1 // SPDX-License-Identifier: GPL-2.0
14 #include <linux/tls.h>
15 #include <linux/tcp.h>
16 #include <linux/socket.h>
18 #include <sys/types.h>
19 #include <sys/sendfile.h>
20 #include <sys/socket.h>
23 #include "../kselftest_harness.h"
25 #define TLS_PAYLOAD_MAX_LEN 16384
38 FIXTURE_SETUP(tls_basic)
40 struct sockaddr_in addr;
47 addr.sin_family = AF_INET;
48 addr.sin_addr.s_addr = htonl(INADDR_ANY);
51 self->fd = socket(AF_INET, SOCK_STREAM, 0);
52 sfd = socket(AF_INET, SOCK_STREAM, 0);
54 ret = bind(sfd, &addr, sizeof(addr));
56 ret = listen(sfd, 10);
59 ret = getsockname(sfd, &addr, &len);
62 ret = connect(self->fd, &addr, sizeof(addr));
65 self->cfd = accept(sfd, &addr, &len);
66 ASSERT_GE(self->cfd, 0);
70 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
72 ASSERT_EQ(errno, ENOENT);
74 printf("Failure setting TCP_ULP, testing without tls\n");
78 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
82 FIXTURE_TEARDOWN(tls_basic)
88 /* Send some data through with ULP but no keys */
89 TEST_F(tls_basic, base_base)
91 char const *test_str = "test_read";
95 ASSERT_EQ(strlen(test_str) + 1, send_len);
97 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
98 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
99 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
110 struct tls12_crypto_info_aes_gcm_128 tls12;
111 struct sockaddr_in addr;
118 memset(&tls12, 0, sizeof(tls12));
119 tls12.info.version = TLS_1_3_VERSION;
120 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
122 addr.sin_family = AF_INET;
123 addr.sin_addr.s_addr = htonl(INADDR_ANY);
126 self->fd = socket(AF_INET, SOCK_STREAM, 0);
127 sfd = socket(AF_INET, SOCK_STREAM, 0);
129 ret = bind(sfd, &addr, sizeof(addr));
131 ret = listen(sfd, 10);
134 ret = getsockname(sfd, &addr, &len);
137 ret = connect(self->fd, &addr, sizeof(addr));
140 ret = setsockopt(self->fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
143 printf("Failure setting TCP_ULP, testing without tls\n");
147 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12,
152 self->cfd = accept(sfd, &addr, &len);
153 ASSERT_GE(self->cfd, 0);
156 ret = setsockopt(self->cfd, IPPROTO_TCP, TCP_ULP, "tls",
160 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12,
168 FIXTURE_TEARDOWN(tls)
174 TEST_F(tls, sendfile)
176 int filefd = open("/proc/self/exe", O_RDONLY);
179 EXPECT_GE(filefd, 0);
181 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
184 TEST_F(tls, send_then_sendfile)
186 int filefd = open("/proc/self/exe", O_RDONLY);
187 char const *test_str = "test_send";
188 int to_send = strlen(test_str) + 1;
193 EXPECT_GE(filefd, 0);
195 buf = (char *)malloc(st.st_size);
197 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
198 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
199 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
201 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
202 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
205 TEST_F(tls, recv_max)
207 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
208 char recv_mem[TLS_PAYLOAD_MAX_LEN];
209 char buf[TLS_PAYLOAD_MAX_LEN];
211 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
212 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
213 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
216 TEST_F(tls, recv_small)
218 char const *test_str = "test_read";
222 send_len = strlen(test_str) + 1;
223 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
224 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
225 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
228 TEST_F(tls, msg_more)
230 char const *test_str = "test_read";
234 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
235 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
236 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
237 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
239 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
242 TEST_F(tls, msg_more_unsent)
244 char const *test_str = "test_read";
248 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
249 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
252 TEST_F(tls, sendmsg_single)
256 char const *test_str = "test_sendmsg";
257 size_t send_len = 13;
261 vec.iov_base = (char *)test_str;
262 vec.iov_len = send_len;
263 memset(&msg, 0, sizeof(struct msghdr));
266 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
267 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
268 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
271 TEST_F(tls, sendmsg_large)
273 void *mem = malloc(16384);
274 size_t send_len = 16384;
280 memset(&msg, 0, sizeof(struct msghdr));
281 while (sent++ < sends) {
282 struct iovec vec = { (void *)mem, send_len };
286 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len);
289 while (recvs++ < sends)
290 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1);
295 TEST_F(tls, sendmsg_multiple)
297 char const *test_str = "test_sendmsg_multiple";
307 memset(&msg, 0, sizeof(struct msghdr));
308 for (i = 0; i < iov_len; i++) {
309 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
310 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
311 vec[i].iov_base = (void *)test_strs[i];
312 vec[i].iov_len = strlen(test_strs[i]) + 1;
313 total_len += vec[i].iov_len;
316 msg.msg_iovlen = iov_len;
318 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len);
319 buf = malloc(total_len);
320 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1);
321 for (i = 0; i < iov_len; i++) {
322 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
323 strlen(test_strs[i])),
325 len_cmp += strlen(buf + len_cmp) + 1;
327 for (i = 0; i < iov_len; i++)
332 TEST_F(tls, sendmsg_multiple_stress)
334 char const *test_str = "abcdefghijklmno";
335 struct iovec vec[1024];
336 char *test_strs[1024];
344 memset(&msg, 0, sizeof(struct msghdr));
345 for (i = 0; i < iov_len; i++) {
346 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
347 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
348 vec[i].iov_base = (void *)test_strs[i];
349 vec[i].iov_len = strlen(test_strs[i]) + 1;
350 total_len += vec[i].iov_len;
353 msg.msg_iovlen = iov_len;
355 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
356 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
358 for (i = 0; i < iov_len; i++)
359 len_cmp += strlen(buf + len_cmp) + 1;
361 for (i = 0; i < iov_len; i++)
365 TEST_F(tls, splice_from_pipe)
367 int send_len = TLS_PAYLOAD_MAX_LEN;
368 char mem_send[TLS_PAYLOAD_MAX_LEN];
369 char mem_recv[TLS_PAYLOAD_MAX_LEN];
372 ASSERT_GE(pipe(p), 0);
373 EXPECT_GE(write(p[1], mem_send, send_len), 0);
374 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
375 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
376 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
379 TEST_F(tls, splice_from_pipe2)
381 int send_len = 16000;
382 char mem_send[16000];
383 char mem_recv[16000];
387 ASSERT_GE(pipe(p), 0);
388 ASSERT_GE(pipe(p2), 0);
389 EXPECT_GE(write(p[1], mem_send, 8000), 0);
390 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, 8000, 0), 0);
391 EXPECT_GE(write(p2[1], mem_send + 8000, 8000), 0);
392 EXPECT_GE(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 0);
393 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
394 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
397 TEST_F(tls, send_and_splice)
399 int send_len = TLS_PAYLOAD_MAX_LEN;
400 char mem_send[TLS_PAYLOAD_MAX_LEN];
401 char mem_recv[TLS_PAYLOAD_MAX_LEN];
402 char const *test_str = "test_read";
407 ASSERT_GE(pipe(p), 0);
408 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
409 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
410 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
412 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
413 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
415 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
416 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
419 TEST_F(tls, splice_to_pipe)
421 int send_len = TLS_PAYLOAD_MAX_LEN;
422 char mem_send[TLS_PAYLOAD_MAX_LEN];
423 char mem_recv[TLS_PAYLOAD_MAX_LEN];
426 ASSERT_GE(pipe(p), 0);
427 EXPECT_GE(send(self->fd, mem_send, send_len, 0), 0);
428 EXPECT_GE(splice(self->cfd, NULL, p[1], NULL, send_len, 0), 0);
429 EXPECT_GE(read(p[0], mem_recv, send_len), 0);
430 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
433 TEST_F(tls, recvmsg_single)
435 char const *test_str = "test_recvmsg_single";
436 int send_len = strlen(test_str) + 1;
441 memset(&hdr, 0, sizeof(hdr));
442 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
443 vec.iov_base = (char *)buf;
444 vec.iov_len = send_len;
447 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
448 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
451 TEST_F(tls, recvmsg_single_max)
453 int send_len = TLS_PAYLOAD_MAX_LEN;
454 char send_mem[TLS_PAYLOAD_MAX_LEN];
455 char recv_mem[TLS_PAYLOAD_MAX_LEN];
459 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
460 vec.iov_base = (char *)recv_mem;
461 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
465 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
466 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
469 TEST_F(tls, recvmsg_multiple)
471 unsigned int msg_iovlen = 1024;
472 unsigned int len_compared = 0;
473 struct iovec vec[1024];
474 char *iov_base[1024];
475 unsigned int iov_len = 16;
476 int send_len = 1 << 14;
481 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
482 for (i = 0; i < msg_iovlen; i++) {
483 iov_base[i] = (char *)malloc(iov_len);
484 vec[i].iov_base = iov_base[i];
485 vec[i].iov_len = iov_len;
488 hdr.msg_iovlen = msg_iovlen;
490 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
491 for (i = 0; i < msg_iovlen; i++)
492 len_compared += iov_len;
494 for (i = 0; i < msg_iovlen; i++)
498 TEST_F(tls, single_send_multiple_recv)
500 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
501 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
502 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
503 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
505 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
506 memset(recv_mem, 0, total_len);
508 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
509 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
510 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
513 TEST_F(tls, multiple_send_single_recv)
515 unsigned int total_len = 2 * 10;
516 unsigned int send_len = 10;
517 char recv_mem[2 * 10];
520 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
521 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
522 memset(recv_mem, 0, total_len);
523 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
525 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
526 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
529 TEST_F(tls, single_send_multiple_recv_non_align)
531 const unsigned int total_len = 15;
532 const unsigned int recv_len = 10;
533 char recv_mem[recv_len * 2];
534 char send_mem[total_len];
536 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
537 memset(recv_mem, 0, total_len);
539 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
540 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
541 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
544 TEST_F(tls, recv_partial)
546 char const *test_str = "test_read_partial";
547 char const *test_str_first = "test_read";
548 char const *test_str_second = "_partial";
549 int send_len = strlen(test_str) + 1;
552 memset(recv_mem, 0, sizeof(recv_mem));
553 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
554 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
556 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
557 memset(recv_mem, 0, sizeof(recv_mem));
558 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
560 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
564 TEST_F(tls, recv_nonblock)
569 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
570 err = (errno == EAGAIN || errno == EWOULDBLOCK);
571 EXPECT_EQ(err, true);
574 TEST_F(tls, recv_peek)
576 char const *test_str = "test_read_peek";
577 int send_len = strlen(test_str) + 1;
580 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
581 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
582 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
583 memset(buf, 0, sizeof(buf));
584 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
585 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
588 TEST_F(tls, recv_peek_multiple)
590 char const *test_str = "test_read_peek";
591 int send_len = strlen(test_str) + 1;
592 unsigned int num_peeks = 100;
596 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
597 for (i = 0; i < num_peeks; i++) {
598 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
599 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
600 memset(buf, 0, sizeof(buf));
602 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
603 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
606 TEST_F(tls, recv_peek_multiple_records)
608 char const *test_str = "test_read_peek_mult_recs";
609 char const *test_str_first = "test_read_peek";
610 char const *test_str_second = "_mult_recs";
614 len = strlen(test_str_first);
615 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
617 len = strlen(test_str_second) + 1;
618 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
620 len = strlen(test_str_first);
622 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
624 /* MSG_PEEK can only peek into the current record. */
625 len = strlen(test_str_first);
626 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
628 len = strlen(test_str) + 1;
630 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
632 /* Non-MSG_PEEK will advance strparser (and therefore record)
635 len = strlen(test_str) + 1;
636 EXPECT_EQ(memcmp(test_str, buf, len), 0);
638 /* MSG_MORE will hold current record open, so later MSG_PEEK
639 * will see everything.
641 len = strlen(test_str_first);
642 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
644 len = strlen(test_str_second) + 1;
645 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
647 len = strlen(test_str) + 1;
649 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
651 len = strlen(test_str) + 1;
652 EXPECT_EQ(memcmp(test_str, buf, len), 0);
655 TEST_F(tls, recv_peek_large_buf_mult_recs)
657 char const *test_str = "test_read_peek_mult_recs";
658 char const *test_str_first = "test_read_peek";
659 char const *test_str_second = "_mult_recs";
663 len = strlen(test_str_first);
664 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
666 len = strlen(test_str_second) + 1;
667 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
669 len = strlen(test_str) + 1;
671 EXPECT_NE((len = recv(self->cfd, buf, len,
672 MSG_PEEK | MSG_WAITALL)), -1);
673 len = strlen(test_str) + 1;
674 EXPECT_EQ(memcmp(test_str, buf, len), 0);
677 TEST_F(tls, recv_lowat)
679 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
683 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
684 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
686 memset(recv_mem, 0, 20);
687 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
688 &lowat, sizeof(lowat)), 0);
689 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
690 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
691 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
693 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
694 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
699 char const *test_str = "test_read";
705 struct tls12_crypto_info_aes_gcm_128 tls12;
707 memset(&tls12, 0, sizeof(tls12));
708 tls12.info.version = TLS_1_3_VERSION;
709 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
711 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
715 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
720 ASSERT_EQ(strlen(test_str) + 1, send_len);
722 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
723 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
724 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
726 memset(buf, 0, sizeof(buf));
728 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
729 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
730 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
735 char const *test_str = "test_poll";
736 struct pollfd fd = { 0, 0, 0 };
740 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
744 EXPECT_EQ(poll(&fd, 1, 20), 1);
745 EXPECT_EQ(fd.revents & POLLIN, 1);
746 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
747 /* Test timing out */
748 EXPECT_EQ(poll(&fd, 1, 20), 0);
751 TEST_F(tls, poll_wait)
753 char const *test_str = "test_poll_wait";
754 int send_len = strlen(test_str) + 1;
755 struct pollfd fd = { 0, 0, 0 };
760 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
761 /* Set timeout to inf. secs */
762 EXPECT_EQ(poll(&fd, 1, -1), 1);
763 EXPECT_EQ(fd.revents & POLLIN, 1);
764 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
767 TEST_F(tls, poll_wait_split)
769 struct pollfd fd = { 0, 0, 0 };
770 char send_mem[20] = {};
776 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
778 /* Poll with inf. timeout */
779 EXPECT_EQ(poll(&fd, 1, -1), 1);
780 EXPECT_EQ(fd.revents & POLLIN, 1);
781 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
784 /* Now the remaining 5 bytes of record data are in TLS ULP */
787 EXPECT_EQ(poll(&fd, 1, -1), 1);
788 EXPECT_EQ(fd.revents & POLLIN, 1);
789 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
790 sizeof(send_mem) - sizeof(recv_mem));
793 TEST_F(tls, blocking)
795 size_t data = 100000;
808 int res = send(self->fd, buf,
809 left > 16384 ? 16384 : left, 0);
815 pid2 = wait(&status);
816 EXPECT_EQ(status, 0);
817 EXPECT_EQ(res, pid2);
824 int res = recv(self->cfd, buf,
825 left > 16384 ? 16384 : left, 0);
833 TEST_F(tls, nonblocking)
835 size_t data = 100000;
840 flags = fcntl(self->fd, F_GETFL, 0);
841 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
842 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
844 /* Ensure nonblocking behavior by imposing a small send
847 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
848 &sendbuf, sizeof(sendbuf)), 0);
862 int res = send(self->fd, buf,
863 left > 16384 ? 16384 : left, 0);
865 if (res == -1 && errno == EAGAIN) {
875 pid2 = wait(&status);
877 EXPECT_EQ(status, 0);
878 EXPECT_EQ(res, pid2);
886 int res = recv(self->cfd, buf,
887 left > 16384 ? 16384 : left, 0);
889 if (res == -1 && errno == EAGAIN) {
901 TEST_F(tls, control_msg)
906 char cbuf[CMSG_SPACE(sizeof(char))];
907 char const *test_str = "test_read";
908 int cmsg_len = sizeof(char);
909 char record_type = 100;
910 struct cmsghdr *cmsg;
916 vec.iov_base = (char *)test_str;
918 memset(&msg, 0, sizeof(struct msghdr));
921 msg.msg_control = cbuf;
922 msg.msg_controllen = sizeof(cbuf);
923 cmsg = CMSG_FIRSTHDR(&msg);
924 cmsg->cmsg_level = SOL_TLS;
925 /* test sending non-record types. */
926 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
927 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
928 *CMSG_DATA(cmsg) = record_type;
929 msg.msg_controllen = cmsg->cmsg_len;
931 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
932 /* Should fail because we didn't provide a control message */
933 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
936 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL | MSG_PEEK), send_len);
938 cmsg = CMSG_FIRSTHDR(&msg);
939 EXPECT_NE(cmsg, NULL);
940 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
941 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
942 record_type = *((unsigned char *)CMSG_DATA(cmsg));
943 EXPECT_EQ(record_type, 100);
944 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
946 /* Recv the message again without MSG_PEEK */
948 memset(buf, 0, sizeof(buf));
950 EXPECT_EQ(recvmsg(self->cfd, &msg, MSG_WAITALL), send_len);
951 cmsg = CMSG_FIRSTHDR(&msg);
952 EXPECT_NE(cmsg, NULL);
953 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
954 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
955 record_type = *((unsigned char *)CMSG_DATA(cmsg));
956 EXPECT_EQ(record_type, 100);
957 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
960 TEST_F(tls, shutdown)
962 char const *test_str = "test_read";
966 ASSERT_EQ(strlen(test_str) + 1, send_len);
968 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
969 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
970 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
972 shutdown(self->fd, SHUT_RDWR);
973 shutdown(self->cfd, SHUT_RDWR);
976 TEST_F(tls, shutdown_unsent)
978 char const *test_str = "test_read";
981 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
983 shutdown(self->fd, SHUT_RDWR);
984 shutdown(self->cfd, SHUT_RDWR);
987 TEST_F(tls, shutdown_reuse)
989 struct sockaddr_in addr;
992 shutdown(self->fd, SHUT_RDWR);
993 shutdown(self->cfd, SHUT_RDWR);
996 addr.sin_family = AF_INET;
997 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1000 ret = bind(self->fd, &addr, sizeof(addr));
1002 ret = listen(self->fd, 10);
1004 EXPECT_EQ(errno, EINVAL);
1006 ret = connect(self->fd, &addr, sizeof(addr));
1008 EXPECT_EQ(errno, EISCONN);
1011 TEST(non_established) {
1012 struct tls12_crypto_info_aes_gcm_256 tls12;
1013 struct sockaddr_in addr;
1019 memset(&tls12, 0, sizeof(tls12));
1020 tls12.info.version = TLS_1_2_VERSION;
1021 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1023 addr.sin_family = AF_INET;
1024 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1027 fd = socket(AF_INET, SOCK_STREAM, 0);
1028 sfd = socket(AF_INET, SOCK_STREAM, 0);
1030 ret = bind(sfd, &addr, sizeof(addr));
1032 ret = listen(sfd, 10);
1035 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1037 /* TLS ULP not supported */
1038 if (errno == ENOENT)
1040 EXPECT_EQ(errno, ENOTSUPP);
1042 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1044 EXPECT_EQ(errno, ENOTSUPP);
1046 ret = getsockname(sfd, &addr, &len);
1049 ret = connect(fd, &addr, sizeof(addr));
1052 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1055 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1057 EXPECT_EQ(errno, EEXIST);
1064 struct tls12_crypto_info_aes_gcm_256 tls12;
1065 struct sockaddr_in addr;
1066 int sfd, ret, fd, cfd;
1073 memset(&tls12, 0, sizeof(tls12));
1074 tls12.info.version = TLS_1_2_VERSION;
1075 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1077 addr.sin_family = AF_INET;
1078 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1081 fd = socket(AF_INET, SOCK_STREAM, 0);
1082 sfd = socket(AF_INET, SOCK_STREAM, 0);
1084 ret = bind(sfd, &addr, sizeof(addr));
1086 ret = listen(sfd, 10);
1089 ret = getsockname(sfd, &addr, &len);
1092 ret = connect(fd, &addr, sizeof(addr));
1095 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1098 printf("Failure setting TCP_ULP, testing without tls\n");
1102 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1107 cfd = accept(sfd, &addr, &len);
1111 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1115 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1129 struct tls12_crypto_info_aes_gcm_128 tls12;
1130 struct sockaddr_in addr;
1137 memset(&tls12, 0, sizeof(tls12));
1138 tls12.info.version = TLS_1_2_VERSION;
1139 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
1141 addr.sin_family = AF_INET;
1142 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1145 fd = socket(AF_INET, SOCK_STREAM, 0);
1146 sfd = socket(AF_INET, SOCK_STREAM, 0);
1148 ret = bind(sfd, &addr, sizeof(addr));
1150 ret = listen(sfd, 10);
1153 ret = getsockname(sfd, &addr, &len);
1156 ret = connect(fd, &addr, sizeof(addr));
1159 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1162 printf("Failure setting TCP_ULP, testing without tls\n");
1166 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1171 cfd = accept(sfd, &addr, &len);
1175 ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
1179 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1186 char const *test_str = "test_read";
1190 send_len = strlen(test_str) + 1;
1191 EXPECT_EQ(send(fd, test_str, send_len, 0), send_len);
1192 EXPECT_NE(recv(cfd, buf, send_len, 0), -1);
1193 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);