0001
0002
0003 #define _GNU_SOURCE
0004
0005 #include <arpa/inet.h>
0006 #include <errno.h>
0007 #include <error.h>
0008 #include <fcntl.h>
0009 #include <poll.h>
0010 #include <stdio.h>
0011 #include <stdlib.h>
0012 #include <unistd.h>
0013
0014 #include <linux/tls.h>
0015 #include <linux/tcp.h>
0016 #include <linux/socket.h>
0017
0018 #include <sys/types.h>
0019 #include <sys/sendfile.h>
0020 #include <sys/socket.h>
0021 #include <sys/stat.h>
0022
0023 #include "../kselftest_harness.h"
0024
0025 #define TLS_PAYLOAD_MAX_LEN 16384
0026 #define SOL_TLS 282
0027
0028 struct tls_crypto_info_keys {
0029 union {
0030 struct tls12_crypto_info_aes_gcm_128 aes128;
0031 struct tls12_crypto_info_chacha20_poly1305 chacha20;
0032 struct tls12_crypto_info_sm4_gcm sm4gcm;
0033 struct tls12_crypto_info_sm4_ccm sm4ccm;
0034 struct tls12_crypto_info_aes_ccm_128 aesccm128;
0035 struct tls12_crypto_info_aes_gcm_256 aesgcm256;
0036 };
0037 size_t len;
0038 };
0039
0040 static void tls_crypto_info_init(uint16_t tls_version, uint16_t cipher_type,
0041 struct tls_crypto_info_keys *tls12)
0042 {
0043 memset(tls12, 0, sizeof(*tls12));
0044
0045 switch (cipher_type) {
0046 case TLS_CIPHER_CHACHA20_POLY1305:
0047 tls12->len = sizeof(struct tls12_crypto_info_chacha20_poly1305);
0048 tls12->chacha20.info.version = tls_version;
0049 tls12->chacha20.info.cipher_type = cipher_type;
0050 break;
0051 case TLS_CIPHER_AES_GCM_128:
0052 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_128);
0053 tls12->aes128.info.version = tls_version;
0054 tls12->aes128.info.cipher_type = cipher_type;
0055 break;
0056 case TLS_CIPHER_SM4_GCM:
0057 tls12->len = sizeof(struct tls12_crypto_info_sm4_gcm);
0058 tls12->sm4gcm.info.version = tls_version;
0059 tls12->sm4gcm.info.cipher_type = cipher_type;
0060 break;
0061 case TLS_CIPHER_SM4_CCM:
0062 tls12->len = sizeof(struct tls12_crypto_info_sm4_ccm);
0063 tls12->sm4ccm.info.version = tls_version;
0064 tls12->sm4ccm.info.cipher_type = cipher_type;
0065 break;
0066 case TLS_CIPHER_AES_CCM_128:
0067 tls12->len = sizeof(struct tls12_crypto_info_aes_ccm_128);
0068 tls12->aesccm128.info.version = tls_version;
0069 tls12->aesccm128.info.cipher_type = cipher_type;
0070 break;
0071 case TLS_CIPHER_AES_GCM_256:
0072 tls12->len = sizeof(struct tls12_crypto_info_aes_gcm_256);
0073 tls12->aesgcm256.info.version = tls_version;
0074 tls12->aesgcm256.info.cipher_type = cipher_type;
0075 break;
0076 default:
0077 break;
0078 }
0079 }
0080
0081 static void memrnd(void *s, size_t n)
0082 {
0083 int *dword = s;
0084 char *byte;
0085
0086 for (; n >= 4; n -= 4)
0087 *dword++ = rand();
0088 byte = (void *)dword;
0089 while (n--)
0090 *byte++ = rand();
0091 }
0092
0093 static void ulp_sock_pair(struct __test_metadata *_metadata,
0094 int *fd, int *cfd, bool *notls)
0095 {
0096 struct sockaddr_in addr;
0097 socklen_t len;
0098 int sfd, ret;
0099
0100 *notls = false;
0101 len = sizeof(addr);
0102
0103 addr.sin_family = AF_INET;
0104 addr.sin_addr.s_addr = htonl(INADDR_ANY);
0105 addr.sin_port = 0;
0106
0107 *fd = socket(AF_INET, SOCK_STREAM, 0);
0108 sfd = socket(AF_INET, SOCK_STREAM, 0);
0109
0110 ret = bind(sfd, &addr, sizeof(addr));
0111 ASSERT_EQ(ret, 0);
0112 ret = listen(sfd, 10);
0113 ASSERT_EQ(ret, 0);
0114
0115 ret = getsockname(sfd, &addr, &len);
0116 ASSERT_EQ(ret, 0);
0117
0118 ret = connect(*fd, &addr, sizeof(addr));
0119 ASSERT_EQ(ret, 0);
0120
0121 *cfd = accept(sfd, &addr, &len);
0122 ASSERT_GE(*cfd, 0);
0123
0124 close(sfd);
0125
0126 ret = setsockopt(*fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
0127 if (ret != 0) {
0128 ASSERT_EQ(errno, ENOENT);
0129 *notls = true;
0130 printf("Failure setting TCP_ULP, testing without tls\n");
0131 return;
0132 }
0133
0134 ret = setsockopt(*cfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
0135 ASSERT_EQ(ret, 0);
0136 }
0137
0138
0139 static int tls_send_cmsg(int fd, unsigned char record_type,
0140 void *data, size_t len, int flags)
0141 {
0142 char cbuf[CMSG_SPACE(sizeof(char))];
0143 int cmsg_len = sizeof(char);
0144 struct cmsghdr *cmsg;
0145 struct msghdr msg;
0146 struct iovec vec;
0147
0148 vec.iov_base = data;
0149 vec.iov_len = len;
0150 memset(&msg, 0, sizeof(struct msghdr));
0151 msg.msg_iov = &vec;
0152 msg.msg_iovlen = 1;
0153 msg.msg_control = cbuf;
0154 msg.msg_controllen = sizeof(cbuf);
0155 cmsg = CMSG_FIRSTHDR(&msg);
0156 cmsg->cmsg_level = SOL_TLS;
0157
0158 cmsg->cmsg_type = TLS_SET_RECORD_TYPE;
0159 cmsg->cmsg_len = CMSG_LEN(cmsg_len);
0160 *CMSG_DATA(cmsg) = record_type;
0161 msg.msg_controllen = cmsg->cmsg_len;
0162
0163 return sendmsg(fd, &msg, flags);
0164 }
0165
0166 static int tls_recv_cmsg(struct __test_metadata *_metadata,
0167 int fd, unsigned char record_type,
0168 void *data, size_t len, int flags)
0169 {
0170 char cbuf[CMSG_SPACE(sizeof(char))];
0171 struct cmsghdr *cmsg;
0172 unsigned char ctype;
0173 struct msghdr msg;
0174 struct iovec vec;
0175 int n;
0176
0177 vec.iov_base = data;
0178 vec.iov_len = len;
0179 memset(&msg, 0, sizeof(struct msghdr));
0180 msg.msg_iov = &vec;
0181 msg.msg_iovlen = 1;
0182 msg.msg_control = cbuf;
0183 msg.msg_controllen = sizeof(cbuf);
0184
0185 n = recvmsg(fd, &msg, flags);
0186
0187 cmsg = CMSG_FIRSTHDR(&msg);
0188 EXPECT_NE(cmsg, NULL);
0189 EXPECT_EQ(cmsg->cmsg_level, SOL_TLS);
0190 EXPECT_EQ(cmsg->cmsg_type, TLS_GET_RECORD_TYPE);
0191 ctype = *((unsigned char *)CMSG_DATA(cmsg));
0192 EXPECT_EQ(ctype, record_type);
0193
0194 return n;
0195 }
0196
0197 FIXTURE(tls_basic)
0198 {
0199 int fd, cfd;
0200 bool notls;
0201 };
0202
0203 FIXTURE_SETUP(tls_basic)
0204 {
0205 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls);
0206 }
0207
0208 FIXTURE_TEARDOWN(tls_basic)
0209 {
0210 close(self->fd);
0211 close(self->cfd);
0212 }
0213
0214
0215 TEST_F(tls_basic, base_base)
0216 {
0217 char const *test_str = "test_read";
0218 int send_len = 10;
0219 char buf[10];
0220
0221 ASSERT_EQ(strlen(test_str) + 1, send_len);
0222
0223 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
0224 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
0225 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
0226 };
0227
0228 FIXTURE(tls)
0229 {
0230 int fd, cfd;
0231 bool notls;
0232 };
0233
0234 FIXTURE_VARIANT(tls)
0235 {
0236 uint16_t tls_version;
0237 uint16_t cipher_type;
0238 bool nopad;
0239 };
0240
0241 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm)
0242 {
0243 .tls_version = TLS_1_2_VERSION,
0244 .cipher_type = TLS_CIPHER_AES_GCM_128,
0245 };
0246
0247 FIXTURE_VARIANT_ADD(tls, 13_aes_gcm)
0248 {
0249 .tls_version = TLS_1_3_VERSION,
0250 .cipher_type = TLS_CIPHER_AES_GCM_128,
0251 };
0252
0253 FIXTURE_VARIANT_ADD(tls, 12_chacha)
0254 {
0255 .tls_version = TLS_1_2_VERSION,
0256 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305,
0257 };
0258
0259 FIXTURE_VARIANT_ADD(tls, 13_chacha)
0260 {
0261 .tls_version = TLS_1_3_VERSION,
0262 .cipher_type = TLS_CIPHER_CHACHA20_POLY1305,
0263 };
0264
0265 FIXTURE_VARIANT_ADD(tls, 13_sm4_gcm)
0266 {
0267 .tls_version = TLS_1_3_VERSION,
0268 .cipher_type = TLS_CIPHER_SM4_GCM,
0269 };
0270
0271 FIXTURE_VARIANT_ADD(tls, 13_sm4_ccm)
0272 {
0273 .tls_version = TLS_1_3_VERSION,
0274 .cipher_type = TLS_CIPHER_SM4_CCM,
0275 };
0276
0277 FIXTURE_VARIANT_ADD(tls, 12_aes_ccm)
0278 {
0279 .tls_version = TLS_1_2_VERSION,
0280 .cipher_type = TLS_CIPHER_AES_CCM_128,
0281 };
0282
0283 FIXTURE_VARIANT_ADD(tls, 13_aes_ccm)
0284 {
0285 .tls_version = TLS_1_3_VERSION,
0286 .cipher_type = TLS_CIPHER_AES_CCM_128,
0287 };
0288
0289 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm_256)
0290 {
0291 .tls_version = TLS_1_2_VERSION,
0292 .cipher_type = TLS_CIPHER_AES_GCM_256,
0293 };
0294
0295 FIXTURE_VARIANT_ADD(tls, 13_aes_gcm_256)
0296 {
0297 .tls_version = TLS_1_3_VERSION,
0298 .cipher_type = TLS_CIPHER_AES_GCM_256,
0299 };
0300
0301 FIXTURE_VARIANT_ADD(tls, 13_nopad)
0302 {
0303 .tls_version = TLS_1_3_VERSION,
0304 .cipher_type = TLS_CIPHER_AES_GCM_128,
0305 .nopad = true,
0306 };
0307
0308 FIXTURE_SETUP(tls)
0309 {
0310 struct tls_crypto_info_keys tls12;
0311 int one = 1;
0312 int ret;
0313
0314 tls_crypto_info_init(variant->tls_version, variant->cipher_type,
0315 &tls12);
0316
0317 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls);
0318
0319 if (self->notls)
0320 return;
0321
0322 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, tls12.len);
0323 ASSERT_EQ(ret, 0);
0324
0325 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX, &tls12, tls12.len);
0326 ASSERT_EQ(ret, 0);
0327
0328 if (variant->nopad) {
0329 ret = setsockopt(self->cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD,
0330 (void *)&one, sizeof(one));
0331 ASSERT_EQ(ret, 0);
0332 }
0333 }
0334
0335 FIXTURE_TEARDOWN(tls)
0336 {
0337 close(self->fd);
0338 close(self->cfd);
0339 }
0340
0341 TEST_F(tls, sendfile)
0342 {
0343 int filefd = open("/proc/self/exe", O_RDONLY);
0344 struct stat st;
0345
0346 EXPECT_GE(filefd, 0);
0347 fstat(filefd, &st);
0348 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
0349 }
0350
0351 TEST_F(tls, send_then_sendfile)
0352 {
0353 int filefd = open("/proc/self/exe", O_RDONLY);
0354 char const *test_str = "test_send";
0355 int to_send = strlen(test_str) + 1;
0356 char recv_buf[10];
0357 struct stat st;
0358 char *buf;
0359
0360 EXPECT_GE(filefd, 0);
0361 fstat(filefd, &st);
0362 buf = (char *)malloc(st.st_size);
0363
0364 EXPECT_EQ(send(self->fd, test_str, to_send, 0), to_send);
0365 EXPECT_EQ(recv(self->cfd, recv_buf, to_send, MSG_WAITALL), to_send);
0366 EXPECT_EQ(memcmp(test_str, recv_buf, to_send), 0);
0367
0368 EXPECT_GE(sendfile(self->fd, filefd, 0, st.st_size), 0);
0369 EXPECT_EQ(recv(self->cfd, buf, st.st_size, MSG_WAITALL), st.st_size);
0370 }
0371
0372 static void chunked_sendfile(struct __test_metadata *_metadata,
0373 struct _test_data_tls *self,
0374 uint16_t chunk_size,
0375 uint16_t extra_payload_size)
0376 {
0377 char buf[TLS_PAYLOAD_MAX_LEN];
0378 uint16_t test_payload_size;
0379 int size = 0;
0380 int ret;
0381 char filename[] = "/tmp/mytemp.XXXXXX";
0382 int fd = mkstemp(filename);
0383 off_t offset = 0;
0384
0385 unlink(filename);
0386 ASSERT_GE(fd, 0);
0387 EXPECT_GE(chunk_size, 1);
0388 test_payload_size = chunk_size + extra_payload_size;
0389 ASSERT_GE(TLS_PAYLOAD_MAX_LEN, test_payload_size);
0390 memset(buf, 1, test_payload_size);
0391 size = write(fd, buf, test_payload_size);
0392 EXPECT_EQ(size, test_payload_size);
0393 fsync(fd);
0394
0395 while (size > 0) {
0396 ret = sendfile(self->fd, fd, &offset, chunk_size);
0397 EXPECT_GE(ret, 0);
0398 size -= ret;
0399 }
0400
0401 EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL),
0402 test_payload_size);
0403
0404 close(fd);
0405 }
0406
0407 TEST_F(tls, multi_chunk_sendfile)
0408 {
0409 chunked_sendfile(_metadata, self, 4096, 4096);
0410 chunked_sendfile(_metadata, self, 4096, 0);
0411 chunked_sendfile(_metadata, self, 4096, 1);
0412 chunked_sendfile(_metadata, self, 4096, 2048);
0413 chunked_sendfile(_metadata, self, 8192, 2048);
0414 chunked_sendfile(_metadata, self, 4096, 8192);
0415 chunked_sendfile(_metadata, self, 8192, 4096);
0416 chunked_sendfile(_metadata, self, 12288, 1024);
0417 chunked_sendfile(_metadata, self, 12288, 2000);
0418 chunked_sendfile(_metadata, self, 15360, 100);
0419 chunked_sendfile(_metadata, self, 15360, 300);
0420 chunked_sendfile(_metadata, self, 1, 4096);
0421 chunked_sendfile(_metadata, self, 2048, 4096);
0422 chunked_sendfile(_metadata, self, 2048, 8192);
0423 chunked_sendfile(_metadata, self, 4096, 8192);
0424 chunked_sendfile(_metadata, self, 1024, 12288);
0425 chunked_sendfile(_metadata, self, 2000, 12288);
0426 chunked_sendfile(_metadata, self, 100, 15360);
0427 chunked_sendfile(_metadata, self, 300, 15360);
0428 }
0429
0430 TEST_F(tls, recv_max)
0431 {
0432 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
0433 char recv_mem[TLS_PAYLOAD_MAX_LEN];
0434 char buf[TLS_PAYLOAD_MAX_LEN];
0435
0436 memrnd(buf, sizeof(buf));
0437
0438 EXPECT_GE(send(self->fd, buf, send_len, 0), 0);
0439 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
0440 EXPECT_EQ(memcmp(buf, recv_mem, send_len), 0);
0441 }
0442
0443 TEST_F(tls, recv_small)
0444 {
0445 char const *test_str = "test_read";
0446 int send_len = 10;
0447 char buf[10];
0448
0449 send_len = strlen(test_str) + 1;
0450 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
0451 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
0452 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
0453 }
0454
0455 TEST_F(tls, msg_more)
0456 {
0457 char const *test_str = "test_read";
0458 int send_len = 10;
0459 char buf[10 * 2];
0460
0461 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
0462 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
0463 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
0464 EXPECT_EQ(recv(self->cfd, buf, send_len * 2, MSG_WAITALL),
0465 send_len * 2);
0466 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
0467 }
0468
0469 TEST_F(tls, msg_more_unsent)
0470 {
0471 char const *test_str = "test_read";
0472 int send_len = 10;
0473 char buf[10];
0474
0475 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
0476 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_DONTWAIT), -1);
0477 }
0478
0479 TEST_F(tls, sendmsg_single)
0480 {
0481 struct msghdr msg;
0482
0483 char const *test_str = "test_sendmsg";
0484 size_t send_len = 13;
0485 struct iovec vec;
0486 char buf[13];
0487
0488 vec.iov_base = (char *)test_str;
0489 vec.iov_len = send_len;
0490 memset(&msg, 0, sizeof(struct msghdr));
0491 msg.msg_iov = &vec;
0492 msg.msg_iovlen = 1;
0493 EXPECT_EQ(sendmsg(self->fd, &msg, 0), send_len);
0494 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
0495 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
0496 }
0497
0498 #define MAX_FRAGS 64
0499 #define SEND_LEN 13
0500 TEST_F(tls, sendmsg_fragmented)
0501 {
0502 char const *test_str = "test_sendmsg";
0503 char buf[SEND_LEN * MAX_FRAGS];
0504 struct iovec vec[MAX_FRAGS];
0505 struct msghdr msg;
0506 int i, frags;
0507
0508 for (frags = 1; frags <= MAX_FRAGS; frags++) {
0509 for (i = 0; i < frags; i++) {
0510 vec[i].iov_base = (char *)test_str;
0511 vec[i].iov_len = SEND_LEN;
0512 }
0513
0514 memset(&msg, 0, sizeof(struct msghdr));
0515 msg.msg_iov = vec;
0516 msg.msg_iovlen = frags;
0517
0518 EXPECT_EQ(sendmsg(self->fd, &msg, 0), SEND_LEN * frags);
0519 EXPECT_EQ(recv(self->cfd, buf, SEND_LEN * frags, MSG_WAITALL),
0520 SEND_LEN * frags);
0521
0522 for (i = 0; i < frags; i++)
0523 EXPECT_EQ(memcmp(buf + SEND_LEN * i,
0524 test_str, SEND_LEN), 0);
0525 }
0526 }
0527 #undef MAX_FRAGS
0528 #undef SEND_LEN
0529
0530 TEST_F(tls, sendmsg_large)
0531 {
0532 void *mem = malloc(16384);
0533 size_t send_len = 16384;
0534 size_t sends = 128;
0535 struct msghdr msg;
0536 size_t recvs = 0;
0537 size_t sent = 0;
0538
0539 memset(&msg, 0, sizeof(struct msghdr));
0540 while (sent++ < sends) {
0541 struct iovec vec = { (void *)mem, send_len };
0542
0543 msg.msg_iov = &vec;
0544 msg.msg_iovlen = 1;
0545 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), send_len);
0546 }
0547
0548 while (recvs++ < sends) {
0549 EXPECT_NE(recv(self->fd, mem, send_len, 0), -1);
0550 }
0551
0552 free(mem);
0553 }
0554
0555 TEST_F(tls, sendmsg_multiple)
0556 {
0557 char const *test_str = "test_sendmsg_multiple";
0558 struct iovec vec[5];
0559 char *test_strs[5];
0560 struct msghdr msg;
0561 int total_len = 0;
0562 int len_cmp = 0;
0563 int iov_len = 5;
0564 char *buf;
0565 int i;
0566
0567 memset(&msg, 0, sizeof(struct msghdr));
0568 for (i = 0; i < iov_len; i++) {
0569 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
0570 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
0571 vec[i].iov_base = (void *)test_strs[i];
0572 vec[i].iov_len = strlen(test_strs[i]) + 1;
0573 total_len += vec[i].iov_len;
0574 }
0575 msg.msg_iov = vec;
0576 msg.msg_iovlen = iov_len;
0577
0578 EXPECT_EQ(sendmsg(self->cfd, &msg, 0), total_len);
0579 buf = malloc(total_len);
0580 EXPECT_NE(recv(self->fd, buf, total_len, 0), -1);
0581 for (i = 0; i < iov_len; i++) {
0582 EXPECT_EQ(memcmp(test_strs[i], buf + len_cmp,
0583 strlen(test_strs[i])),
0584 0);
0585 len_cmp += strlen(buf + len_cmp) + 1;
0586 }
0587 for (i = 0; i < iov_len; i++)
0588 free(test_strs[i]);
0589 free(buf);
0590 }
0591
0592 TEST_F(tls, sendmsg_multiple_stress)
0593 {
0594 char const *test_str = "abcdefghijklmno";
0595 struct iovec vec[1024];
0596 char *test_strs[1024];
0597 int iov_len = 1024;
0598 int total_len = 0;
0599 char buf[1 << 14];
0600 struct msghdr msg;
0601 int len_cmp = 0;
0602 int i;
0603
0604 memset(&msg, 0, sizeof(struct msghdr));
0605 for (i = 0; i < iov_len; i++) {
0606 test_strs[i] = (char *)malloc(strlen(test_str) + 1);
0607 snprintf(test_strs[i], strlen(test_str) + 1, "%s", test_str);
0608 vec[i].iov_base = (void *)test_strs[i];
0609 vec[i].iov_len = strlen(test_strs[i]) + 1;
0610 total_len += vec[i].iov_len;
0611 }
0612 msg.msg_iov = vec;
0613 msg.msg_iovlen = iov_len;
0614
0615 EXPECT_EQ(sendmsg(self->fd, &msg, 0), total_len);
0616 EXPECT_NE(recv(self->cfd, buf, total_len, 0), -1);
0617
0618 for (i = 0; i < iov_len; i++)
0619 len_cmp += strlen(buf + len_cmp) + 1;
0620
0621 for (i = 0; i < iov_len; i++)
0622 free(test_strs[i]);
0623 }
0624
0625 TEST_F(tls, splice_from_pipe)
0626 {
0627 int send_len = TLS_PAYLOAD_MAX_LEN;
0628 char mem_send[TLS_PAYLOAD_MAX_LEN];
0629 char mem_recv[TLS_PAYLOAD_MAX_LEN];
0630 int p[2];
0631
0632 ASSERT_GE(pipe(p), 0);
0633 EXPECT_GE(write(p[1], mem_send, send_len), 0);
0634 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), 0);
0635 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
0636 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
0637 }
0638
0639 TEST_F(tls, splice_from_pipe2)
0640 {
0641 int send_len = 16000;
0642 char mem_send[16000];
0643 char mem_recv[16000];
0644 int p2[2];
0645 int p[2];
0646
0647 memrnd(mem_send, sizeof(mem_send));
0648
0649 ASSERT_GE(pipe(p), 0);
0650 ASSERT_GE(pipe(p2), 0);
0651 EXPECT_EQ(write(p[1], mem_send, 8000), 8000);
0652 EXPECT_EQ(splice(p[0], NULL, self->fd, NULL, 8000, 0), 8000);
0653 EXPECT_EQ(write(p2[1], mem_send + 8000, 8000), 8000);
0654 EXPECT_EQ(splice(p2[0], NULL, self->fd, NULL, 8000, 0), 8000);
0655 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
0656 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
0657 }
0658
0659 TEST_F(tls, send_and_splice)
0660 {
0661 int send_len = TLS_PAYLOAD_MAX_LEN;
0662 char mem_send[TLS_PAYLOAD_MAX_LEN];
0663 char mem_recv[TLS_PAYLOAD_MAX_LEN];
0664 char const *test_str = "test_read";
0665 int send_len2 = 10;
0666 char buf[10];
0667 int p[2];
0668
0669 ASSERT_GE(pipe(p), 0);
0670 EXPECT_EQ(send(self->fd, test_str, send_len2, 0), send_len2);
0671 EXPECT_EQ(recv(self->cfd, buf, send_len2, MSG_WAITALL), send_len2);
0672 EXPECT_EQ(memcmp(test_str, buf, send_len2), 0);
0673
0674 EXPECT_GE(write(p[1], mem_send, send_len), send_len);
0675 EXPECT_GE(splice(p[0], NULL, self->fd, NULL, send_len, 0), send_len);
0676
0677 EXPECT_EQ(recv(self->cfd, mem_recv, send_len, MSG_WAITALL), send_len);
0678 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
0679 }
0680
0681 TEST_F(tls, splice_to_pipe)
0682 {
0683 int send_len = TLS_PAYLOAD_MAX_LEN;
0684 char mem_send[TLS_PAYLOAD_MAX_LEN];
0685 char mem_recv[TLS_PAYLOAD_MAX_LEN];
0686 int p[2];
0687
0688 memrnd(mem_send, sizeof(mem_send));
0689
0690 ASSERT_GE(pipe(p), 0);
0691 EXPECT_EQ(send(self->fd, mem_send, send_len, 0), send_len);
0692 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), send_len);
0693 EXPECT_EQ(read(p[0], mem_recv, send_len), send_len);
0694 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
0695 }
0696
0697 TEST_F(tls, splice_cmsg_to_pipe)
0698 {
0699 char *test_str = "test_read";
0700 char record_type = 100;
0701 int send_len = 10;
0702 char buf[10];
0703 int p[2];
0704
0705 if (self->notls)
0706 SKIP(return, "no TLS support");
0707
0708 ASSERT_GE(pipe(p), 0);
0709 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10);
0710 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), -1);
0711 EXPECT_EQ(errno, EINVAL);
0712 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
0713 EXPECT_EQ(errno, EIO);
0714 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type,
0715 buf, sizeof(buf), MSG_WAITALL),
0716 send_len);
0717 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
0718 }
0719
0720 TEST_F(tls, splice_dec_cmsg_to_pipe)
0721 {
0722 char *test_str = "test_read";
0723 char record_type = 100;
0724 int send_len = 10;
0725 char buf[10];
0726 int p[2];
0727
0728 if (self->notls)
0729 SKIP(return, "no TLS support");
0730
0731 ASSERT_GE(pipe(p), 0);
0732 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10);
0733 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
0734 EXPECT_EQ(errno, EIO);
0735 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, send_len, 0), -1);
0736 EXPECT_EQ(errno, EINVAL);
0737 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type,
0738 buf, sizeof(buf), MSG_WAITALL),
0739 send_len);
0740 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
0741 }
0742
0743 TEST_F(tls, recv_and_splice)
0744 {
0745 int send_len = TLS_PAYLOAD_MAX_LEN;
0746 char mem_send[TLS_PAYLOAD_MAX_LEN];
0747 char mem_recv[TLS_PAYLOAD_MAX_LEN];
0748 int half = send_len / 2;
0749 int p[2];
0750
0751 ASSERT_GE(pipe(p), 0);
0752 EXPECT_EQ(send(self->fd, mem_send, send_len, 0), send_len);
0753
0754 EXPECT_EQ(recv(self->cfd, mem_recv, half, MSG_WAITALL), half);
0755 EXPECT_EQ(splice(self->cfd, NULL, p[1], NULL, half, SPLICE_F_NONBLOCK),
0756 half);
0757 EXPECT_EQ(read(p[0], &mem_recv[half], half), half);
0758 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
0759 }
0760
0761 TEST_F(tls, peek_and_splice)
0762 {
0763 int send_len = TLS_PAYLOAD_MAX_LEN;
0764 char mem_send[TLS_PAYLOAD_MAX_LEN];
0765 char mem_recv[TLS_PAYLOAD_MAX_LEN];
0766 int chunk = TLS_PAYLOAD_MAX_LEN / 4;
0767 int n, i, p[2];
0768
0769 memrnd(mem_send, sizeof(mem_send));
0770
0771 ASSERT_GE(pipe(p), 0);
0772 for (i = 0; i < 4; i++)
0773 EXPECT_EQ(send(self->fd, &mem_send[chunk * i], chunk, 0),
0774 chunk);
0775
0776 EXPECT_EQ(recv(self->cfd, mem_recv, chunk * 5 / 2,
0777 MSG_WAITALL | MSG_PEEK),
0778 chunk * 5 / 2);
0779 EXPECT_EQ(memcmp(mem_send, mem_recv, chunk * 5 / 2), 0);
0780
0781 n = 0;
0782 while (n < send_len) {
0783 i = splice(self->cfd, NULL, p[1], NULL, send_len - n, 0);
0784 EXPECT_GT(i, 0);
0785 n += i;
0786 }
0787 EXPECT_EQ(n, send_len);
0788 EXPECT_EQ(read(p[0], mem_recv, send_len), send_len);
0789 EXPECT_EQ(memcmp(mem_send, mem_recv, send_len), 0);
0790 }
0791
0792 TEST_F(tls, recvmsg_single)
0793 {
0794 char const *test_str = "test_recvmsg_single";
0795 int send_len = strlen(test_str) + 1;
0796 char buf[20];
0797 struct msghdr hdr;
0798 struct iovec vec;
0799
0800 memset(&hdr, 0, sizeof(hdr));
0801 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
0802 vec.iov_base = (char *)buf;
0803 vec.iov_len = send_len;
0804 hdr.msg_iovlen = 1;
0805 hdr.msg_iov = &vec;
0806 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
0807 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
0808 }
0809
0810 TEST_F(tls, recvmsg_single_max)
0811 {
0812 int send_len = TLS_PAYLOAD_MAX_LEN;
0813 char send_mem[TLS_PAYLOAD_MAX_LEN];
0814 char recv_mem[TLS_PAYLOAD_MAX_LEN];
0815 struct iovec vec;
0816 struct msghdr hdr;
0817
0818 memrnd(send_mem, sizeof(send_mem));
0819
0820 EXPECT_EQ(send(self->fd, send_mem, send_len, 0), send_len);
0821 vec.iov_base = (char *)recv_mem;
0822 vec.iov_len = TLS_PAYLOAD_MAX_LEN;
0823
0824 hdr.msg_iovlen = 1;
0825 hdr.msg_iov = &vec;
0826 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
0827 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
0828 }
0829
0830 TEST_F(tls, recvmsg_multiple)
0831 {
0832 unsigned int msg_iovlen = 1024;
0833 struct iovec vec[1024];
0834 char *iov_base[1024];
0835 unsigned int iov_len = 16;
0836 int send_len = 1 << 14;
0837 char buf[1 << 14];
0838 struct msghdr hdr;
0839 int i;
0840
0841 memrnd(buf, sizeof(buf));
0842
0843 EXPECT_EQ(send(self->fd, buf, send_len, 0), send_len);
0844 for (i = 0; i < msg_iovlen; i++) {
0845 iov_base[i] = (char *)malloc(iov_len);
0846 vec[i].iov_base = iov_base[i];
0847 vec[i].iov_len = iov_len;
0848 }
0849
0850 hdr.msg_iovlen = msg_iovlen;
0851 hdr.msg_iov = vec;
0852 EXPECT_NE(recvmsg(self->cfd, &hdr, 0), -1);
0853
0854 for (i = 0; i < msg_iovlen; i++)
0855 free(iov_base[i]);
0856 }
0857
0858 TEST_F(tls, single_send_multiple_recv)
0859 {
0860 unsigned int total_len = TLS_PAYLOAD_MAX_LEN * 2;
0861 unsigned int send_len = TLS_PAYLOAD_MAX_LEN;
0862 char send_mem[TLS_PAYLOAD_MAX_LEN * 2];
0863 char recv_mem[TLS_PAYLOAD_MAX_LEN * 2];
0864
0865 memrnd(send_mem, sizeof(send_mem));
0866
0867 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
0868 memset(recv_mem, 0, total_len);
0869
0870 EXPECT_NE(recv(self->cfd, recv_mem, send_len, 0), -1);
0871 EXPECT_NE(recv(self->cfd, recv_mem + send_len, send_len, 0), -1);
0872 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
0873 }
0874
0875 TEST_F(tls, multiple_send_single_recv)
0876 {
0877 unsigned int total_len = 2 * 10;
0878 unsigned int send_len = 10;
0879 char recv_mem[2 * 10];
0880 char send_mem[10];
0881
0882 memrnd(send_mem, sizeof(send_mem));
0883
0884 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
0885 EXPECT_GE(send(self->fd, send_mem, send_len, 0), 0);
0886 memset(recv_mem, 0, total_len);
0887 EXPECT_EQ(recv(self->cfd, recv_mem, total_len, MSG_WAITALL), total_len);
0888
0889 EXPECT_EQ(memcmp(send_mem, recv_mem, send_len), 0);
0890 EXPECT_EQ(memcmp(send_mem, recv_mem + send_len, send_len), 0);
0891 }
0892
0893 TEST_F(tls, single_send_multiple_recv_non_align)
0894 {
0895 const unsigned int total_len = 15;
0896 const unsigned int recv_len = 10;
0897 char recv_mem[recv_len * 2];
0898 char send_mem[total_len];
0899
0900 memrnd(send_mem, sizeof(send_mem));
0901
0902 EXPECT_GE(send(self->fd, send_mem, total_len, 0), 0);
0903 memset(recv_mem, 0, total_len);
0904
0905 EXPECT_EQ(recv(self->cfd, recv_mem, recv_len, 0), recv_len);
0906 EXPECT_EQ(recv(self->cfd, recv_mem + recv_len, recv_len, 0), 5);
0907 EXPECT_EQ(memcmp(send_mem, recv_mem, total_len), 0);
0908 }
0909
0910 TEST_F(tls, recv_partial)
0911 {
0912 char const *test_str = "test_read_partial";
0913 char const *test_str_first = "test_read";
0914 char const *test_str_second = "_partial";
0915 int send_len = strlen(test_str) + 1;
0916 char recv_mem[18];
0917
0918 memset(recv_mem, 0, sizeof(recv_mem));
0919 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
0920 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_first),
0921 MSG_WAITALL), -1);
0922 EXPECT_EQ(memcmp(test_str_first, recv_mem, strlen(test_str_first)), 0);
0923 memset(recv_mem, 0, sizeof(recv_mem));
0924 EXPECT_NE(recv(self->cfd, recv_mem, strlen(test_str_second),
0925 MSG_WAITALL), -1);
0926 EXPECT_EQ(memcmp(test_str_second, recv_mem, strlen(test_str_second)),
0927 0);
0928 }
0929
0930 TEST_F(tls, recv_nonblock)
0931 {
0932 char buf[4096];
0933 bool err;
0934
0935 EXPECT_EQ(recv(self->cfd, buf, sizeof(buf), MSG_DONTWAIT), -1);
0936 err = (errno == EAGAIN || errno == EWOULDBLOCK);
0937 EXPECT_EQ(err, true);
0938 }
0939
0940 TEST_F(tls, recv_peek)
0941 {
0942 char const *test_str = "test_read_peek";
0943 int send_len = strlen(test_str) + 1;
0944 char buf[15];
0945
0946 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
0947 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_PEEK), send_len);
0948 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
0949 memset(buf, 0, sizeof(buf));
0950 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), send_len);
0951 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
0952 }
0953
0954 TEST_F(tls, recv_peek_multiple)
0955 {
0956 char const *test_str = "test_read_peek";
0957 int send_len = strlen(test_str) + 1;
0958 unsigned int num_peeks = 100;
0959 char buf[15];
0960 int i;
0961
0962 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
0963 for (i = 0; i < num_peeks; i++) {
0964 EXPECT_NE(recv(self->cfd, buf, send_len, MSG_PEEK), -1);
0965 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
0966 memset(buf, 0, sizeof(buf));
0967 }
0968 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
0969 EXPECT_EQ(memcmp(test_str, buf, send_len), 0);
0970 }
0971
0972 TEST_F(tls, recv_peek_multiple_records)
0973 {
0974 char const *test_str = "test_read_peek_mult_recs";
0975 char const *test_str_first = "test_read_peek";
0976 char const *test_str_second = "_mult_recs";
0977 int len;
0978 char buf[64];
0979
0980 len = strlen(test_str_first);
0981 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
0982
0983 len = strlen(test_str_second) + 1;
0984 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
0985
0986 len = strlen(test_str_first);
0987 memset(buf, 0, len);
0988 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
0989
0990
0991 len = strlen(test_str_first);
0992 EXPECT_EQ(memcmp(test_str_first, buf, len), 0);
0993
0994 len = strlen(test_str) + 1;
0995 memset(buf, 0, len);
0996 EXPECT_EQ(recv(self->cfd, buf, len, MSG_WAITALL), len);
0997
0998
0999
1000
1001 len = strlen(test_str) + 1;
1002 EXPECT_EQ(memcmp(test_str, buf, len), 0);
1003
1004
1005
1006
1007 len = strlen(test_str_first);
1008 EXPECT_EQ(send(self->fd, test_str_first, len, MSG_MORE), len);
1009
1010 len = strlen(test_str_second) + 1;
1011 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
1012
1013 len = strlen(test_str) + 1;
1014 memset(buf, 0, len);
1015 EXPECT_EQ(recv(self->cfd, buf, len, MSG_PEEK | MSG_WAITALL), len);
1016
1017 len = strlen(test_str) + 1;
1018 EXPECT_EQ(memcmp(test_str, buf, len), 0);
1019 }
1020
1021 TEST_F(tls, recv_peek_large_buf_mult_recs)
1022 {
1023 char const *test_str = "test_read_peek_mult_recs";
1024 char const *test_str_first = "test_read_peek";
1025 char const *test_str_second = "_mult_recs";
1026 int len;
1027 char buf[64];
1028
1029 len = strlen(test_str_first);
1030 EXPECT_EQ(send(self->fd, test_str_first, len, 0), len);
1031
1032 len = strlen(test_str_second) + 1;
1033 EXPECT_EQ(send(self->fd, test_str_second, len, 0), len);
1034
1035 len = strlen(test_str) + 1;
1036 memset(buf, 0, len);
1037 EXPECT_NE((len = recv(self->cfd, buf, len,
1038 MSG_PEEK | MSG_WAITALL)), -1);
1039 len = strlen(test_str) + 1;
1040 EXPECT_EQ(memcmp(test_str, buf, len), 0);
1041 }
1042
1043 TEST_F(tls, recv_lowat)
1044 {
1045 char send_mem[10] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
1046 char recv_mem[20];
1047 int lowat = 8;
1048
1049 EXPECT_EQ(send(self->fd, send_mem, 10, 0), 10);
1050 EXPECT_EQ(send(self->fd, send_mem, 5, 0), 5);
1051
1052 memset(recv_mem, 0, 20);
1053 EXPECT_EQ(setsockopt(self->cfd, SOL_SOCKET, SO_RCVLOWAT,
1054 &lowat, sizeof(lowat)), 0);
1055 EXPECT_EQ(recv(self->cfd, recv_mem, 1, MSG_WAITALL), 1);
1056 EXPECT_EQ(recv(self->cfd, recv_mem + 1, 6, MSG_WAITALL), 6);
1057 EXPECT_EQ(recv(self->cfd, recv_mem + 7, 10, 0), 8);
1058
1059 EXPECT_EQ(memcmp(send_mem, recv_mem, 10), 0);
1060 EXPECT_EQ(memcmp(send_mem, recv_mem + 10, 5), 0);
1061 }
1062
1063 TEST_F(tls, bidir)
1064 {
1065 char const *test_str = "test_read";
1066 int send_len = 10;
1067 char buf[10];
1068 int ret;
1069
1070 if (!self->notls) {
1071 struct tls_crypto_info_keys tls12;
1072
1073 tls_crypto_info_init(variant->tls_version, variant->cipher_type,
1074 &tls12);
1075
1076 ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
1077 tls12.len);
1078 ASSERT_EQ(ret, 0);
1079
1080 ret = setsockopt(self->cfd, SOL_TLS, TLS_TX, &tls12,
1081 tls12.len);
1082 ASSERT_EQ(ret, 0);
1083 }
1084
1085 ASSERT_EQ(strlen(test_str) + 1, send_len);
1086
1087 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1088 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1089 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1090
1091 memset(buf, 0, sizeof(buf));
1092
1093 EXPECT_EQ(send(self->cfd, test_str, send_len, 0), send_len);
1094 EXPECT_NE(recv(self->fd, buf, send_len, 0), -1);
1095 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1096 };
1097
1098 TEST_F(tls, pollin)
1099 {
1100 char const *test_str = "test_poll";
1101 struct pollfd fd = { 0, 0, 0 };
1102 char buf[10];
1103 int send_len = 10;
1104
1105 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1106 fd.fd = self->cfd;
1107 fd.events = POLLIN;
1108
1109 EXPECT_EQ(poll(&fd, 1, 20), 1);
1110 EXPECT_EQ(fd.revents & POLLIN, 1);
1111 EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len);
1112
1113 EXPECT_EQ(poll(&fd, 1, 20), 0);
1114 }
1115
1116 TEST_F(tls, poll_wait)
1117 {
1118 char const *test_str = "test_poll_wait";
1119 int send_len = strlen(test_str) + 1;
1120 struct pollfd fd = { 0, 0, 0 };
1121 char recv_mem[15];
1122
1123 fd.fd = self->cfd;
1124 fd.events = POLLIN;
1125 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1126
1127 EXPECT_EQ(poll(&fd, 1, -1), 1);
1128 EXPECT_EQ(fd.revents & POLLIN, 1);
1129 EXPECT_EQ(recv(self->cfd, recv_mem, send_len, MSG_WAITALL), send_len);
1130 }
1131
1132 TEST_F(tls, poll_wait_split)
1133 {
1134 struct pollfd fd = { 0, 0, 0 };
1135 char send_mem[20] = {};
1136 char recv_mem[15];
1137
1138 fd.fd = self->cfd;
1139 fd.events = POLLIN;
1140
1141 EXPECT_EQ(send(self->fd, send_mem, sizeof(send_mem), 0),
1142 sizeof(send_mem));
1143
1144 EXPECT_EQ(poll(&fd, 1, -1), 1);
1145 EXPECT_EQ(fd.revents & POLLIN, 1);
1146 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), MSG_WAITALL),
1147 sizeof(recv_mem));
1148
1149
1150 fd.fd = self->cfd;
1151 fd.events = POLLIN;
1152 EXPECT_EQ(poll(&fd, 1, -1), 1);
1153 EXPECT_EQ(fd.revents & POLLIN, 1);
1154 EXPECT_EQ(recv(self->cfd, recv_mem, sizeof(recv_mem), 0),
1155 sizeof(send_mem) - sizeof(recv_mem));
1156 }
1157
1158 TEST_F(tls, blocking)
1159 {
1160 size_t data = 100000;
1161 int res = fork();
1162
1163 EXPECT_NE(res, -1);
1164
1165 if (res) {
1166
1167 size_t left = data;
1168 char buf[16384];
1169 int status;
1170 int pid2;
1171
1172 while (left) {
1173 int res = send(self->fd, buf,
1174 left > 16384 ? 16384 : left, 0);
1175
1176 EXPECT_GE(res, 0);
1177 left -= res;
1178 }
1179
1180 pid2 = wait(&status);
1181 EXPECT_EQ(status, 0);
1182 EXPECT_EQ(res, pid2);
1183 } else {
1184
1185 size_t left = data;
1186 char buf[16384];
1187
1188 while (left) {
1189 int res = recv(self->cfd, buf,
1190 left > 16384 ? 16384 : left, 0);
1191
1192 EXPECT_GE(res, 0);
1193 left -= res;
1194 }
1195 }
1196 }
1197
1198 TEST_F(tls, nonblocking)
1199 {
1200 size_t data = 100000;
1201 int sendbuf = 100;
1202 int flags;
1203 int res;
1204
1205 flags = fcntl(self->fd, F_GETFL, 0);
1206 fcntl(self->fd, F_SETFL, flags | O_NONBLOCK);
1207 fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK);
1208
1209
1210
1211
1212 EXPECT_EQ(setsockopt(self->fd, SOL_SOCKET, SO_SNDBUF,
1213 &sendbuf, sizeof(sendbuf)), 0);
1214
1215 res = fork();
1216 EXPECT_NE(res, -1);
1217
1218 if (res) {
1219
1220 bool eagain = false;
1221 size_t left = data;
1222 char buf[16384];
1223 int status;
1224 int pid2;
1225
1226 while (left) {
1227 int res = send(self->fd, buf,
1228 left > 16384 ? 16384 : left, 0);
1229
1230 if (res == -1 && errno == EAGAIN) {
1231 eagain = true;
1232 usleep(10000);
1233 continue;
1234 }
1235 EXPECT_GE(res, 0);
1236 left -= res;
1237 }
1238
1239 EXPECT_TRUE(eagain);
1240 pid2 = wait(&status);
1241
1242 EXPECT_EQ(status, 0);
1243 EXPECT_EQ(res, pid2);
1244 } else {
1245
1246 bool eagain = false;
1247 size_t left = data;
1248 char buf[16384];
1249
1250 while (left) {
1251 int res = recv(self->cfd, buf,
1252 left > 16384 ? 16384 : left, 0);
1253
1254 if (res == -1 && errno == EAGAIN) {
1255 eagain = true;
1256 usleep(10000);
1257 continue;
1258 }
1259 EXPECT_GE(res, 0);
1260 left -= res;
1261 }
1262 EXPECT_TRUE(eagain);
1263 }
1264 }
1265
1266 static void
1267 test_mutliproc(struct __test_metadata *_metadata, struct _test_data_tls *self,
1268 bool sendpg, unsigned int n_readers, unsigned int n_writers)
1269 {
1270 const unsigned int n_children = n_readers + n_writers;
1271 const size_t data = 6 * 1000 * 1000;
1272 const size_t file_sz = data / 100;
1273 size_t read_bias, write_bias;
1274 int i, fd, child_id;
1275 char buf[file_sz];
1276 pid_t pid;
1277
1278
1279 ASSERT_EQ(!(n_readers % n_writers) || !(n_writers % n_readers), true);
1280 read_bias = n_writers / n_readers ?: 1;
1281 write_bias = n_readers / n_writers ?: 1;
1282
1283
1284 fd = open("/tmp/", O_TMPFILE | O_RDWR, 0600);
1285 ASSERT_GE(fd, 0);
1286
1287 memset(buf, 0xac, file_sz);
1288 ASSERT_EQ(write(fd, buf, file_sz), file_sz);
1289
1290
1291 for (child_id = 0; child_id < n_children; child_id++) {
1292 pid = fork();
1293 ASSERT_NE(pid, -1);
1294 if (!pid)
1295 break;
1296 }
1297
1298
1299 if (pid) {
1300 for (i = 0; i < n_children; i++) {
1301 int status;
1302
1303 wait(&status);
1304 EXPECT_EQ(status, 0);
1305 }
1306
1307 return;
1308 }
1309
1310
1311 if (child_id < n_readers) {
1312 size_t left = data * read_bias;
1313 char rb[8001];
1314
1315 while (left) {
1316 int res;
1317
1318 res = recv(self->cfd, rb,
1319 left > sizeof(rb) ? sizeof(rb) : left, 0);
1320
1321 EXPECT_GE(res, 0);
1322 left -= res;
1323 }
1324 } else {
1325 size_t left = data * write_bias;
1326
1327 while (left) {
1328 int res;
1329
1330 ASSERT_EQ(lseek(fd, 0, SEEK_SET), 0);
1331 if (sendpg)
1332 res = sendfile(self->fd, fd, NULL,
1333 left > file_sz ? file_sz : left);
1334 else
1335 res = send(self->fd, buf,
1336 left > file_sz ? file_sz : left, 0);
1337
1338 EXPECT_GE(res, 0);
1339 left -= res;
1340 }
1341 }
1342 }
1343
1344 TEST_F(tls, mutliproc_even)
1345 {
1346 test_mutliproc(_metadata, self, false, 6, 6);
1347 }
1348
1349 TEST_F(tls, mutliproc_readers)
1350 {
1351 test_mutliproc(_metadata, self, false, 4, 12);
1352 }
1353
1354 TEST_F(tls, mutliproc_writers)
1355 {
1356 test_mutliproc(_metadata, self, false, 10, 2);
1357 }
1358
1359 TEST_F(tls, mutliproc_sendpage_even)
1360 {
1361 test_mutliproc(_metadata, self, true, 6, 6);
1362 }
1363
1364 TEST_F(tls, mutliproc_sendpage_readers)
1365 {
1366 test_mutliproc(_metadata, self, true, 4, 12);
1367 }
1368
1369 TEST_F(tls, mutliproc_sendpage_writers)
1370 {
1371 test_mutliproc(_metadata, self, true, 10, 2);
1372 }
1373
1374 TEST_F(tls, control_msg)
1375 {
1376 char *test_str = "test_read";
1377 char record_type = 100;
1378 int send_len = 10;
1379 char buf[10];
1380
1381 if (self->notls)
1382 SKIP(return, "no TLS support");
1383
1384 EXPECT_EQ(tls_send_cmsg(self->fd, record_type, test_str, send_len, 0),
1385 send_len);
1386
1387 EXPECT_EQ(recv(self->cfd, buf, send_len, 0), -1);
1388
1389 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type,
1390 buf, sizeof(buf), MSG_WAITALL | MSG_PEEK),
1391 send_len);
1392 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1393
1394
1395 memset(buf, 0, sizeof(buf));
1396
1397 EXPECT_EQ(tls_recv_cmsg(_metadata, self->cfd, record_type,
1398 buf, sizeof(buf), MSG_WAITALL),
1399 send_len);
1400 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1401 }
1402
1403 TEST_F(tls, shutdown)
1404 {
1405 char const *test_str = "test_read";
1406 int send_len = 10;
1407 char buf[10];
1408
1409 ASSERT_EQ(strlen(test_str) + 1, send_len);
1410
1411 EXPECT_EQ(send(self->fd, test_str, send_len, 0), send_len);
1412 EXPECT_NE(recv(self->cfd, buf, send_len, 0), -1);
1413 EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
1414
1415 shutdown(self->fd, SHUT_RDWR);
1416 shutdown(self->cfd, SHUT_RDWR);
1417 }
1418
1419 TEST_F(tls, shutdown_unsent)
1420 {
1421 char const *test_str = "test_read";
1422 int send_len = 10;
1423
1424 EXPECT_EQ(send(self->fd, test_str, send_len, MSG_MORE), send_len);
1425
1426 shutdown(self->fd, SHUT_RDWR);
1427 shutdown(self->cfd, SHUT_RDWR);
1428 }
1429
1430 TEST_F(tls, shutdown_reuse)
1431 {
1432 struct sockaddr_in addr;
1433 int ret;
1434
1435 shutdown(self->fd, SHUT_RDWR);
1436 shutdown(self->cfd, SHUT_RDWR);
1437 close(self->cfd);
1438
1439 addr.sin_family = AF_INET;
1440 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1441 addr.sin_port = 0;
1442
1443 ret = bind(self->fd, &addr, sizeof(addr));
1444 EXPECT_EQ(ret, 0);
1445 ret = listen(self->fd, 10);
1446 EXPECT_EQ(ret, -1);
1447 EXPECT_EQ(errno, EINVAL);
1448
1449 ret = connect(self->fd, &addr, sizeof(addr));
1450 EXPECT_EQ(ret, -1);
1451 EXPECT_EQ(errno, EISCONN);
1452 }
1453
1454 FIXTURE(tls_err)
1455 {
1456 int fd, cfd;
1457 int fd2, cfd2;
1458 bool notls;
1459 };
1460
1461 FIXTURE_VARIANT(tls_err)
1462 {
1463 uint16_t tls_version;
1464 };
1465
1466 FIXTURE_VARIANT_ADD(tls_err, 12_aes_gcm)
1467 {
1468 .tls_version = TLS_1_2_VERSION,
1469 };
1470
1471 FIXTURE_VARIANT_ADD(tls_err, 13_aes_gcm)
1472 {
1473 .tls_version = TLS_1_3_VERSION,
1474 };
1475
1476 FIXTURE_SETUP(tls_err)
1477 {
1478 struct tls_crypto_info_keys tls12;
1479 int ret;
1480
1481 tls_crypto_info_init(variant->tls_version, TLS_CIPHER_AES_GCM_128,
1482 &tls12);
1483
1484 ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls);
1485 ulp_sock_pair(_metadata, &self->fd2, &self->cfd2, &self->notls);
1486 if (self->notls)
1487 return;
1488
1489 ret = setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, tls12.len);
1490 ASSERT_EQ(ret, 0);
1491
1492 ret = setsockopt(self->cfd2, SOL_TLS, TLS_RX, &tls12, tls12.len);
1493 ASSERT_EQ(ret, 0);
1494 }
1495
1496 FIXTURE_TEARDOWN(tls_err)
1497 {
1498 close(self->fd);
1499 close(self->cfd);
1500 close(self->fd2);
1501 close(self->cfd2);
1502 }
1503
1504 TEST_F(tls_err, bad_rec)
1505 {
1506 char buf[64];
1507
1508 if (self->notls)
1509 SKIP(return, "no TLS support");
1510
1511 memset(buf, 0x55, sizeof(buf));
1512 EXPECT_EQ(send(self->fd2, buf, sizeof(buf), 0), sizeof(buf));
1513 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1);
1514 EXPECT_EQ(errno, EMSGSIZE);
1515 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), MSG_DONTWAIT), -1);
1516 EXPECT_EQ(errno, EAGAIN);
1517 }
1518
1519 TEST_F(tls_err, bad_auth)
1520 {
1521 char buf[128];
1522 int n;
1523
1524 if (self->notls)
1525 SKIP(return, "no TLS support");
1526
1527 memrnd(buf, sizeof(buf) / 2);
1528 EXPECT_EQ(send(self->fd, buf, sizeof(buf) / 2, 0), sizeof(buf) / 2);
1529 n = recv(self->cfd, buf, sizeof(buf), 0);
1530 EXPECT_GT(n, sizeof(buf) / 2);
1531
1532 buf[n - 1]++;
1533
1534 EXPECT_EQ(send(self->fd2, buf, n, 0), n);
1535 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1);
1536 EXPECT_EQ(errno, EBADMSG);
1537 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1);
1538 EXPECT_EQ(errno, EBADMSG);
1539 }
1540
1541 TEST_F(tls_err, bad_in_large_read)
1542 {
1543 char txt[3][64];
1544 char cip[3][128];
1545 char buf[3 * 128];
1546 int i, n;
1547
1548 if (self->notls)
1549 SKIP(return, "no TLS support");
1550
1551
1552 for (i = 0; i < 3; i++) {
1553 memrnd(txt[i], sizeof(txt[i]));
1554 EXPECT_EQ(send(self->fd, txt[i], sizeof(txt[i]), 0),
1555 sizeof(txt[i]));
1556 n = recv(self->cfd, cip[i], sizeof(cip[i]), 0);
1557 EXPECT_GT(n, sizeof(txt[i]));
1558
1559 if (i == 2)
1560 cip[2][n - 1]++;
1561 EXPECT_EQ(send(self->fd2, cip[i], n, 0), n);
1562 }
1563
1564
1565 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), sizeof(txt[0]) * 2);
1566 EXPECT_EQ(memcmp(buf, txt[0], sizeof(txt[0])), 0);
1567 EXPECT_EQ(memcmp(buf + sizeof(txt[0]), txt[1], sizeof(txt[1])), 0);
1568
1569 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1);
1570 EXPECT_EQ(errno, EBADMSG);
1571 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1);
1572 EXPECT_EQ(errno, EBADMSG);
1573 }
1574
1575 TEST_F(tls_err, bad_cmsg)
1576 {
1577 char *test_str = "test_read";
1578 int send_len = 10;
1579 char cip[128];
1580 char buf[128];
1581 char txt[64];
1582 int n;
1583
1584 if (self->notls)
1585 SKIP(return, "no TLS support");
1586
1587
1588 memrnd(txt, sizeof(txt));
1589 EXPECT_EQ(send(self->fd, txt, sizeof(txt), 0), sizeof(txt));
1590 n = recv(self->cfd, cip, sizeof(cip), 0);
1591 EXPECT_GT(n, sizeof(txt));
1592 EXPECT_EQ(send(self->fd2, cip, n, 0), n);
1593
1594 EXPECT_EQ(tls_send_cmsg(self->fd, 100, test_str, send_len, 0), 10);
1595 n = recv(self->cfd, cip, sizeof(cip), 0);
1596 cip[n - 1]++;
1597 EXPECT_GT(n, send_len);
1598 EXPECT_EQ(send(self->fd2, cip, n, 0), n);
1599
1600 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), sizeof(txt));
1601 EXPECT_EQ(memcmp(buf, txt, sizeof(txt)), 0);
1602 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1);
1603 EXPECT_EQ(errno, EBADMSG);
1604 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1);
1605 EXPECT_EQ(errno, EBADMSG);
1606 }
1607
1608 TEST_F(tls_err, timeo)
1609 {
1610 struct timeval tv = { .tv_usec = 10000, };
1611 char buf[128];
1612 int ret;
1613
1614 if (self->notls)
1615 SKIP(return, "no TLS support");
1616
1617 ret = setsockopt(self->cfd2, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv));
1618 ASSERT_EQ(ret, 0);
1619
1620 ret = fork();
1621 ASSERT_GE(ret, 0);
1622
1623 if (ret) {
1624 usleep(1000);
1625
1626 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1);
1627 EXPECT_EQ(errno, EAGAIN);
1628
1629 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1);
1630 EXPECT_EQ(errno, EAGAIN);
1631
1632 wait(&ret);
1633 } else {
1634 EXPECT_EQ(recv(self->cfd2, buf, sizeof(buf), 0), -1);
1635 EXPECT_EQ(errno, EAGAIN);
1636 exit(0);
1637 }
1638 }
1639
1640 TEST(non_established) {
1641 struct tls12_crypto_info_aes_gcm_256 tls12;
1642 struct sockaddr_in addr;
1643 int sfd, ret, fd;
1644 socklen_t len;
1645
1646 len = sizeof(addr);
1647
1648 memset(&tls12, 0, sizeof(tls12));
1649 tls12.info.version = TLS_1_2_VERSION;
1650 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1651
1652 addr.sin_family = AF_INET;
1653 addr.sin_addr.s_addr = htonl(INADDR_ANY);
1654 addr.sin_port = 0;
1655
1656 fd = socket(AF_INET, SOCK_STREAM, 0);
1657 sfd = socket(AF_INET, SOCK_STREAM, 0);
1658
1659 ret = bind(sfd, &addr, sizeof(addr));
1660 ASSERT_EQ(ret, 0);
1661 ret = listen(sfd, 10);
1662 ASSERT_EQ(ret, 0);
1663
1664 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1665 EXPECT_EQ(ret, -1);
1666
1667 if (errno == ENOENT)
1668 return;
1669 EXPECT_EQ(errno, ENOTCONN);
1670
1671 ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1672 EXPECT_EQ(ret, -1);
1673 EXPECT_EQ(errno, ENOTCONN);
1674
1675 ret = getsockname(sfd, &addr, &len);
1676 ASSERT_EQ(ret, 0);
1677
1678 ret = connect(fd, &addr, sizeof(addr));
1679 ASSERT_EQ(ret, 0);
1680
1681 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1682 ASSERT_EQ(ret, 0);
1683
1684 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1685 EXPECT_EQ(ret, -1);
1686 EXPECT_EQ(errno, EEXIST);
1687
1688 close(fd);
1689 close(sfd);
1690 }
1691
1692 TEST(keysizes) {
1693 struct tls12_crypto_info_aes_gcm_256 tls12;
1694 int ret, fd, cfd;
1695 bool notls;
1696
1697 memset(&tls12, 0, sizeof(tls12));
1698 tls12.info.version = TLS_1_2_VERSION;
1699 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1700
1701 ulp_sock_pair(_metadata, &fd, &cfd, ¬ls);
1702
1703 if (!notls) {
1704 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
1705 sizeof(tls12));
1706 EXPECT_EQ(ret, 0);
1707
1708 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
1709 sizeof(tls12));
1710 EXPECT_EQ(ret, 0);
1711 }
1712
1713 close(fd);
1714 close(cfd);
1715 }
1716
1717 TEST(no_pad) {
1718 struct tls12_crypto_info_aes_gcm_256 tls12;
1719 int ret, fd, cfd, val;
1720 socklen_t len;
1721 bool notls;
1722
1723 memset(&tls12, 0, sizeof(tls12));
1724 tls12.info.version = TLS_1_3_VERSION;
1725 tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256;
1726
1727 ulp_sock_pair(_metadata, &fd, &cfd, ¬ls);
1728
1729 if (notls)
1730 exit(KSFT_SKIP);
1731
1732 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, sizeof(tls12));
1733 EXPECT_EQ(ret, 0);
1734
1735 ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, sizeof(tls12));
1736 EXPECT_EQ(ret, 0);
1737
1738 val = 1;
1739 ret = setsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD,
1740 (void *)&val, sizeof(val));
1741 EXPECT_EQ(ret, 0);
1742
1743 len = sizeof(val);
1744 val = 2;
1745 ret = getsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD,
1746 (void *)&val, &len);
1747 EXPECT_EQ(ret, 0);
1748 EXPECT_EQ(val, 1);
1749 EXPECT_EQ(len, 4);
1750
1751 val = 0;
1752 ret = setsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD,
1753 (void *)&val, sizeof(val));
1754 EXPECT_EQ(ret, 0);
1755
1756 len = sizeof(val);
1757 val = 2;
1758 ret = getsockopt(cfd, SOL_TLS, TLS_RX_EXPECT_NO_PAD,
1759 (void *)&val, &len);
1760 EXPECT_EQ(ret, 0);
1761 EXPECT_EQ(val, 0);
1762 EXPECT_EQ(len, 4);
1763
1764 close(fd);
1765 close(cfd);
1766 }
1767
1768 TEST(tls_v6ops) {
1769 struct tls_crypto_info_keys tls12;
1770 struct sockaddr_in6 addr, addr2;
1771 int sfd, ret, fd;
1772 socklen_t len, len2;
1773
1774 tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_128, &tls12);
1775
1776 addr.sin6_family = AF_INET6;
1777 addr.sin6_addr = in6addr_any;
1778 addr.sin6_port = 0;
1779
1780 fd = socket(AF_INET6, SOCK_STREAM, 0);
1781 sfd = socket(AF_INET6, SOCK_STREAM, 0);
1782
1783 ret = bind(sfd, &addr, sizeof(addr));
1784 ASSERT_EQ(ret, 0);
1785 ret = listen(sfd, 10);
1786 ASSERT_EQ(ret, 0);
1787
1788 len = sizeof(addr);
1789 ret = getsockname(sfd, &addr, &len);
1790 ASSERT_EQ(ret, 0);
1791
1792 ret = connect(fd, &addr, sizeof(addr));
1793 ASSERT_EQ(ret, 0);
1794
1795 len = sizeof(addr);
1796 ret = getsockname(fd, &addr, &len);
1797 ASSERT_EQ(ret, 0);
1798
1799 ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
1800 if (ret) {
1801 ASSERT_EQ(errno, ENOENT);
1802 SKIP(return, "no TLS support");
1803 }
1804 ASSERT_EQ(ret, 0);
1805
1806 ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, tls12.len);
1807 ASSERT_EQ(ret, 0);
1808
1809 ret = setsockopt(fd, SOL_TLS, TLS_RX, &tls12, tls12.len);
1810 ASSERT_EQ(ret, 0);
1811
1812 len2 = sizeof(addr2);
1813 ret = getsockname(fd, &addr2, &len2);
1814 ASSERT_EQ(ret, 0);
1815
1816 EXPECT_EQ(len2, len);
1817 EXPECT_EQ(memcmp(&addr, &addr2, len), 0);
1818
1819 close(fd);
1820 close(sfd);
1821 }
1822
1823 TEST_HARNESS_MAIN
