[PATCH net-next v2 5/5] net: tls: Add tests for TLS 1.3

Wed, 30 Jan 2019 15:21:27 -0800 

Change most tests to TLS 1.3, while adding tests for previous TLS 1.2
behavior.

Signed-off-by: Dave Watson <davejwat...@fb.com>
---
 tools/testing/selftests/net/tls.c | 76 ++++++++++++++++++++++++++++++-
 1 file changed, 75 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/net/tls.c 
b/tools/testing/selftests/net/tls.c
index c356f481de79..4ac50ccb3272 100644
--- a/tools/testing/selftests/net/tls.c
+++ b/tools/testing/selftests/net/tls.c
@@ -42,7 +42,7 @@ FIXTURE_SETUP(tls)
        len = sizeof(addr);
 
        memset(&tls12, 0, sizeof(tls12));
-       tls12.info.version = TLS_1_2_VERSION;
+       tls12.info.version = TLS_1_3_VERSION;
        tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
 
        addr.sin_family = AF_INET;
@@ -825,4 +825,78 @@ TEST(keysizes) {
        close(cfd);
 }
 
+TEST(tls12) {
+       int fd, cfd;
+       bool notls;
+
+       struct tls12_crypto_info_aes_gcm_128 tls12;
+       struct sockaddr_in addr;
+       socklen_t len;
+       int sfd, ret;
+
+       notls = false;
+       len = sizeof(addr);
+
+       memset(&tls12, 0, sizeof(tls12));
+       tls12.info.version = TLS_1_2_VERSION;
+       tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
+
+       addr.sin_family = AF_INET;
+       addr.sin_addr.s_addr = htonl(INADDR_ANY);
+       addr.sin_port = 0;
+
+       fd = socket(AF_INET, SOCK_STREAM, 0);
+       sfd = socket(AF_INET, SOCK_STREAM, 0);
+
+       ret = bind(sfd, &addr, sizeof(addr));
+       ASSERT_EQ(ret, 0);
+       ret = listen(sfd, 10);
+       ASSERT_EQ(ret, 0);
+
+       ret = getsockname(sfd, &addr, &len);
+       ASSERT_EQ(ret, 0);
+
+       ret = connect(fd, &addr, sizeof(addr));
+       ASSERT_EQ(ret, 0);
+
+       ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
+       if (ret != 0) {
+               notls = true;
+               printf("Failure setting TCP_ULP, testing without tls\n");
+       }
+
+       if (!notls) {
+               ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
+                                sizeof(tls12));
+               ASSERT_EQ(ret, 0);
+       }
+
+       cfd = accept(sfd, &addr, &len);
+       ASSERT_GE(cfd, 0);
+
+       if (!notls) {
+               ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
+                                sizeof("tls"));
+               ASSERT_EQ(ret, 0);
+
+               ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
+                                sizeof(tls12));
+               ASSERT_EQ(ret, 0);
+       }
+
+       close(sfd);
+
+       char const *test_str = "test_read";
+       int send_len = 10;
+       char buf[10];
+
+       send_len = strlen(test_str) + 1;
+       EXPECT_EQ(send(fd, test_str, send_len, 0), send_len);
+       EXPECT_NE(recv(cfd, buf, send_len, 0), -1);
+       EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
+
+       close(fd);
+       close(cfd);
+}
+
 TEST_HARNESS_MAIN
-- 
2.17.1

Reply via email to