CoCalc -- socket

GitHub Repository: freebsd/freebsd-src
Path: blob/main/tests/sys/kern/socket_accf.c
³⁹⁵³⁶ views
1
/*-
2
 * SPDX-License-Identifier: BSD-2-Clause
3
 *
4
 * Copyright (c) 2022-2024 Gleb Smirnoff <[email protected]>
5
 *
6
 * Redistribution and use in source and binary forms, with or without
7
 * modification, are permitted provided that the following conditions
8
 * are met:
9
 * 1. Redistributions of source code must retain the above copyright
10
 *    notice, this list of conditions and the following disclaimer.
11
 * 2. Redistributions in binary form must reproduce the above copyright
12
 *    notice, this list of conditions and the following disclaimer in the
13
 *    documentation and/or other materials provided with the distribution.
14
 *
15
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25
 * SUCH DAMAGE.
26
 */
27

28
#include <sys/socket.h>
29
#include <netinet/in.h>
30
#include <errno.h>
31
#include <fcntl.h>
32
#include <stdlib.h>
33

34
#include <atf-c.h>
35

36
static int
37
listensock(struct sockaddr_in *sin)
38
{
39
	int l;
40

41
	ATF_REQUIRE((l = socket(PF_INET, SOCK_STREAM, 0)) > 0);
42
	ATF_REQUIRE(fcntl(l, F_SETFL, O_NONBLOCK) != -1);
43
	ATF_REQUIRE(setsockopt(l, SOL_SOCKET, SO_REUSEADDR, &(socklen_t){1},
44
	    sizeof(int)) == 0);
45
	*sin = (struct sockaddr_in){
46
		.sin_len = sizeof(sin),
47
		.sin_family = AF_INET,
48
		.sin_addr.s_addr = htonl(INADDR_LOOPBACK),
49
	};
50
	ATF_REQUIRE(bind(l, (struct sockaddr *)sin, sizeof(*sin)) == 0);
51
	ATF_REQUIRE(getsockname(l, (struct sockaddr *)sin,
52
	    &(socklen_t){ sizeof(*sin) }) == 0);
53
	ATF_REQUIRE(listen(l, -1) == 0);
54

55
	return (l);
56
}
57

58
static int
59
clientsock(struct sockaddr_in *sin)
60
{
61
	int s;
62

63
	ATF_REQUIRE((s = socket(PF_INET, SOCK_STREAM, 0)) > 0);
64
	ATF_REQUIRE(connect(s, (struct sockaddr *)sin, sizeof(*sin)) == 0);
65

66
	return (s);
67
}
68

69
static void
70
accfon(int l, struct accept_filter_arg *af)
71
{
72
	if (setsockopt(l, SOL_SOCKET, SO_ACCEPTFILTER, af, sizeof(*af)) != 0) {
73
		atf_tc_fail("setsockopt(SO_ACCEPTFILTER): %s", strerror(errno));
74
	}
75
}
76

77
/*
78
 * XXX: return from send(2) on a localhost connection doesn't guarantee that
79
 * netisr has fully processed and delivered the data to the remote local
80
 * socket.  Sleep a fraction of second to "guarantee" that it did.
81
 */
82
static ssize_t
83
usend(int s, const void *msg, size_t len)
84
{
85
	ssize_t rv;
86

87
	rv = send(s, msg, len, 0);
88
	usleep(100000);
89
	return (rv);
90
}
91

92
ATF_TC(data);
93
ATF_TC_HEAD(data, tc)
94
{
95
	atf_tc_set_md_var(tc, "require.kmods", "accf_data");
96
}
97
ATF_TC_BODY(data, tc)
98
{
99
	struct accept_filter_arg afa = {
100
		.af_name = "dataready"
101
	};
102
	struct sockaddr_in sin;
103
	int l, s, a;
104

105
	l = listensock(&sin);
106
	accfon(l, &afa);
107
	s = clientsock(&sin);
108
	ATF_REQUIRE(accept(l, NULL, 0) == -1);
109
	ATF_REQUIRE(errno == EAGAIN);
110
	ATF_REQUIRE(usend(s, "foo", sizeof("foo")) == sizeof("foo"));
111
	ATF_REQUIRE((a = accept(l, NULL, 0)) > 0);
112
}
113

114
ATF_TC(http);
115
ATF_TC_HEAD(http, tc)
116
{
117
	atf_tc_set_md_var(tc, "require.kmods", "accf_http");
118
}
119
ATF_TC_BODY(http, tc)
120
{
121
	struct accept_filter_arg afa = {
122
		.af_name = "httpready"
123
	};
124
	struct sockaddr_in sin;
125
	int l, s, a;
126

127
	l = listensock(&sin);
128
	accfon(l, &afa);
129
	s = clientsock(&sin);
130

131
	/* 1) No data. */
132
	ATF_REQUIRE(accept(l, NULL, 0) == -1);
133
	ATF_REQUIRE(errno == EAGAIN);
134

135
	/* 2) Data, that doesn't look like HTTP. */
136
	ATF_REQUIRE(usend(s, "foo", sizeof("foo")) == sizeof("foo"));
137
	ATF_REQUIRE((a = accept(l, NULL, 0)) > 0);
138

139
	close(s);
140
	close(a);
141

142
#define	CHUNK1	"GET / "
143
#define	CHUNK2	"HTTP/1.0\r\n\n"
144
#define	LEN(c)	(sizeof(c) - 1)
145

146
	/* 3) Partial HTTP. */
147
	s = clientsock(&sin);
148
	ATF_REQUIRE(usend(s, CHUNK1, LEN(CHUNK1)) == LEN(CHUNK1));
149
	ATF_REQUIRE(accept(l, NULL, 0) == -1);
150
	ATF_REQUIRE(errno == EAGAIN);
151

152
	/* 4) Complete HTTP. */
153
	ATF_REQUIRE(usend(s, CHUNK2, LEN(CHUNK2)) == LEN(CHUNK2));
154
	ATF_REQUIRE((a = accept(l, NULL, 0)) > 0);
155
}
156

157
ATF_TC(tls);
158
ATF_TC_HEAD(tls, tc)
159
{
160
	atf_tc_set_md_var(tc, "require.kmods", "accf_tls");
161
}
162
ATF_TC_BODY(tls, tc)
163
{
164
	struct accept_filter_arg afa = {
165
		.af_name = "tlsready"
166
	};
167
	struct sockaddr_in sin;
168
	int l, s, a;
169

170
	l = listensock(&sin);
171
	accfon(l, &afa);
172
	s = clientsock(&sin);
173

174
	/* 1) No data. */
175
	ATF_REQUIRE(accept(l, NULL, 0) == -1);
176
	ATF_REQUIRE(errno == EAGAIN);
177

178
	/* 2) Less than 5 bytes. */
179
	ATF_REQUIRE(usend(s, "foo", sizeof("foo")) == sizeof("foo"));
180
	ATF_REQUIRE(errno == EAGAIN);
181

182
	/* 3) Something that doesn't look like TLS handshake. */
183
	ATF_REQUIRE(usend(s, "bar", sizeof("bar")) == sizeof("bar"));
184
	ATF_REQUIRE((a = accept(l, NULL, 0)) > 0);
185

186
	close(s);
187
	close(a);
188

189
	/* 4) Partial TLS record. */
190
	s = clientsock(&sin);
191
	struct {
192
		uint8_t  type;
193
		uint16_t version;
194
		uint16_t length;
195
	} __attribute__((__packed__)) header = {
196
		.type = 0x16,
197
		.length = htons((uint16_t)(arc4random() % 16384)),
198
	};
199
	_Static_assert(sizeof(header) == 5, "");
200
	ATF_REQUIRE(usend(s, &header, sizeof(header)) == sizeof(header));
201
	ssize_t sent = 0;
202
	do {
203
		size_t len;
204
		char *buf;
205

206
		ATF_REQUIRE(accept(l, NULL, 0) == -1);
207
		ATF_REQUIRE(errno == EAGAIN);
208

209
		len = arc4random() % 1024;
210
		buf = alloca(len);
211
		ATF_REQUIRE(usend(s, buf, len) == (ssize_t)len);
212
		sent += len;
213
	} while (sent < ntohs(header.length));
214
	/* TLS header with bytes >= declared length. */
215
	ATF_REQUIRE((a = accept(l, NULL, 0)) > 0);
216
}
217

218
/* Check changing to a different filter. */
219
ATF_TC(change);
220
ATF_TC_HEAD(change, tc)
221
{
222
	atf_tc_set_md_var(tc, "require.kmods", "accf_data accf_http");
223
}
224
ATF_TC_BODY(change, tc)
225
{
226
	struct accept_filter_arg dfa = {
227
		.af_name = "dataready"
228
	};
229
	struct accept_filter_arg hfa = {
230
		.af_name = "httpready"
231
	};
232
	struct sockaddr_in sin;
233
	int n, l;
234

235
	l = listensock(&sin);
236
	accfon(l, &dfa);
237

238
	/* Refuse to change filter without explicit removal of the old one. */
239
	ATF_REQUIRE(setsockopt(l, SOL_SOCKET, SO_ACCEPTFILTER, &hfa,
240
	    sizeof(hfa)) != 0 && errno == EBUSY);
241

242
	/* But allow after clearing. */
243
	ATF_REQUIRE(setsockopt(l, SOL_SOCKET, SO_ACCEPTFILTER, NULL, 0) == 0);
244
	ATF_REQUIRE(setsockopt(l, SOL_SOCKET, SO_ACCEPTFILTER, &hfa,
245
	    sizeof(hfa)) == 0);
246

247
	/* Must be listening socket. */
248
	ATF_REQUIRE((n = socket(PF_INET, SOCK_STREAM, 0)) > 0);
249
	ATF_REQUIRE(setsockopt(n, SOL_SOCKET, SO_ACCEPTFILTER, &dfa,
250
	    sizeof(dfa)) != 0 && errno == EINVAL);
251
}
252

253
ATF_TP_ADD_TCS(tp)
254
{
255
	ATF_TP_ADD_TC(tp, data);
256
	ATF_TP_ADD_TC(tp, http);
257
	ATF_TP_ADD_TC(tp, tls);
258
	ATF_TP_ADD_TC(tp, change);
259

260
	return (atf_no_error());
261
}
262

263
Product

Resources

Company
