1 // SPDX-License-Identifier: GPL-2.0
14 #include <linux/tls.h>
15 #include <linux/tcp.h>
16 #include <linux/socket.h>
18 #include <sys/types.h>
19 #include <sys/sendfile.h>
20 #include <sys/socket.h>
23 #include "../kselftest_harness.h"
25 #define TLS_PAYLOAD_MAX_LEN 16384
38 FIXTURE_SETUP(tls_basic)
40 struct sockaddr_in addr;
47 addr.sin_family = AF_INET;
48 addr.sin_addr.s_addr = htonl(INADDR_ANY);
51 self->fd = socket(AF_INET, SOCK_STREAM, 0);
52 sfd = socket(AF_INET, SOCK_STREAM, 0);
54 ret = bind(sfd, &addr, sizeof(addr));
56 ret = listen(sfd, 10);
59 ret = getsockname(sfd, &addr, &len);
62 ret = connect(self->fd, &addr, sizeof(addr));
65 self->cfd = accept(sfd, &addr, &len);
66 ASSERT_GE(self->cfd, 0);
70 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
72 ASSERT_EQ(errno, ENOTSUPP);
74 printf("Failure setting TCP_ULP, testing without tls\n");
78 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
82 FIXTURE_TEARDOWN(tls_basic)
88 /* Send some data through with ULP but no keys */
89 TEST_F(tls_basic, base_base)
91 char const *test_str = "test_read";
95 ASSERT_EQ(strlen(test_str) + 1, send_len);
97 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
98 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
99 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
110 struct tls12_crypto_info_aes_gcm_128 tls12;
111 struct sockaddr_in addr;
118 memset(&tls12, 0, sizeof(tls12));
119 tls12.info.version = TLS_1_3_VERSION;
120 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
122 addr.sin_family = AF_INET;
123 addr.sin_addr.s_addr = htonl(INADDR_ANY);
126 self->fd = socket(AF_INET, SOCK_STREAM, 0);
127 sfd = socket(AF_INET, SOCK_STREAM, 0);
129 ret = bind(sfd, &addr, sizeof(addr));
131 ret = listen(sfd, 10);
134 ret = getsockname(sfd, &addr, &len);
137 ret = connect(self->fd, &addr, sizeof(addr));
140 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
143 printf("Failure setting TCP_ULP, testing without tls\n");
147 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
152 self->cfd = accept(sfd, &addr, &len);
153 ASSERT_GE(self->cfd, 0);
156 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
160 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
168 FIXTURE_TEARDOWN(tls)
174 TEST_F(tls, sendfile)
176 int filefd = open("/proc/self/exe", O_RDONLY);
179 EXPECT_GE(filefd, 0);
181 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
184 TEST_F(tls, send_then_sendfile)
186 int filefd = open("/proc/self/exe", O_RDONLY);
187 char const *test_str = "test_send";
188 int to_send = strlen(test_str) + 1;
193 EXPECT_GE(filefd, 0);
195 buf = (char *)malloc(st.st_size);
197 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
198 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
199 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
201 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
202 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
205 TEST_F(tls, recv_max)
207 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
208 char recv_mem[TLS_PAYLOAD_MAX_LEN];
209 char buf[TLS_PAYLOAD_MAX_LEN];
211 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
212 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
213 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
216 TEST_F(tls, recv_small)
218 char const *test_str = "test_read";
222 send_len = strlen(test_str) + 1;
223 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
224 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
225 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
228 TEST_F(tls, msg_more)
230 char const *test_str = "test_read";
234 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
235 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
236 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
237 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
239 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
242 TEST_F(tls, sendmsg_single)
246 char const *test_str = "test_sendmsg";
247 size_t send_len = 13;
251 vec.iov_base = (char *)test_str;
252 vec.iov_len = send_len;
253 memset(&msg, 0, sizeof(struct msghdr));
256 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
257 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
258 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
261 TEST_F(tls, sendmsg_large)
263 void *mem = malloc(16384);
264 size_t send_len = 16384;
270 memset(&msg, 0, sizeof(struct msghdr));
271 while (sent++ < sends) {
272 struct iovec vec = { (void *)mem, send_len };
276 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len);
279 while (recvs++ < sends)
280 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1);
285 TEST_F(tls, sendmsg_multiple)
287 char const *test_str = "test_sendmsg_multiple";
297 memset(&msg, 0, sizeof(struct msghdr));
298 for (i = 0; i < iov_len; i++) {
299 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
300 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
301 vec[i].iov_base = (void *)test_strs[i];
302 vec[i].iov_len = strlen(test_strs[i]) + 1;
303 total_len += vec[i].iov_len;
306 msg.msg_iovlen = iov_len;
308 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len);
309 buf = malloc(total_len);
310 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1);
311 for (i = 0; i < iov_len; i++) {
312 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
313 strlen(test_strs[i])),
315 len_cmp += strlen(buf + len_cmp) + 1;
317 for (i = 0; i < iov_len; i++)
322 TEST_F(tls, sendmsg_multiple_stress)
324 char const *test_str = "abcdefghijklmno";
325 struct iovec vec[1024];
326 char *test_strs[1024];
334 memset(&msg, 0, sizeof(struct msghdr));
335 for (i = 0; i < iov_len; i++) {
336 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
337 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
338 vec[i].iov_base = (void *)test_strs[i];
339 vec[i].iov_len = strlen(test_strs[i]) + 1;
340 total_len += vec[i].iov_len;
343 msg.msg_iovlen = iov_len;
345 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
346 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
348 for (i = 0; i < iov_len; i++)
349 len_cmp += strlen(buf + len_cmp) + 1;
351 for (i = 0; i < iov_len; i++)
355 TEST_F(tls, splice_from_pipe)
357 int send_len = TLS_PAYLOAD_MAX_LEN;
358 char mem_send[TLS_PAYLOAD_MAX_LEN];
359 char mem_recv[TLS_PAYLOAD_MAX_LEN];
362 ASSERT_GE(pipe(p), 0);
363 EXPECT_GE(write(p[1], mem_send, send_len), 0);
364 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
365 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
366 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
369 TEST_F(tls, splice_from_pipe2)
371 int send_len = 16000;
372 char mem_send[16000];
373 char mem_recv[16000];
377 ASSERT_GE(pipe(p), 0);
378 ASSERT_GE(pipe(p2), 0);
379 EXPECT_GE(write(p[1], mem_send, 8000), 0);
380 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
381 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
382 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
383 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
384 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
387 TEST_F(tls, send_and_splice)
389 int send_len = TLS_PAYLOAD_MAX_LEN;
390 char mem_send[TLS_PAYLOAD_MAX_LEN];
391 char mem_recv[TLS_PAYLOAD_MAX_LEN];
392 char const *test_str = "test_read";
397 ASSERT_GE(pipe(p), 0);
398 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
399 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
400 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
402 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
403 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
405 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
406 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
409 TEST_F(tls, splice_to_pipe)
411 int send_len = TLS_PAYLOAD_MAX_LEN;
412 char mem_send[TLS_PAYLOAD_MAX_LEN];
413 char mem_recv[TLS_PAYLOAD_MAX_LEN];
416 ASSERT_GE(pipe(p), 0);
417 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
418 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
419 EXPECT_GE(read(p[0], mem_recv, send_len), 0);
420 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
423 TEST_F(tls, recvmsg_single)
425 char const *test_str = "test_recvmsg_single";
426 int send_len = strlen(test_str) + 1;
431 memset(&hdr, 0, sizeof(hdr));
432 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
433 vec.iov_base = (char *)buf;
434 vec.iov_len = send_len;
437 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
438 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
441 TEST_F(tls, recvmsg_single_max)
443 int send_len = TLS_PAYLOAD_MAX_LEN;
444 char send_mem[TLS_PAYLOAD_MAX_LEN];
445 char recv_mem[TLS_PAYLOAD_MAX_LEN];
449 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
450 vec.iov_base = (char *)recv_mem;
451 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
455 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
456 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
459 TEST_F(tls, recvmsg_multiple)
461 unsigned int msg_iovlen = 1024;
462 unsigned int len_compared = 0;
463 struct iovec vec[1024];
464 char *iov_base[1024];
465 unsigned int iov_len = 16;
466 int send_len = 1 << 14;
471 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
472 for (i = 0; i < msg_iovlen; i++) {
473 iov_base[i] = (char *)malloc(iov_len);
474 vec[i].iov_base = iov_base[i];
475 vec[i].iov_len = iov_len;
478 hdr.msg_iovlen = msg_iovlen;
480 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
481 for (i = 0; i < msg_iovlen; i++)
482 len_compared += iov_len;
484 for (i = 0; i < msg_iovlen; i++)
488 TEST_F(tls, single_send_multiple_recv)
490 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
491 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
492 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
493 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
495 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
496 memset(recv_mem, 0, total_len);
498 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
499 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
500 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
503 TEST_F(tls, multiple_send_single_recv)
505 unsigned int total_len = 2 * 10;
506 unsigned int send_len = 10;
507 char recv_mem[2 * 10];
510 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
511 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
512 memset(recv_mem, 0, total_len);
513 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
515 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
516 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
519 TEST_F(tls, single_send_multiple_recv_non_align)
521 const unsigned int total_len = 15;
522 const unsigned int recv_len = 10;
523 char recv_mem[recv_len * 2];
524 char send_mem[total_len];
526 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
527 memset(recv_mem, 0, total_len);
529 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
530 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
531 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
534 TEST_F(tls, recv_partial)
536 char const *test_str = "test_read_partial";
537 char const *test_str_first = "test_read";
538 char const *test_str_second = "_partial";
539 int send_len = strlen(test_str) + 1;
542 memset(recv_mem, 0, sizeof(recv_mem));
543 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
544 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
546 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
547 memset(recv_mem, 0, sizeof(recv_mem));
548 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
550 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
554 TEST_F(tls, recv_nonblock)
559 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
560 err = (errno == EAGAIN || errno == EWOULDBLOCK);
561 EXPECT_EQ(err, true);
564 TEST_F(tls, recv_peek)
566 char const *test_str = "test_read_peek";
567 int send_len = strlen(test_str) + 1;
570 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
571 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
572 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
573 memset(buf, 0, sizeof(buf));
574 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
575 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
578 TEST_F(tls, recv_peek_multiple)
580 char const *test_str = "test_read_peek";
581 int send_len = strlen(test_str) + 1;
582 unsigned int num_peeks = 100;
586 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
587 for (i = 0; i < num_peeks; i++) {
588 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
589 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
590 memset(buf, 0, sizeof(buf));
592 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
593 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
596 TEST_F(tls, recv_peek_multiple_records)
598 char const *test_str = "test_read_peek_mult_recs";
599 char const *test_str_first = "test_read_peek";
600 char const *test_str_second = "_mult_recs";
604 len = strlen(test_str_first);
605 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
607 len = strlen(test_str_second) + 1;
608 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
610 len = strlen(test_str_first);
612 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
614 /* MSG_PEEK can only peek into the current record. */
615 len = strlen(test_str_first);
616 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
618 len = strlen(test_str) + 1;
620 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
622 /* Non-MSG_PEEK will advance strparser (and therefore record)
625 len = strlen(test_str) + 1;
626 EXPECT_EQ(memcmp(test_str, buf, len), 0);
628 /* MSG_MORE will hold current record open, so later MSG_PEEK
629 * will see everything.
631 len = strlen(test_str_first);
632 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
634 len = strlen(test_str_second) + 1;
635 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
637 len = strlen(test_str) + 1;
639 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
641 len = strlen(test_str) + 1;
642 EXPECT_EQ(memcmp(test_str, buf, len), 0);
645 TEST_F(tls, recv_peek_large_buf_mult_recs)
647 char const *test_str = "test_read_peek_mult_recs";
648 char const *test_str_first = "test_read_peek";
649 char const *test_str_second = "_mult_recs";
653 len = strlen(test_str_first);
654 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
656 len = strlen(test_str_second) + 1;
657 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
659 len = strlen(test_str) + 1;
661 EXPECT_NE((len = recv(self->cfd, buf, len,
662 MSG_PEEK | MSG_WAITALL)), -1);
663 len = strlen(test_str) + 1;
664 EXPECT_EQ(memcmp(test_str, buf, len), 0);
667 TEST_F(tls, recv_lowat)
669 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
673 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
674 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
676 memset(recv_mem, 0, 20);
677 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
678 &lowat, sizeof(lowat)), 0);
679 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
680 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
681 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
683 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
684 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
689 struct tls12_crypto_info_aes_gcm_128 tls12;
690 char const *test_str = "test_read";
695 memset(&tls12, 0, sizeof(tls12));
696 tls12.info.version = TLS_1_3_VERSION;
697 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
699 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, sizeof(tls12));
702 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12, sizeof(tls12));
705 ASSERT_EQ(strlen(test_str) + 1, send_len);
707 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
708 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
709 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
711 memset(buf, 0, sizeof(buf));
713 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
714 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
715 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
720 char const *test_str = "test_poll";
721 struct pollfd fd = { 0, 0, 0 };
725 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
729 EXPECT_EQ(poll(&fd, 1, 20), 1);
730 EXPECT_EQ(fd.revents & POLLIN, 1);
731 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
732 /* Test timing out */
733 EXPECT_EQ(poll(&fd, 1, 20), 0);
736 TEST_F(tls, poll_wait)
738 char const *test_str = "test_poll_wait";
739 int send_len = strlen(test_str) + 1;
740 struct pollfd fd = { 0, 0, 0 };
745 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
746 /* Set timeout to inf. secs */
747 EXPECT_EQ(poll(&fd, 1, -1), 1);
748 EXPECT_EQ(fd.revents & POLLIN, 1);
749 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
752 TEST_F(tls, poll_wait_split)
754 struct pollfd fd = { 0, 0, 0 };
755 char send_mem[20] = {};
761 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
763 /* Poll with inf. timeout */
764 EXPECT_EQ(poll(&fd, 1, -1), 1);
765 EXPECT_EQ(fd.revents & POLLIN, 1);
766 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
769 /* Now the remaining 5 bytes of record data are in TLS ULP */
772 EXPECT_EQ(poll(&fd, 1, -1), 1);
773 EXPECT_EQ(fd.revents & POLLIN, 1);
774 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
775 sizeof(send_mem) - sizeof(recv_mem));
778 TEST_F(tls, blocking)
780 size_t data = 100000;
793 int res = send(self->fd, buf,
794 left > 16384 ? 16384 : left, 0);
800 pid2 = wait(&status);
801 EXPECT_EQ(status, 0);
802 EXPECT_EQ(res, pid2);
809 int res = recv(self->cfd, buf,
810 left > 16384 ? 16384 : left, 0);
818 TEST_F(tls, nonblocking)
820 size_t data = 100000;
825 flags = fcntl(self->fd, F_GETFL, 0);
826 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
827 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
829 /* Ensure nonblocking behavior by imposing a small send
832 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
833 &sendbuf, sizeof(sendbuf)), 0);
847 int res = send(self->fd, buf,
848 left > 16384 ? 16384 : left, 0);
850 if (res == -1 && errno == EAGAIN) {
860 pid2 = wait(&status);
862 EXPECT_EQ(status, 0);
863 EXPECT_EQ(res, pid2);
871 int res = recv(self->cfd, buf,
872 left > 16384 ? 16384 : left, 0);
874 if (res == -1 && errno == EAGAIN) {
886 TEST_F(tls, control_msg)
891 char cbuf[CMSG_SPACE(sizeof(char))];
892 char const *test_str = "test_read";
893 int cmsg_len = sizeof(char);
894 char record_type = 100;
895 struct cmsghdr *cmsg;
901 vec.iov_base = (char *)test_str;
903 memset(&msg, 0, sizeof(struct msghdr));
906 msg.msg_control = cbuf;
907 msg.msg_controllen = sizeof(cbuf);
908 cmsg = CMSG_FIRSTHDR(&msg);
909 cmsg->cmsg_level = SOL_TLS;
910 /* test sending non-record types. */
911 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
912 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
913 *CMSG_DATA(cmsg) = record_type;
914 msg.msg_controllen = cmsg->cmsg_len;
916 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
917 /* Should fail because we didn't provide a control message */
918 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
921 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
923 cmsg = CMSG_FIRSTHDR(&msg);
924 EXPECT_NE(cmsg, NULL);
925 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
926 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
927 record_type = *((unsigned char *)CMSG_DATA(cmsg));
928 EXPECT_EQ(record_type, 100);
929 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
931 /* Recv the message again without MSG_PEEK */
933 memset(buf, 0, sizeof(buf));
935 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
936 cmsg = CMSG_FIRSTHDR(&msg);
937 EXPECT_NE(cmsg, NULL);
938 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
939 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
940 record_type = *((unsigned char *)CMSG_DATA(cmsg));
941 EXPECT_EQ(record_type, 100);
942 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
945 TEST(non_established) {
946 struct tls12_crypto_info_aes_gcm_256 tls12;
947 struct sockaddr_in addr;
953 memset(&tls12, 0, sizeof(tls12));
954 tls12.info.version = TLS_1_2_VERSION;
955 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
957 addr.sin_family = AF_INET;
958 addr.sin_addr.s_addr = htonl(INADDR_ANY);
961 fd = socket(AF_INET, SOCK_STREAM, 0);
962 sfd = socket(AF_INET, SOCK_STREAM, 0);
964 ret = bind(sfd, &addr, sizeof(addr));
966 ret = listen(sfd, 10);
969 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
971 /* TLS ULP not supported */
974 EXPECT_EQ(errno, ENOTSUPP);
976 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
978 EXPECT_EQ(errno, ENOTSUPP);
980 ret = getsockname(sfd, &addr, &len);
983 ret = connect(fd, &addr, sizeof(addr));
986 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
989 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
991 EXPECT_EQ(errno, EEXIST);
998 struct tls12_crypto_info_aes_gcm_256 tls12;
999 struct sockaddr_in addr;
1000 int sfd, ret, fd, cfd;
1007 memset(&tls12, 0, sizeof(tls12));
1008 tls12.info.version = TLS_1_2_VERSION;
1009 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1011 addr.sin_family = AF_INET;
1012 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1015 fd = socket(AF_INET, SOCK_STREAM, 0);
1016 sfd = socket(AF_INET, SOCK_STREAM, 0);
1018 ret = bind(sfd, &addr, sizeof(addr));
1020 ret = listen(sfd, 10);
1023 ret = getsockname(sfd, &addr, &len);
1026 ret = connect(fd, &addr, sizeof(addr));
1029 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1032 printf("Failure setting TCP_ULP, testing without tls\n");
1036 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1041 cfd = accept(sfd, &addr, &len);
1045 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1049 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1063 struct tls12_crypto_info_aes_gcm_128 tls12;
1064 struct sockaddr_in addr;
1071 memset(&tls12, 0, sizeof(tls12));
1072 tls12.info.version = TLS_1_2_VERSION;
1073 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
1075 addr.sin_family = AF_INET;
1076 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1079 fd = socket(AF_INET, SOCK_STREAM, 0);
1080 sfd = socket(AF_INET, SOCK_STREAM, 0);
1082 ret = bind(sfd, &addr, sizeof(addr));
1084 ret = listen(sfd, 10);
1087 ret = getsockname(sfd, &addr, &len);
1090 ret = connect(fd, &addr, sizeof(addr));
1093 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1096 printf("Failure setting TCP_ULP, testing without tls\n");
1100 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1105 cfd = accept(sfd, &addr, &len);
1109 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1113 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1120 char const *test_str = "test_read";
1124 send_len = strlen(test_str) + 1;
1125 EXPECT_EQ(send(fd, test_str, send_len, 0), send_len);
1126 EXPECT_NE(recv(cfd, buf, send_len, 0), -1);
1127 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
projects / linux.git / blob