On Thu, Mar 12, 2020 at 08:17:52PM -0700, Jakub Kicinski wrote:
TLS 1.2 and TLS 1.3 differ in the implementation. Use fixture parameters to run all tests for both versions, and remove the one-off TLS 1.2 test.
Signed-off-by: Jakub Kicinski kuba@kernel.org
I really like the resulting effect here.
Reviewed-by: Kees Cook keescook@chromium.org
-Kees
tools/testing/selftests/net/tls.c | 93 ++++++------------------------- 1 file changed, 17 insertions(+), 76 deletions(-)
diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/net/tls.c index 0ea44d975b6c..63029728ac97 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -101,6 +101,21 @@ FIXTURE(tls) bool notls; }; +FIXTURE_PARAMS(tls) +{
- unsigned int tls_version;
+};
+FIXTURE_PARAMS_ADD(tls, 12) +{
- .tls_version = TLS_1_2_VERSION,
+};
+FIXTURE_PARAMS_ADD(tls, 13) +{
- .tls_version = TLS_1_3_VERSION,
+};
FIXTURE_SETUP(tls) { struct tls12_crypto_info_aes_gcm_128 tls12; @@ -112,7 +127,7 @@ FIXTURE_SETUP(tls) len = sizeof(addr); memset(&tls12, 0, sizeof(tls12));
- tls12.info.version = TLS_1_3_VERSION;
- tls12.info.version = params->tls_version; tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
addr.sin_family = AF_INET; @@ -733,7 +748,7 @@ TEST_F(tls, bidir) struct tls12_crypto_info_aes_gcm_128 tls12; memset(&tls12, 0, sizeof(tls12));
tls12.info.version = TLS_1_3_VERSION;
tls12.info.version = params->tls_version;ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12, @@ -1258,78 +1273,4 @@ TEST(keysizes) { close(cfd); } -TEST(tls12) {
- int fd, cfd;
- bool notls;
- struct tls12_crypto_info_aes_gcm_128 tls12;
- struct sockaddr_in addr;
- socklen_t len;
- int sfd, ret;
- notls = false;
- len = sizeof(addr);
- memset(&tls12, 0, sizeof(tls12));
- tls12.info.version = TLS_1_2_VERSION;
- tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128;
- addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = htonl(INADDR_ANY);
- addr.sin_port = 0;
- fd = socket(AF_INET, SOCK_STREAM, 0);
- sfd = socket(AF_INET, SOCK_STREAM, 0);
- ret = bind(sfd, &addr, sizeof(addr));
- ASSERT_EQ(ret, 0);
- ret = listen(sfd, 10);
- ASSERT_EQ(ret, 0);
- ret = getsockname(sfd, &addr, &len);
- ASSERT_EQ(ret, 0);
- ret = connect(fd, &addr, sizeof(addr));
- ASSERT_EQ(ret, 0);
- ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
- if (ret != 0) {
notls = true;printf("Failure setting TCP_ULP, testing without tls\n");- }
- if (!notls) {
ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12,sizeof(tls12));ASSERT_EQ(ret, 0);- }
- cfd = accept(sfd, &addr, &len);
- ASSERT_GE(cfd, 0);
- if (!notls) {
ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls",sizeof("tls"));ASSERT_EQ(ret, 0);ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12,sizeof(tls12));ASSERT_EQ(ret, 0);- }
- close(sfd);
- char const *test_str = "test_read";
- int send_len = 10;
- char buf[10];
- send_len = strlen(test_str) + 1;
- EXPECT_EQ(send(fd, test_str, send_len, 0), send_len);
- EXPECT_NE(recv(cfd, buf, send_len, 0), -1);
- EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
- close(fd);
- close(cfd);
-}
TEST_HARNESS_MAIN
2.24.1