Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-10 07:50:04 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

selftests: tls: add getsockopt test

Browse Source 
The kernel accepts fetching either just the version and cipher type,
or exactly the per-cipher struct. Also check that getsockopt returns
what we just passed to the kernel.

Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Link: https://lore.kernel.org/r/81a007ca13de9a74f4af45635d06682cdb385a54.1692977948.git.sd@queasysnail.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
This commit is contained in:
Sabrina Dubroca 2023-08-25 23:35:07 +02:00 committed by Jakub Kicinski
parent 84e306b083
commit f27ad62fe3
1 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
tools/testing/selftests/net/tls.c
View File

@ -30,6 +30,7 @@ static int fips_enabled;
struct tls_crypto_info_keys {
union {
struct tls_crypto_info crypto_info;
struct tls12_crypto_info_aes_gcm_128 aes128;
struct tls12_crypto_info_chacha20_poly1305 chacha20;
struct tls12_crypto_info_sm4_gcm sm4gcm;
@ -1496,6 +1497,40 @@ TEST_F(tls, shutdown_reuse)
EXPECT_EQ(errno, EISCONN);
}
TEST_F(tls, getsockopt)
{
struct tls_crypto_info_keys expect, get;
socklen_t len;
/* get only the version/cipher */
len = sizeof(struct tls_crypto_info);
memrnd(&get, sizeof(get));
EXPECT_EQ(getsockopt(self->fd, SOL_TLS, TLS_TX, &get, &len), 0);
EXPECT_EQ(len, sizeof(struct tls_crypto_info));
EXPECT_EQ(get.crypto_info.version, variant->tls_version);
EXPECT_EQ(get.crypto_info.cipher_type, variant->cipher_type);
/* get the full crypto_info */
tls_crypto_info_init(variant->tls_version, variant->cipher_type, &expect);
len = expect.len;
memrnd(&get, sizeof(get));
EXPECT_EQ(getsockopt(self->fd, SOL_TLS, TLS_TX, &get, &len), 0);
EXPECT_EQ(len, expect.len);
EXPECT_EQ(get.crypto_info.version, variant->tls_version);
EXPECT_EQ(get.crypto_info.cipher_type, variant->cipher_type);
EXPECT_EQ(memcmp(&get, &expect, expect.len), 0);
/* short get should fail */
len = sizeof(struct tls_crypto_info) - 1;
EXPECT_EQ(getsockopt(self->fd, SOL_TLS, TLS_TX, &get, &len), -1);
EXPECT_EQ(errno, EINVAL);
/* partial get of the cipher data should fail */
len = expect.len - 1;
EXPECT_EQ(getsockopt(self->fd, SOL_TLS, TLS_TX, &get, &len), -1);
EXPECT_EQ(errno, EINVAL);
}
FIXTURE(tls_err)
{
int fd, cfd;