diff options
| author | Jakub Kicinski <jakub.kicinski@netronome.com> | 2019-07-19 13:29:24 -0400 |
|---|---|---|
| committer | Daniel Borkmann <daniel@iogearbox.net> | 2019-07-22 10:04:17 -0400 |
| commit | 78b5dc3d68dcb1d18d805e8f4e565f19ed6d976a (patch) | |
| tree | e477b7d755d3b5a3606489b37138f76cfef85a43 /tools | |
| parent | cf32526c8842781e32d6652a1e01e83b20490948 (diff) | |
selftests/tls: test error codes around TLS ULP installation
Test the error codes returned when TCP connection is not
in ESTABLISHED state.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Dirk van der Merwe <dirk.vandermerwe@netronome.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/testing/selftests/net/tls.c | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/net/tls.c index 194826fee4f7..10df77326d34 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c | |||
| @@ -911,6 +911,58 @@ TEST_F(tls, control_msg) | |||
| 911 | EXPECT_EQ(memcmp(buf, test_str, send_len), 0); | 911 | EXPECT_EQ(memcmp(buf, test_str, send_len), 0); |
| 912 | } | 912 | } |
| 913 | 913 | ||
| 914 | TEST(non_established) { | ||
| 915 | struct tls12_crypto_info_aes_gcm_256 tls12; | ||
| 916 | struct sockaddr_in addr; | ||
| 917 | int sfd, ret, fd; | ||
| 918 | socklen_t len; | ||
| 919 | |||
| 920 | len = sizeof(addr); | ||
| 921 | |||
| 922 | memset(&tls12, 0, sizeof(tls12)); | ||
| 923 | tls12.info.version = TLS_1_2_VERSION; | ||
| 924 | tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; | ||
| 925 | |||
| 926 | addr.sin_family = AF_INET; | ||
| 927 | addr.sin_addr.s_addr = htonl(INADDR_ANY); | ||
| 928 | addr.sin_port = 0; | ||
| 929 | |||
| 930 | fd = socket(AF_INET, SOCK_STREAM, 0); | ||
| 931 | sfd = socket(AF_INET, SOCK_STREAM, 0); | ||
| 932 | |||
| 933 | ret = bind(sfd, &addr, sizeof(addr)); | ||
| 934 | ASSERT_EQ(ret, 0); | ||
| 935 | ret = listen(sfd, 10); | ||
| 936 | ASSERT_EQ(ret, 0); | ||
| 937 | |||
| 938 | ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); | ||
| 939 | EXPECT_EQ(ret, -1); | ||
| 940 | /* TLS ULP not supported */ | ||
| 941 | if (errno == ENOENT) | ||
| 942 | return; | ||
| 943 | EXPECT_EQ(errno, ENOTSUPP); | ||
| 944 | |||
| 945 | ret = setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); | ||
| 946 | EXPECT_EQ(ret, -1); | ||
| 947 | EXPECT_EQ(errno, ENOTSUPP); | ||
| 948 | |||
| 949 | ret = getsockname(sfd, &addr, &len); | ||
| 950 | ASSERT_EQ(ret, 0); | ||
| 951 | |||
| 952 | ret = connect(fd, &addr, sizeof(addr)); | ||
| 953 | ASSERT_EQ(ret, 0); | ||
| 954 | |||
| 955 | ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); | ||
| 956 | ASSERT_EQ(ret, 0); | ||
| 957 | |||
| 958 | ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); | ||
| 959 | EXPECT_EQ(ret, -1); | ||
| 960 | EXPECT_EQ(errno, EEXIST); | ||
| 961 | |||
| 962 | close(fd); | ||
| 963 | close(sfd); | ||
| 964 | } | ||
| 965 | |||
| 914 | TEST(keysizes) { | 966 | TEST(keysizes) { |
| 915 | struct tls12_crypto_info_aes_gcm_256 tls12; | 967 | struct tls12_crypto_info_aes_gcm_256 tls12; |
| 916 | struct sockaddr_in addr; | 968 | struct sockaddr_in addr; |