mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2025-01-19 12:24:34 +08:00
selftests: tls: run all tests for TLS 1.2 and TLS 1.3
TLS 1.2 and TLS 1.3 differ in the implementation. Use fixture parameters to run all tests for both versions, and remove the one-off TLS 1.2 test. Signed-off-by: Jakub Kicinski <kuba@kernel.org> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
74bc7c97fa
commit
0feba2219b
@ -101,6 +101,21 @@ FIXTURE(tls)
|
||||
bool notls;
|
||||
};
|
||||
|
||||
FIXTURE_VARIANT(tls)
|
||||
{
|
||||
unsigned int tls_version;
|
||||
};
|
||||
|
||||
FIXTURE_VARIANT_ADD(tls, 12)
|
||||
{
|
||||
.tls_version = TLS_1_2_VERSION,
|
||||
};
|
||||
|
||||
FIXTURE_VARIANT_ADD(tls, 13)
|
||||
{
|
||||
.tls_version = TLS_1_3_VERSION,
|
||||
};
|
||||
|
||||
FIXTURE_SETUP(tls)
|
||||
{
|
||||
struct tls12_crypto_info_aes_gcm_128 tls12;
|
||||
@ -112,7 +127,7 @@ FIXTURE_SETUP(tls)
|
||||
len = sizeof(addr);
|
||||
|
||||
memset(&tls12, 0, sizeof(tls12));
|
||||
tls12.info.version = TLS_1_3_VERSION;
|
||||
tls12.info.version = variant->tls_version;
|
||||
tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
|
||||
|
||||
addr.sin_family = AF_INET;
|
||||
@ -733,7 +748,7 @@ TEST_F(tls, bidir)
|
||||
struct tls12_crypto_info_aes_gcm_128 tls12;
|
||||
|
||||
memset(&tls12, 0, sizeof(tls12));
|
||||
tls12.info.version = TLS_1_3_VERSION;
|
||||
tls12.info.version = variant->tls_version;
|
||||
tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
|
||||
|
||||
ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,
|
||||
@ -1258,78 +1273,4 @@ TEST(keysizes) {
|
||||
close(cfd);
|
||||
}
|
||||
|
||||
TEST(tls12) {
|
||||
int fd, cfd;
|
||||
bool notls;
|
||||
|
||||
struct tls12_crypto_info_aes_gcm_128 tls12;
|
||||
struct sockaddr_in addr;
|
||||
socklen_t len;
|
||||
int sfd, ret;
|
||||
|
||||
notls = false;
|
||||
len = sizeof(addr);
|
||||
|
||||
memset(&tls12, 0, sizeof(tls12));
|
||||
tls12.info.version = TLS_1_2_VERSION;
|
||||
tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
|
||||
|
||||
addr.sin_family = AF_INET;
|
||||
addr.sin_addr.s_addr = htonl(INADDR_ANY);
|
||||
addr.sin_port = 0;
|
||||
|
||||
fd = socket(AF_INET, SOCK_STREAM, 0);
|
||||
sfd = socket(AF_INET, SOCK_STREAM, 0);
|
||||
|
||||
ret = bind(sfd, &addr, sizeof(addr));
|
||||
ASSERT_EQ(ret, 0);
|
||||
ret = listen(sfd, 10);
|
||||
ASSERT_EQ(ret, 0);
|
||||
|
||||
ret = getsockname(sfd, &addr, &len);
|
||||
ASSERT_EQ(ret, 0);
|
||||
|
||||
ret = connect(fd, &addr, sizeof(addr));
|
||||
ASSERT_EQ(ret, 0);
|
||||
|
||||
ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
|
||||
if (ret != 0) {
|
||||
notls = true;
|
||||
printf("Failure setting TCP_ULP, testing without tls\n");
|
||||
}
|
||||
|
||||
if (!notls) {
|
||||
ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,
|
||||
sizeof(tls12));
|
||||
ASSERT_EQ(ret, 0);
|
||||
}
|
||||
|
||||
cfd = accept(sfd, &addr, &len);
|
||||
ASSERT_GE(cfd, 0);
|
||||
|
||||
if (!notls) {
|
||||
ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",
|
||||
sizeof("tls"));
|
||||
ASSERT_EQ(ret, 0);
|
||||
|
||||
ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,
|
||||
sizeof(tls12));
|
||||
ASSERT_EQ(ret, 0);
|
||||
}
|
||||
|
||||
close(sfd);
|
||||
|
||||
char const *test_str = "test_read";
|
||||
int send_len = 10;
|
||||
char buf[10];
|
||||
|
||||
send_len = strlen(test_str) + 1;
|
||||
EXPECT_EQ(send(fd, test_str, send_len, 0), send_len);
|
||||
EXPECT_NE(recv(cfd, buf, send_len, 0), -1);
|
||||
EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
|
||||
|
||||
close(fd);
|
||||
close(cfd);
|
||||
}
|
||||
|
||||
TEST_HARNESS_MAIN
|
||||
|
Loading…
Reference in New Issue
Block a user