); 644} 645 646TEST_F(tls, recv_partial) 647{ 648 char const *test_str = "test_read_partial"; 649 char const *test_str_first = "test_read"; 650 char const *test_str_second = "_partial"; 651 int send_len = strlen(test_str) + 1; 652 char recv_mem[18]; 653 654 memset(recv_mem, 0, sizeof(recv_mem)); 655 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 656 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first), 657 MSG_WAITALL), -1); 658 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0); 659 memset(recv_mem, 0, sizeof(recv_mem)); 660 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second), 661 MSG_WAITALL), -1); 662 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)), 663 0); 664} 665 666TEST_F(tls, recv_nonblock) 667{ 668 char buf[4096]; 669 bool err; 670 671 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1); 672 err = (errno == EAGAIN || errno == EWOULDBLOCK); 673 EXPECT_EQ(err, true); 674} 675 676TEST_F(tls, recv_peek) 677{ 678 char const *test_str = "test_read_peek"; 679 int send_len = strlen(test_str) + 1; 680 char buf[15]; 681 682 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 683 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 684 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 685 memset(buf, 0, sizeof(buf)); 686 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 687 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 688} 689 690TEST_F(tls, recv_peek_multiple) 691{ 692 char const *test_str = "test_read_peek"; 693 int send_len = strlen(test_str) + 1; 694 unsigned int num_peeks = 100; 695 char buf[15]; 696 int i; 697 698 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 699 for (i = 0; i < num_peeks; i++) { 700 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1); 701 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 702 memset(buf, 0, sizeof(buf)); 703 } 704 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 705 EXPECT_EQ(memcmp(test_str, buf, send_len), 0); 706} 707 708TEST_F(tls, recv_peek_multiple_records) 709{ 710 char const *test_str = "test_read_peek_mult_recs"; 711 char const *test_str_first = "test_read_peek"; 712 char const *test_str_second = "_mult_recs"; 713 int len; 714 char buf[64]; 715 716 len = strlen(test_str_first); 717 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 718 719 len = strlen(test_str_second) + 1; 720 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 721 722 len = strlen(test_str_first); 723 memset(buf, 0, len); 724 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 725 726 /* MSG_PEEK can only peek into the current record. */ 727 len = strlen(test_str_first); 728 EXPECT_EQ(memcmp(test_str_first, buf, len), 0); 729 730 len = strlen(test_str) + 1; 731 memset(buf, 0, len); 732 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len); 733 734 /* Non-MSG_PEEK will advance strparser (and therefore record) 735 * however. 736 */ 737 len = strlen(test_str) + 1; 738 EXPECT_EQ(memcmp(test_str, buf, len), 0); 739 740 /* MSG_MORE will hold current record open, so later MSG_PEEK 741 * will see everything. 742 */ 743 len = strlen(test_str_first); 744 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len); 745 746 len = strlen(test_str_second) + 1; 747 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 748 749 len = strlen(test_str) + 1; 750 memset(buf, 0, len); 751 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len); 752 753 len = strlen(test_str) + 1; 754 EXPECT_EQ(memcmp(test_str, buf, len), 0); 755} 756 757TEST_F(tls, recv_peek_large_buf_mult_recs) 758{ 759 char const *test_str = "test_read_peek_mult_recs"; 760 char const *test_str_first = "test_read_peek"; 761 char const *test_str_second = "_mult_recs"; 762 int len; 763 char buf[64]; 764 765 len = strlen(test_str_first); 766 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len); 767 768 len = strlen(test_str_second) + 1; 769 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len); 770 771 len = strlen(test_str) + 1; 772 memset(buf, 0, len); 773 EXPECT_NE((len = recv(self->cfd, buf, len, 774 MSG_PEEK | MSG_WAITALL)), -1); 775 len = strlen(test_str) + 1; 776 EXPECT_EQ(memcmp(test_str, buf, len), 0); 777} 778 779TEST_F(tls, recv_lowat) 780{ 781 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; 782 char recv_mem[20]; 783 int lowat = 8; 784 785 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10); 786 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5); 787 788 memset(recv_mem, 0, 20); 789 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT, 790 &lowat, sizeof(lowat)), 0); 791 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1); 792 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6); 793 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8); 794 795 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0); 796 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0); 797} 798 799TEST_F(tls, bidir) 800{ 801 char const *test_str = "test_read"; 802 int send_len = 10; 803 char buf[10]; 804 int ret; 805 806 if (!self->notls) { 807 struct tls12_crypto_info_aes_gcm_128 tls12; 808 809 memset(&tls12, 0, sizeof(tls12)); 810 tls12.info.version = variant->tls_version; 811 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; 812 813 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, 814 sizeof(tls12)); 815 ASSERT_EQ(ret, 0); 816 817 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, 818 sizeof(tls12)); 819 ASSERT_EQ(ret, 0); 820 } 821 822 ASSERT_EQ(strlen(test_str) + 1, send_len); 823 824 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 825 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 826 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 827 828 memset(buf, 0, sizeof(buf)); 829 830 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len); 831 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1); 832 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 833}; 834 835TEST_F(tls, pollin) 836{ 837 char const *test_str = "test_poll"; 838 struct pollfd fd = { 0, 0, 0 }; 839 char buf[10]; 840 int send_len = 10; 841 842 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 843 fd.fd = self->cfd; 844 fd.events = POLLIN; 845 846 EXPECT_EQ(poll(&fd, 1, 20), 1); 847 EXPECT_EQ(fd.revents & POLLIN, 1); 848 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); 849 /* Test timing out */ 850 EXPECT_EQ(poll(&fd, 1, 20), 0); 851} 852 853TEST_F(tls, poll_wait) 854{ 855 char const *test_str = "test_poll_wait"; 856 int send_len = strlen(test_str) + 1; 857 struct pollfd fd = { 0, 0, 0 }; 858 char recv_mem[15]; 859 860 fd.fd = self->cfd; 861 fd.events = POLLIN; 862 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 863 /* Set timeout to inf. secs */ 864 EXPECT_EQ(poll(&fd, 1, -1), 1); 865 EXPECT_EQ(fd.revents & POLLIN, 1); 866 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len); 867} 868 869TEST_F(tls, poll_wait_split) 870{ 871 struct pollfd fd = { 0, 0, 0 }; 872 char send_mem[20] = {}; 873 char recv_mem[15]; 874 875 fd.fd = self->cfd; 876 fd.events = POLLIN; 877 /* Send 20 bytes */ 878 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0), 879 sizeof(send_mem)); 880 /* Poll with inf. timeout */ 881 EXPECT_EQ(poll(&fd, 1, -1), 1); 882 EXPECT_EQ(fd.revents & POLLIN, 1); 883 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL), 884 sizeof(recv_mem)); 885 886 /* Now the remaining 5 bytes of record data are in TLS ULP */ 887 fd.fd = self->cfd; 888 fd.events = POLLIN; 889 EXPECT_EQ(poll(&fd, 1, -1), 1); 890 EXPECT_EQ(fd.revents & POLLIN, 1); 891 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 892 sizeof(send_mem) - sizeof(recv_mem)); 893} 894 895TEST_F(tls, blocking) 896{ 897 size_t data = 100000; 898 int res = fork(); 899 900 EXPECT_NE(res, -1); 901 902 if (res) { 903 /* parent */ 904 size_t left = data; 905 char buf[16384]; 906 int status; 907 int pid2; 908 909 while (left) { 910 int res = send(self->fd, buf, 911 left > 16384 ? 16384 : left, 0); 912 913 EXPECT_GE(res, 0); 914 left -= res; 915 } 916 917 pid2 = wait(&status); 918 EXPECT_EQ(status, 0); 919 EXPECT_EQ(res, pid2); 920 } else { 921 /* child */ 922 size_t left = data; 923 char buf[16384]; 924 925 while (left) { 926 int res = recv(self->cfd, buf, 927 left > 16384 ? 16384 : left, 0); 928 929 EXPECT_GE(res, 0); 930 left -= res; 931 } 932 } 933} 934 935TEST_F(tls, nonblocking) 936{ 937 size_t data = 100000; 938 int sendbuf = 100; 939 int flags; 940 int res; 941 942 flags = fcntl(self->fd, F_GETFL, 0); 943 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); 944 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); 945 946 /* Ensure nonblocking behavior by imposing a small send 947 * buffer. 948 */ 949 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF, 950 &sendbuf, sizeof(sendbuf)), 0); 951 952 res = fork(); 953 EXPECT_NE(res, -1); 954 955 if (res) { 956 /* parent */ 957 bool eagain = false; 958 size_t left = data; 959 char buf[16384]; 960 int status; 961 int pid2; 962 963 while (left) { 964 int res = send(self->fd, buf, 965 left > 16384 ? 16384 : left, 0); 966 967 if (res == -1 && errno == EAGAIN) { 968 eagain = true; 969 usleep(10000); 970 continue; 971 } 972 EXPECT_GE(res, 0); 973 left -= res; 974 } 975 976 EXPECT_TRUE(eagain); 977 pid2 = wait(&status); 978 979 EXPECT_EQ(status, 0); 980 EXPECT_EQ(res, pid2); 981 } else { 982 /* child */ 983 bool eagain = false; 984 size_t left = data; 985 char buf[16384]; 986 987 while (left) { 988 int res = recv(self->cfd, buf, 989 left > 16384 ? 16384 : left, 0); 990 991 if (res == -1 && errno == EAGAIN) { 992 eagain = true; 993 usleep(10000); 994 continue; 995 } 996 EXPECT_GE(res, 0); 997 left -= res; 998 } 999 EXPECT_TRUE(eagain); 1000 } 1001} 1002 1003static void 1004test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self, 1005 bool sendpg, unsigned int n_readers, unsigned int n_writers) 1006{ 1007 const unsigned int n_children = n_readers + n_writers; 1008 const size_t data = 6 * 1000 * 1000; 1009 const size_t file_sz = data / 100; 1010 size_t read_bias, write_bias; 1011 int i, fd, child_id; 1012 char buf[file_sz]; 1013 pid_t pid; 1014 1015 /* Only allow multiples for simplicity */ 1016 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true); 1017 read_bias = n_writers / n_readers ?: 1; 1018 write_bias = n_readers / n_writers ?: 1; 1019 1020 /* prep a file to send */ 1021 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600); 1022 ASSERT_GE(fd, 0); 1023 1024 memset(buf, 0xac, file_sz); 1025 ASSERT_EQ(write(fd, buf, file_sz), file_sz); 1026 1027 /* spawn children */ 1028 for (child_id = 0; child_id < n_children; child_id++) { 1029 pid = fork(); 1030 ASSERT_NE(pid, -1); 1031 if (!pid) 1032 break; 1033 } 1034 1035 /* parent waits for all children */ 1036 if (pid) { 1037 for (i = 0; i < n_children; i++) { 1038 int status; 1039 1040 wait(&status); 1041 EXPECT_EQ(status, 0); 1042 } 1043 1044 return; 1045 } 1046 1047 /* Split threads for reading and writing */ 1048 if (child_id < n_readers) { 1049 size_t left = data * read_bias; 1050 char rb[8001]; 1051 1052 while (left) { 1053 int res; 1054 1055 res = recv(self->cfd, rb, 1056 left > sizeof(rb) ? sizeof(rb) : left, 0); 1057 1058 EXPECT_GE(res, 0); 1059 left -= res; 1060 } 1061 } else { 1062 size_t left = data * write_bias; 1063 1064 while (left) { 1065 int res; 1066 1067 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0); 1068 if (sendpg) 1069 res = sendfile(self->fd, fd, NULL, 1070 left > file_sz ? file_sz : left); 1071 else 1072 res = send(self->fd, buf, 1073 left > file_sz ? file_sz : left, 0); 1074 1075 EXPECT_GE(res, 0); 1076 left -= res; 1077 } 1078 } 1079} 1080 1081TEST_F(tls, mutliproc_even) 1082{ 1083 test_mutliproc(_metadata, self, false, 6, 6); 1084} 1085 1086TEST_F(tls, mutliproc_readers) 1087{ 1088 test_mutliproc(_metadata, self, false, 4, 12); 1089} 1090 1091TEST_F(tls, mutliproc_writers) 1092{ 1093 test_mutliproc(_metadata, self, false, 10, 2); 1094} 1095 1096TEST_F(tls, mutliproc_sendpage_even) 1097{ 1098 test_mutliproc(_metadata, self, true, 6, 6); 1099} 1100 1101TEST_F(tls, mutliproc_sendpage_readers) 1102{ 1103 test_mutliproc(_metadata, self, true, 4, 12); 1104} 1105 1106TEST_F(tls, mutliproc_sendpage_writers) 1107{ 1108 test_mutliproc(_metadata, self, true, 10, 2); 1109} 1110 1111TEST_F(tls, control_msg) 1112{ 1113 if (self->notls) 1114 return; 1115 1116 char cbuf[CMSG_SPACE(sizeof(char))]; 1117 char const *test_str = "test_read"; 1118 int cmsg_len = sizeof(char); 1119 char record_type = 100; 1120 struct cmsghdr *cmsg; 1121 struct msghdr msg; 1122 int send_len = 10; 1123 struct iovec vec; 1124 char buf[10]; 1125 1126 vec.iov_base = (char *)test_str; 1127 vec.iov_len = 10; 1128 memset(&msg, 0, sizeof(struct msghdr)); 1129 msg.msg_iov = &vec; 1130 msg.msg_iovlen = 1; 1131 msg.msg_control = cbuf; 1132 msg.msg_controllen = sizeof(cbuf); 1133 cmsg = CMSG_FIRSTHDR(&msg); 1134 cmsg->cmsg_level = SOL_TLS; 1135 /* test sending non-record types. */ 1136 cmsg->cmsg_type = TLS_SET_RECORD_TYPE; 1137 cmsg->cmsg_len = CMSG_LEN(cmsg_len); 1138 *CMSG_DATA(cmsg) = record_type; 1139 msg.msg_controllen = cmsg->cmsg_len; 1140 1141 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len); 1142 /* Should fail because we didn't provide a control message */ 1143 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1); 1144 1145 vec.iov_base = buf; 1146 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len); 1147 1148 cmsg = CMSG_FIRSTHDR(&msg); 1149 EXPECT_NE(cmsg, NULL); 1150 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1151 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1152 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1153 EXPECT_EQ(record_type, 100); 1154 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1155 1156 /* Recv the message again without MSG_PEEK */ 1157 record_type = 0; 1158 memset(buf, 0, sizeof(buf)); 1159 1160 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len); 1161 cmsg = CMSG_FIRSTHDR(&msg); 1162 EXPECT_NE(cmsg, NULL); 1163 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS); 1164 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE); 1165 record_type = *((unsigned char *)CMSG_DATA(cmsg)); 1166 EXPECT_EQ(record_type, 100); 1167 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1168} 1169 1170TEST_F(tls, shutdown) 1171{ 1172 char const *test_str = "test_read"; 1173 int send_len = 10; 1174 char buf[10]; 1175 1176 ASSERT_EQ(strlen(test_str) + 1, send_len); 1177 1178 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len); 1179 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1); 1180 EXPECT_EQ(memcmp(buf, test_str, send_len), 0); 1181 1182 shutdown(self->fd, SHUT_RDWR); 1183 shutdown(self->cfd, SHUT_RDWR); 1184} 1185 1186TEST_F(tls, shutdown_unsent) 1187{ 1188 char const *test_str = "test_read"; 1189 int send_len = 10; 1190 1191 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len); 1192 1193 shutdown(self->fd, SHUT_RDWR); 1194 shutdown(self->cfd, SHUT_RDWR); 1195} 1196 1197TEST_F(tls, shutdown_reuse) 1198{ 1199 struct sockaddr_in addr; 1200 int ret; 1201 1202 shutdown(self->fd, SHUT_RDWR); 1203 shutdown(self->cfd, SHUT_RDWR); 1204 close(self->cfd); 1205 1206 addr.sin_family = AF_INET; 1207 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1208 addr.sin_port = 0; 1209 1210 ret = bind(self->fd, &addr, sizeof(addr)); 1211 EXPECT_EQ(ret, 0); 1212 ret = listen(self->fd, 10); 1213 EXPECT_EQ(ret, -1); 1214 EXPECT_EQ(errno, EINVAL); 1215 1216 ret = connect(self->fd, &addr, sizeof(addr)); 1217 EXPECT_EQ(ret, -1); 1218 EXPECT_EQ(errno, EISCONN); 1219} 1220 1221TEST(non_established) { 1222 struct tls12_crypto_info_aes_gcm_256 tls12; 1223 struct sockaddr_in addr; 1224 int sfd, ret, fd; 1225 socklen_t len; 1226 1227 len = sizeof(addr); 1228 1229 memset(&tls12, 0, sizeof(tls12)); 1230 tls12.info.version = TLS_1_2_VERSION; 1231 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1232 1233 addr.sin_family = AF_INET; 1234 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1235 addr.sin_port = 0; 1236 1237 fd = socket(AF_INET, SOCK_STREAM, 0); 1238 sfd = socket(AF_INET, SOCK_STREAM, 0); 1239 1240 ret = bind(sfd, &addr, sizeof(addr)); 1241 ASSERT_EQ(ret, 0); 1242 ret = listen(sfd, 10); 1243 ASSERT_EQ(ret, 0); 1244 1245 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1246 EXPECT_EQ(ret, -1); 1247 /* TLS ULP not supported */ 1248 if (errno == ENOENT) 1249 return; 1250 EXPECT_EQ(errno, ENOTCONN); 1251 1252 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1253 EXPECT_EQ(ret, -1); 1254 EXPECT_EQ(errno, ENOTCONN); 1255 1256 ret = getsockname(sfd, &addr, &len); 1257 ASSERT_EQ(ret, 0); 1258 1259 ret = connect(fd, &addr, sizeof(addr)); 1260 ASSERT_EQ(ret, 0); 1261 1262 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1263 ASSERT_EQ(ret, 0); 1264 1265 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1266 EXPECT_EQ(ret, -1); 1267 EXPECT_EQ(errno, EEXIST); 1268 1269 close(fd); 1270 close(sfd); 1271} 1272 1273TEST(keysizes) { 1274 struct tls12_crypto_info_aes_gcm_256 tls12; 1275 struct sockaddr_in addr; 1276 int sfd, ret, fd, cfd; 1277 socklen_t len; 1278 bool notls; 1279 1280 notls = false; 1281 len = sizeof(addr); 1282 1283 memset(&tls12, 0, sizeof(tls12)); 1284 tls12.info.version = TLS_1_2_VERSION; 1285 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; 1286 1287 addr.sin_family = AF_INET; 1288 addr.sin_addr.s_addr = htonl(INADDR_ANY); 1289 addr.sin_port = 0; 1290 1291 fd = socket(AF_INET, SOCK_STREAM, 0); 1292 sfd = socket(AF_INET, SOCK_STREAM, 0); 1293 1294 ret = bind(sfd, &addr, sizeof(addr)); 1295 ASSERT_EQ(ret, 0); 1296 ret = listen(sfd, 10); 1297 ASSERT_EQ(ret, 0); 1298 1299 ret = getsockname(sfd, &addr, &len); 1300 ASSERT_EQ(ret, 0); 1301 1302 ret = connect(fd, &addr, sizeof(addr)); 1303 ASSERT_EQ(ret, 0); 1304 1305 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); 1306 if (ret != 0) { 1307 notls = true; 1308 printf("Failure setting TCP_ULP, testing without tls\n"); 1309 } 1310 1311 if (!notls) { 1312 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, 1313 sizeof(tls12)); 1314 EXPECT_EQ(ret, 0); 1315 } 1316 1317 cfd = accept(sfd, &addr, &len); 1318 ASSERT_GE(cfd, 0); 1319 1320 if (!notls) { 1321 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", 1322 sizeof("tls")); 1323 EXPECT_EQ(ret, 0); 1324 1325 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, 1326 sizeof(tls12)); 1327 EXPECT_EQ(ret, 0); 1328 } 1329 1330 close(sfd); 1331 close(fd); 1332 close(cfd); 1333} 1334 1335TEST_HARNESS_MAIN 1336