diff --git a/tests/unit/s2n_ktls_cmsg_test.c b/tests/unit/s2n_ktls_cmsg_test.c index db290933d7e..c3d56e34cea 100644 --- a/tests/unit/s2n_ktls_cmsg_test.c +++ b/tests/unit/s2n_ktls_cmsg_test.c @@ -46,6 +46,7 @@ int main(int argc, char **argv) { BEGIN_TEST(); +#if S2N_KTLS_SUPPORTED uint8_t test_data[MAX_DATA_LEN] = { 0 }; struct s2n_blob test_data_blob = { 0 }; EXPECT_SUCCESS(s2n_blob_init(&test_data_blob, test_data, sizeof(test_data))); @@ -54,7 +55,6 @@ int main(int argc, char **argv) struct msghdr msg = { 0 }; struct iovec msg_iov = { 0 }; -#if defined(S2N_KTLS_SUPPORTED) /* ctrl_msg send and recv data */ for (size_t to_send = 1; to_send < MAX_DATA_LEN; to_send += 500) { /* Create a pipe */ diff --git a/tls/s2n_ktls.c b/tls/s2n_ktls.c index dc5ffb4b576..87fb450c667 100644 --- a/tls/s2n_ktls.c +++ b/tls/s2n_ktls.c @@ -17,7 +17,7 @@ bool s2n_ktls_is_supported_on_platform() { -#if defined(S2N_KTLS_SUPPORTED) +#if S2N_KTLS_SUPPORTED return true; #else return false; diff --git a/tls/s2n_ktls.h b/tls/s2n_ktls.h index b5ba2338149..a6ba6ec171e 100644 --- a/tls/s2n_ktls.h +++ b/tls/s2n_ktls.h @@ -25,7 +25,7 @@ #define S2N_KTLS_SUPPORTED true #include "tls/s2n_ktls_linux.h" #else - #undef S2N_KTLS_SUPPORTED + #define S2N_KTLS_SUPPORTED false #include "tls/s2n_ktls_unsupported.h" #endif diff --git a/tls/s2n_ktls_io.c b/tls/s2n_ktls_io.c index de4355a1885..e3b3af4d198 100644 --- a/tls/s2n_ktls_io.c +++ b/tls/s2n_ktls_io.c @@ -16,6 +16,7 @@ #include #include "tls/s2n_ktls.h" +#include "utils/s2n_safety_macros.h" #include "utils/s2n_socket.h" /* @@ -62,7 +63,7 @@ S2N_RESULT s2n_ktls_send_control_msg(int sock, struct msghdr *msg, RESULT_ENSURE_REF(blocked); RESULT_ENSURE_REF(result); -#if defined(__linux__) +#if S2N_KTLS_SUPPORTED /* set ancillary data */ struct cmsghdr *hdr = CMSG_FIRSTHDR(msg); hdr->cmsg_level = S2N_SOL_TLS; @@ -99,7 +100,7 @@ S2N_RESULT s2n_ktls_send_msg( msg.msg_name = NULL; msg.msg_namelen = 0; -#if defined(__linux__) +#if S2N_KTLS_SUPPORTED /* Allocate a char array of suitable size to hold the ancillary data. * However, since this buffer is in reality a 'struct cmsghdr', use a * union to ensure that it is aligned as required for that structure. @@ -139,13 +140,13 @@ S2N_RESULT s2n_ktls_recv_msg_impl(int sock, struct msghdr *msg, if (errno == EWOULDBLOCK || errno == EAGAIN) { RESULT_BAIL(S2N_ERR_IO_BLOCKED); } - return S2N_RESULT_ERROR; + RESULT_BAIL(S2N_ERR_IO); } *blocked = S2N_NOT_BLOCKED; if (*result == 0) { /* The return value will be 0 when the peer has performed an orderly shutdown. */ - return S2N_RESULT_ERROR; + RESULT_BAIL(S2N_ERR_CLOSED); } return S2N_RESULT_OK; @@ -159,12 +160,11 @@ S2N_RESULT s2n_ktls_recv_control_msg(int sock, struct msghdr *msg, RESULT_ENSURE_REF(blocked); RESULT_ENSURE_REF(result); -#if defined(__linux__) +#if S2N_KTLS_SUPPORTED /* attempt to read the ancillary data */ struct cmsghdr *hdr = CMSG_FIRSTHDR(msg); - if (hdr == NULL) { - return S2N_RESULT_ERROR; - } + RESULT_ENSURE(hdr != NULL, S2N_ERR_IO); + if (hdr->cmsg_level == S2N_SOL_TLS && hdr->cmsg_type == S2N_TLS_GET_RECORD_TYPE) { *record_type = *(unsigned char *) CMSG_DATA(hdr); } else { @@ -193,7 +193,7 @@ S2N_RESULT s2n_ktls_recv_msg(int sock, uint8_t *buf, size_t length, msg.msg_name = NULL; msg.msg_namelen = 0; -#if defined(__linux__) +#if S2N_KTLS_SUPPORTED /* Allocate a char array of suitable size to hold the ancillary data. * However, since this buffer is in reality a 'struct cmsghdr', use a * union to ensure that it is aligned as required for that structure. diff --git a/tls/s2n_ktls_linux.h b/tls/s2n_ktls_linux.h index 6453df24606..92e9001b2d3 100644 --- a/tls/s2n_ktls_linux.h +++ b/tls/s2n_ktls_linux.h @@ -36,4 +36,3 @@ /* ################################## * END kTLS specific headers * ################################## */ -