1 // SPDX-License-Identifier: GPL-2.0
14 #include <linux/tls.h>
15 #include <linux/tcp.h>
16 #include <linux/socket.h>
18 #include <sys/types.h>
19 #include <sys/sendfile.h>
20 #include <sys/socket.h>
23 #include "../kselftest_harness.h"
25 #define TLS_PAYLOAD_MAX_LEN 16384
34 FIXTURE_SETUP(tls_basic)
36 struct sockaddr_in addr;
43 addr.sin_family = AF_INET;
44 addr.sin_addr.s_addr = htonl(INADDR_ANY);
47 self->fd = socket(AF_INET, SOCK_STREAM, 0);
48 sfd = socket(AF_INET, SOCK_STREAM, 0);
50 ret = bind(sfd, &addr, sizeof(addr));
52 ret = listen(sfd, 10);
55 ret = getsockname(sfd, &addr, &len);
58 ret = connect(self->fd, &addr, sizeof(addr));
61 self->cfd = accept(sfd, &addr, &len);
62 ASSERT_GE(self->cfd, 0);
66 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
68 ASSERT_EQ(errno, ENOENT);
70 printf("Failure setting TCP_ULP, testing without tls\n");
74 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
78 FIXTURE_TEARDOWN(tls_basic)
84 /* Send some data through with ULP but no keys */
85 TEST_F(tls_basic, base_base)
87 char const *test_str = "test_read";
91 ASSERT_EQ(strlen(test_str) + 1, send_len);
93 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
94 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
95 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
106 struct tls12_crypto_info_aes_gcm_128 tls12;
107 struct sockaddr_in addr;
114 memset(&tls12, 0, sizeof(tls12));
115 tls12.info.version = TLS_1_3_VERSION;
116 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
118 addr.sin_family = AF_INET;
119 addr.sin_addr.s_addr = htonl(INADDR_ANY);
122 self->fd = socket(AF_INET, SOCK_STREAM, 0);
123 sfd = socket(AF_INET, SOCK_STREAM, 0);
125 ret = bind(sfd, &addr, sizeof(addr));
127 ret = listen(sfd, 10);
130 ret = getsockname(sfd, &addr, &len);
133 ret = connect(self->fd, &addr, sizeof(addr));
136 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
139 printf("Failure setting TCP_ULP, testing without tls\n");
143 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
148 self->cfd = accept(sfd, &addr, &len);
149 ASSERT_GE(self->cfd, 0);
152 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
156 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
164 FIXTURE_TEARDOWN(tls)
170 TEST_F(tls, sendfile)
172 int filefd = open("/proc/self/exe", O_RDONLY);
175 EXPECT_GE(filefd, 0);
177 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
180 TEST_F(tls, send_then_sendfile)
182 int filefd = open("/proc/self/exe", O_RDONLY);
183 char const *test_str = "test_send";
184 int to_send = strlen(test_str) + 1;
189 EXPECT_GE(filefd, 0);
191 buf = (char *)malloc(st.st_size);
193 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
194 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
195 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
197 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
198 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
201 TEST_F(tls, recv_max)
203 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
204 char recv_mem[TLS_PAYLOAD_MAX_LEN];
205 char buf[TLS_PAYLOAD_MAX_LEN];
207 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
208 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
209 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
212 TEST_F(tls, recv_small)
214 char const *test_str = "test_read";
218 send_len = strlen(test_str) + 1;
219 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
220 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
221 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
224 TEST_F(tls, msg_more)
226 char const *test_str = "test_read";
230 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
231 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
232 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
233 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
235 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
238 TEST_F(tls, msg_more_unsent)
240 char const *test_str = "test_read";
244 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
245 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
248 TEST_F(tls, sendmsg_single)
252 char const *test_str = "test_sendmsg";
253 size_t send_len = 13;
257 vec.iov_base = (char *)test_str;
258 vec.iov_len = send_len;
259 memset(&msg, 0, sizeof(struct msghdr));
262 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
263 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
264 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
269 TEST_F(tls, sendmsg_fragmented)
271 char const *test_str = "test_sendmsg";
272 char buf[SEND_LEN * MAX_FRAGS];
273 struct iovec vec[MAX_FRAGS];
277 for (frags = 1; frags <= MAX_FRAGS; frags++) {
278 for (i = 0; i < frags; i++) {
279 vec[i].iov_base = (char *)test_str;
280 vec[i].iov_len = SEND_LEN;
283 memset(&msg, 0, sizeof(struct msghdr));
285 msg.msg_iovlen = frags;
287 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags);
288 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL),
291 for (i = 0; i < frags; i++)
292 EXPECT_EQ(memcmp(buf + SEND_LEN * i,
293 test_str, SEND_LEN), 0);
299 TEST_F(tls, sendmsg_large)
301 void *mem = malloc(16384);
302 size_t send_len = 16384;
308 memset(&msg, 0, sizeof(struct msghdr));
309 while (sent++ < sends) {
310 struct iovec vec = { (void *)mem, send_len };
314 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len);
317 while (recvs++ < sends)
318 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1);
323 TEST_F(tls, sendmsg_multiple)
325 char const *test_str = "test_sendmsg_multiple";
335 memset(&msg, 0, sizeof(struct msghdr));
336 for (i = 0; i < iov_len; i++) {
337 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
338 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
339 vec[i].iov_base = (void *)test_strs[i];
340 vec[i].iov_len = strlen(test_strs[i]) + 1;
341 total_len += vec[i].iov_len;
344 msg.msg_iovlen = iov_len;
346 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len);
347 buf = malloc(total_len);
348 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1);
349 for (i = 0; i < iov_len; i++) {
350 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
351 strlen(test_strs[i])),
353 len_cmp += strlen(buf + len_cmp) + 1;
355 for (i = 0; i < iov_len; i++)
360 TEST_F(tls, sendmsg_multiple_stress)
362 char const *test_str = "abcdefghijklmno";
363 struct iovec vec[1024];
364 char *test_strs[1024];
372 memset(&msg, 0, sizeof(struct msghdr));
373 for (i = 0; i < iov_len; i++) {
374 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
375 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
376 vec[i].iov_base = (void *)test_strs[i];
377 vec[i].iov_len = strlen(test_strs[i]) + 1;
378 total_len += vec[i].iov_len;
381 msg.msg_iovlen = iov_len;
383 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
384 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
386 for (i = 0; i < iov_len; i++)
387 len_cmp += strlen(buf + len_cmp) + 1;
389 for (i = 0; i < iov_len; i++)
393 TEST_F(tls, splice_from_pipe)
395 int send_len = TLS_PAYLOAD_MAX_LEN;
396 char mem_send[TLS_PAYLOAD_MAX_LEN];
397 char mem_recv[TLS_PAYLOAD_MAX_LEN];
400 ASSERT_GE(pipe(p), 0);
401 EXPECT_GE(write(p[1], mem_send, send_len), 0);
402 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
403 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
404 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
407 TEST_F(tls, splice_from_pipe2)
409 int send_len = 16000;
410 char mem_send[16000];
411 char mem_recv[16000];
415 ASSERT_GE(pipe(p), 0);
416 ASSERT_GE(pipe(p2), 0);
417 EXPECT_GE(write(p[1], mem_send, 8000), 0);
418 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
419 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
420 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
421 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
422 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
425 TEST_F(tls, send_and_splice)
427 int send_len = TLS_PAYLOAD_MAX_LEN;
428 char mem_send[TLS_PAYLOAD_MAX_LEN];
429 char mem_recv[TLS_PAYLOAD_MAX_LEN];
430 char const *test_str = "test_read";
435 ASSERT_GE(pipe(p), 0);
436 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
437 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
438 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
440 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
441 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
443 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
444 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
447 TEST_F(tls, splice_to_pipe)
449 int send_len = TLS_PAYLOAD_MAX_LEN;
450 char mem_send[TLS_PAYLOAD_MAX_LEN];
451 char mem_recv[TLS_PAYLOAD_MAX_LEN];
454 ASSERT_GE(pipe(p), 0);
455 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
456 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
457 EXPECT_GE(read(p[0], mem_recv, send_len), 0);
458 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
461 TEST_F(tls, recvmsg_single)
463 char const *test_str = "test_recvmsg_single";
464 int send_len = strlen(test_str) + 1;
469 memset(&hdr, 0, sizeof(hdr));
470 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
471 vec.iov_base = (char *)buf;
472 vec.iov_len = send_len;
475 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
476 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
479 TEST_F(tls, recvmsg_single_max)
481 int send_len = TLS_PAYLOAD_MAX_LEN;
482 char send_mem[TLS_PAYLOAD_MAX_LEN];
483 char recv_mem[TLS_PAYLOAD_MAX_LEN];
487 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
488 vec.iov_base = (char *)recv_mem;
489 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
493 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
494 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
497 TEST_F(tls, recvmsg_multiple)
499 unsigned int msg_iovlen = 1024;
500 unsigned int len_compared = 0;
501 struct iovec vec[1024];
502 char *iov_base[1024];
503 unsigned int iov_len = 16;
504 int send_len = 1 << 14;
509 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
510 for (i = 0; i < msg_iovlen; i++) {
511 iov_base[i] = (char *)malloc(iov_len);
512 vec[i].iov_base = iov_base[i];
513 vec[i].iov_len = iov_len;
516 hdr.msg_iovlen = msg_iovlen;
518 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
519 for (i = 0; i < msg_iovlen; i++)
520 len_compared += iov_len;
522 for (i = 0; i < msg_iovlen; i++)
526 TEST_F(tls, single_send_multiple_recv)
528 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
529 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
530 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
531 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
533 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
534 memset(recv_mem, 0, total_len);
536 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
537 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
538 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
541 TEST_F(tls, multiple_send_single_recv)
543 unsigned int total_len = 2 * 10;
544 unsigned int send_len = 10;
545 char recv_mem[2 * 10];
548 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
549 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
550 memset(recv_mem, 0, total_len);
551 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
553 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
554 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
557 TEST_F(tls, single_send_multiple_recv_non_align)
559 const unsigned int total_len = 15;
560 const unsigned int recv_len = 10;
561 char recv_mem[recv_len * 2];
562 char send_mem[total_len];
564 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
565 memset(recv_mem, 0, total_len);
567 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
568 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
569 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
572 TEST_F(tls, recv_partial)
574 char const *test_str = "test_read_partial";
575 char const *test_str_first = "test_read";
576 char const *test_str_second = "_partial";
577 int send_len = strlen(test_str) + 1;
580 memset(recv_mem, 0, sizeof(recv_mem));
581 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
582 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
584 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
585 memset(recv_mem, 0, sizeof(recv_mem));
586 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
588 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
592 TEST_F(tls, recv_nonblock)
597 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
598 err = (errno == EAGAIN || errno == EWOULDBLOCK);
599 EXPECT_EQ(err, true);
602 TEST_F(tls, recv_peek)
604 char const *test_str = "test_read_peek";
605 int send_len = strlen(test_str) + 1;
608 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
609 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
610 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
611 memset(buf, 0, sizeof(buf));
612 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
613 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
616 TEST_F(tls, recv_peek_multiple)
618 char const *test_str = "test_read_peek";
619 int send_len = strlen(test_str) + 1;
620 unsigned int num_peeks = 100;
624 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
625 for (i = 0; i < num_peeks; i++) {
626 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
627 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
628 memset(buf, 0, sizeof(buf));
630 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
631 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
634 TEST_F(tls, recv_peek_multiple_records)
636 char const *test_str = "test_read_peek_mult_recs";
637 char const *test_str_first = "test_read_peek";
638 char const *test_str_second = "_mult_recs";
642 len = strlen(test_str_first);
643 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
645 len = strlen(test_str_second) + 1;
646 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
648 len = strlen(test_str_first);
650 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
652 /* MSG_PEEK can only peek into the current record. */
653 len = strlen(test_str_first);
654 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
656 len = strlen(test_str) + 1;
658 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
660 /* Non-MSG_PEEK will advance strparser (and therefore record)
663 len = strlen(test_str) + 1;
664 EXPECT_EQ(memcmp(test_str, buf, len), 0);
666 /* MSG_MORE will hold current record open, so later MSG_PEEK
667 * will see everything.
669 len = strlen(test_str_first);
670 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
672 len = strlen(test_str_second) + 1;
673 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
675 len = strlen(test_str) + 1;
677 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
679 len = strlen(test_str) + 1;
680 EXPECT_EQ(memcmp(test_str, buf, len), 0);
683 TEST_F(tls, recv_peek_large_buf_mult_recs)
685 char const *test_str = "test_read_peek_mult_recs";
686 char const *test_str_first = "test_read_peek";
687 char const *test_str_second = "_mult_recs";
691 len = strlen(test_str_first);
692 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
694 len = strlen(test_str_second) + 1;
695 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
697 len = strlen(test_str) + 1;
699 EXPECT_NE((len = recv(self->cfd, buf, len,
700 MSG_PEEK | MSG_WAITALL)), -1);
701 len = strlen(test_str) + 1;
702 EXPECT_EQ(memcmp(test_str, buf, len), 0);
705 TEST_F(tls, recv_lowat)
707 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
711 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
712 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
714 memset(recv_mem, 0, 20);
715 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
716 &lowat, sizeof(lowat)), 0);
717 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
718 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
719 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
721 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
722 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
725 TEST_F(tls, recv_rcvbuf)
731 memset(send_mem, 0x1c, sizeof(send_mem));
733 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVBUF,
734 &rcv_buf, sizeof(rcv_buf)), 0);
736 EXPECT_EQ(send(self->fd, send_mem, 512, 0), 512);
737 memset(recv_mem, 0, sizeof(recv_mem));
738 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), 512);
739 EXPECT_EQ(memcmp(send_mem, recv_mem, 512), 0);
744 EXPECT_EQ(send(self->fd, send_mem, 4096, 0), 4096);
745 memset(recv_mem, 0, sizeof(recv_mem));
746 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), -1);
747 EXPECT_EQ(errno, EMSGSIZE);
749 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0), -1);
750 EXPECT_EQ(errno, EMSGSIZE);
755 char const *test_str = "test_read";
761 struct tls12_crypto_info_aes_gcm_128 tls12;
763 memset(&tls12, 0, sizeof(tls12));
764 tls12.info.version = TLS_1_3_VERSION;
765 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
767 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
771 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
776 ASSERT_EQ(strlen(test_str) + 1, send_len);
778 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
779 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
780 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
782 memset(buf, 0, sizeof(buf));
784 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
785 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
786 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
791 char const *test_str = "test_poll";
792 struct pollfd fd = { 0, 0, 0 };
796 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
800 EXPECT_EQ(poll(&fd, 1, 20), 1);
801 EXPECT_EQ(fd.revents & POLLIN, 1);
802 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
803 /* Test timing out */
804 EXPECT_EQ(poll(&fd, 1, 20), 0);
807 TEST_F(tls, poll_wait)
809 char const *test_str = "test_poll_wait";
810 int send_len = strlen(test_str) + 1;
811 struct pollfd fd = { 0, 0, 0 };
816 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
817 /* Set timeout to inf. secs */
818 EXPECT_EQ(poll(&fd, 1, -1), 1);
819 EXPECT_EQ(fd.revents & POLLIN, 1);
820 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
823 TEST_F(tls, poll_wait_split)
825 struct pollfd fd = { 0, 0, 0 };
826 char send_mem[20] = {};
832 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
834 /* Poll with inf. timeout */
835 EXPECT_EQ(poll(&fd, 1, -1), 1);
836 EXPECT_EQ(fd.revents & POLLIN, 1);
837 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
840 /* Now the remaining 5 bytes of record data are in TLS ULP */
843 EXPECT_EQ(poll(&fd, 1, -1), 1);
844 EXPECT_EQ(fd.revents & POLLIN, 1);
845 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
846 sizeof(send_mem) - sizeof(recv_mem));
849 TEST_F(tls, blocking)
851 size_t data = 100000;
864 int res = send(self->fd, buf,
865 left > 16384 ? 16384 : left, 0);
871 pid2 = wait(&status);
872 EXPECT_EQ(status, 0);
873 EXPECT_EQ(res, pid2);
880 int res = recv(self->cfd, buf,
881 left > 16384 ? 16384 : left, 0);
889 TEST_F(tls, nonblocking)
891 size_t data = 100000;
896 flags = fcntl(self->fd, F_GETFL, 0);
897 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
898 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
900 /* Ensure nonblocking behavior by imposing a small send
903 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
904 &sendbuf, sizeof(sendbuf)), 0);
918 int res = send(self->fd, buf,
919 left > 16384 ? 16384 : left, 0);
921 if (res == -1 && errno == EAGAIN) {
931 pid2 = wait(&status);
933 EXPECT_EQ(status, 0);
934 EXPECT_EQ(res, pid2);
942 int res = recv(self->cfd, buf,
943 left > 16384 ? 16384 : left, 0);
945 if (res == -1 && errno == EAGAIN) {
958 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self,
959 bool sendpg, unsigned int n_readers, unsigned int n_writers)
961 const unsigned int n_children = n_readers + n_writers;
962 const size_t data = 6 * 1000 * 1000;
963 const size_t file_sz = data / 100;
964 size_t read_bias, write_bias;
969 /* Only allow multiples for simplicity */
970 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true);
971 read_bias = n_writers / n_readers ?: 1;
972 write_bias = n_readers / n_writers ?: 1;
974 /* prep a file to send */
975 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600);
978 memset(buf, 0xac, file_sz);
979 ASSERT_EQ(write(fd, buf, file_sz), file_sz);
982 for (child_id = 0; child_id < n_children; child_id++) {
989 /* parent waits for all children */
991 for (i = 0; i < n_children; i++) {
995 EXPECT_EQ(status, 0);
1001 /* Split threads for reading and writing */
1002 if (child_id < n_readers) {
1003 size_t left = data * read_bias;
1009 res = recv(self->cfd, rb,
1010 left > sizeof(rb) ? sizeof(rb) : left, 0);
1016 size_t left = data * write_bias;
1021 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0);
1023 res = sendfile(self->fd, fd, NULL,
1024 left > file_sz ? file_sz : left);
1026 res = send(self->fd, buf,
1027 left > file_sz ? file_sz : left, 0);
1035 TEST_F(tls, mutliproc_even)
1037 test_mutliproc(_metadata, self, false, 6, 6);
1040 TEST_F(tls, mutliproc_readers)
1042 test_mutliproc(_metadata, self, false, 4, 12);
1045 TEST_F(tls, mutliproc_writers)
1047 test_mutliproc(_metadata, self, false, 10, 2);
1050 TEST_F(tls, mutliproc_sendpage_even)
1052 test_mutliproc(_metadata, self, true, 6, 6);
1055 TEST_F(tls, mutliproc_sendpage_readers)
1057 test_mutliproc(_metadata, self, true, 4, 12);
1060 TEST_F(tls, mutliproc_sendpage_writers)
1062 test_mutliproc(_metadata, self, true, 10, 2);
1065 TEST_F(tls, control_msg)
1070 char cbuf[CMSG_SPACE(sizeof(char))];
1071 char const *test_str = "test_read";
1072 int cmsg_len = sizeof(char);
1073 char record_type = 100;
1074 struct cmsghdr *cmsg;
1080 vec.iov_base = (char *)test_str;
1082 memset(&msg, 0, sizeof(struct msghdr));
1085 msg.msg_control = cbuf;
1086 msg.msg_controllen = sizeof(cbuf);
1087 cmsg = CMSG_FIRSTHDR(&msg);
1088 cmsg->cmsg_level = SOL_TLS;
1089 /* test sending non-record types. */
1090 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
1091 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
1092 *CMSG_DATA(cmsg) = record_type;
1093 msg.msg_controllen = cmsg->cmsg_len;
1095 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
1096 /* Should fail because we didn't provide a control message */
1097 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
1100 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
1102 cmsg = CMSG_FIRSTHDR(&msg);
1103 EXPECT_NE(cmsg, NULL);
1104 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1105 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1106 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1107 EXPECT_EQ(record_type, 100);
1108 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1110 /* Recv the message again without MSG_PEEK */
1112 memset(buf, 0, sizeof(buf));
1114 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
1115 cmsg = CMSG_FIRSTHDR(&msg);
1116 EXPECT_NE(cmsg, NULL);
1117 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
1118 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
1119 record_type = *((unsigned char *)CMSG_DATA(cmsg));
1120 EXPECT_EQ(record_type, 100);
1121 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1124 TEST_F(tls, shutdown)
1126 char const *test_str = "test_read";
1130 ASSERT_EQ(strlen(test_str) + 1, send_len);
1132 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1133 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1134 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1136 shutdown(self->fd, SHUT_RDWR);
1137 shutdown(self->cfd, SHUT_RDWR);
1140 TEST_F(tls, shutdown_unsent)
1142 char const *test_str = "test_read";
1145 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
1147 shutdown(self->fd, SHUT_RDWR);
1148 shutdown(self->cfd, SHUT_RDWR);
1151 TEST_F(tls, shutdown_reuse)
1153 struct sockaddr_in addr;
1156 shutdown(self->fd, SHUT_RDWR);
1157 shutdown(self->cfd, SHUT_RDWR);
1160 addr.sin_family = AF_INET;
1161 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1164 ret = bind(self->fd, &addr, sizeof(addr));
1166 ret = listen(self->fd, 10);
1168 EXPECT_EQ(errno, EINVAL);
1170 ret = connect(self->fd, &addr, sizeof(addr));
1172 EXPECT_EQ(errno, EISCONN);
1175 TEST(non_established) {
1176 struct tls12_crypto_info_aes_gcm_256 tls12;
1177 struct sockaddr_in addr;
1183 memset(&tls12, 0, sizeof(tls12));
1184 tls12.info.version = TLS_1_2_VERSION;
1185 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1187 addr.sin_family = AF_INET;
1188 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1191 fd = socket(AF_INET, SOCK_STREAM, 0);
1192 sfd = socket(AF_INET, SOCK_STREAM, 0);
1194 ret = bind(sfd, &addr, sizeof(addr));
1196 ret = listen(sfd, 10);
1199 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1201 /* TLS ULP not supported */
1202 if (errno == ENOENT)
1204 EXPECT_EQ(errno, ENOTCONN);
1206 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1208 EXPECT_EQ(errno, ENOTCONN);
1210 ret = getsockname(sfd, &addr, &len);
1213 ret = connect(fd, &addr, sizeof(addr));
1216 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1219 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1221 EXPECT_EQ(errno, EEXIST);
1228 struct tls12_crypto_info_aes_gcm_256 tls12;
1229 struct sockaddr_in addr;
1230 int sfd, ret, fd, cfd;
1237 memset(&tls12, 0, sizeof(tls12));
1238 tls12.info.version = TLS_1_2_VERSION;
1239 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1241 addr.sin_family = AF_INET;
1242 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1245 fd = socket(AF_INET, SOCK_STREAM, 0);
1246 sfd = socket(AF_INET, SOCK_STREAM, 0);
1248 ret = bind(sfd, &addr, sizeof(addr));
1250 ret = listen(sfd, 10);
1253 ret = getsockname(sfd, &addr, &len);
1256 ret = connect(fd, &addr, sizeof(addr));
1259 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1262 printf("Failure setting TCP_ULP, testing without tls\n");
1266 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1271 cfd = accept(sfd, &addr, &len);
1275 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1279 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1293 struct tls12_crypto_info_aes_gcm_128 tls12;
1294 struct sockaddr_in addr;
1301 memset(&tls12, 0, sizeof(tls12));
1302 tls12.info.version = TLS_1_2_VERSION;
1303 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
1305 addr.sin_family = AF_INET;
1306 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1309 fd = socket(AF_INET, SOCK_STREAM, 0);
1310 sfd = socket(AF_INET, SOCK_STREAM, 0);
1312 ret = bind(sfd, &addr, sizeof(addr));
1314 ret = listen(sfd, 10);
1317 ret = getsockname(sfd, &addr, &len);
1320 ret = connect(fd, &addr, sizeof(addr));
1323 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1326 printf("Failure setting TCP_ULP, testing without tls\n");
1330 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1335 cfd = accept(sfd, &addr, &len);
1339 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1343 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1350 char const *test_str = "test_read";
1354 send_len = strlen(test_str) + 1;
1355 EXPECT_EQ(send(fd, test_str, send_len, 0), send_len);
1356 EXPECT_NE(recv(cfd, buf, send_len, 0), -1);
1357 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);