diff --git a/tests/testlib/s2n_ktls_test_utils.c b/tests/testlib/s2n_ktls_test_utils.c index b3877e1a1ec..83f9208e269 100644 --- a/tests/testlib/s2n_ktls_test_utils.c +++ b/tests/testlib/s2n_ktls_test_utils.c @@ -21,7 +21,8 @@ S2N_RESULT s2n_ktls_get_control_data(struct msghdr *msg, int cmsg_type, uint8_t /* Since it is possible to read partial data, we need a way to update the length * of the previous record for the mock stuffer IO implementation. */ -static S2N_RESULT s2n_test_ktls_update_prev_header_len(struct s2n_test_ktls_io_stuffer *io_ctx, uint16_t remaining_len) +static S2N_RESULT s2n_test_ktls_update_prev_header_len(struct s2n_test_ktls_io_stuffer *io_ctx, + uint16_t remaining_len) { RESULT_ENSURE_REF(io_ctx); RESULT_ENSURE(remaining_len > 0, S2N_ERR_IO); @@ -151,8 +152,8 @@ ssize_t s2n_test_ktls_recvmsg_io_stuffer(void *io_context, struct msghdr *msg) return bytes_read; } -S2N_RESULT s2n_test_init_ktls_io_stuffer(struct s2n_connection *server, struct s2n_connection *client, - struct s2n_test_ktls_io_stuffer_pair *io_pair) +S2N_RESULT s2n_test_init_ktls_io_stuffer(struct s2n_connection *server, + struct s2n_connection *client, struct s2n_test_ktls_io_stuffer_pair *io_pair) { RESULT_ENSURE_REF(server); RESULT_ENSURE_REF(client); @@ -182,7 +183,8 @@ S2N_CLEANUP_RESULT s2n_ktls_io_stuffer_pair_free(struct s2n_test_ktls_io_stuffer return S2N_RESULT_OK; } -S2N_RESULT s2n_test_validate_data(struct s2n_test_ktls_io_stuffer *ktls_io, uint8_t *expected_data, uint16_t expected_len) +S2N_RESULT s2n_test_validate_data(struct s2n_test_ktls_io_stuffer *ktls_io, uint8_t *expected_data, + uint16_t expected_len) { RESULT_ENSURE_REF(ktls_io); RESULT_ENSURE_REF(expected_data); @@ -196,7 +198,8 @@ S2N_RESULT s2n_test_validate_data(struct s2n_test_ktls_io_stuffer *ktls_io, uint return S2N_RESULT_OK; } -S2N_RESULT s2n_test_validate_ancillary(struct s2n_test_ktls_io_stuffer *ktls_io, uint8_t expected_record_type, uint16_t expected_len) +S2N_RESULT s2n_test_validate_ancillary(struct s2n_test_ktls_io_stuffer *ktls_io, + uint8_t expected_record_type, uint16_t expected_len) { RESULT_ENSURE_REF(ktls_io); diff --git a/tests/testlib/s2n_ktls_test_utils.h b/tests/testlib/s2n_ktls_test_utils.h index 8e1fece783e..9adacc46ebc 100644 --- a/tests/testlib/s2n_ktls_test_utils.h +++ b/tests/testlib/s2n_ktls_test_utils.h @@ -62,8 +62,10 @@ struct s2n_test_ktls_io_stuffer_pair { ssize_t s2n_test_ktls_sendmsg_io_stuffer(void *io_context, const struct msghdr *msg); ssize_t s2n_test_ktls_recvmsg_io_stuffer(void *io_context, struct msghdr *msg); -S2N_RESULT s2n_test_init_ktls_io_stuffer(struct s2n_connection *server, struct s2n_connection *client, - struct s2n_test_ktls_io_stuffer_pair *io_pair); +S2N_RESULT s2n_test_init_ktls_io_stuffer(struct s2n_connection *server, + struct s2n_connection *client, struct s2n_test_ktls_io_stuffer_pair *io_pair); S2N_CLEANUP_RESULT s2n_ktls_io_stuffer_pair_free(struct s2n_test_ktls_io_stuffer_pair *pair); -S2N_RESULT s2n_test_validate_data(struct s2n_test_ktls_io_stuffer *ktls_io, uint8_t *expected_data, uint16_t expected_len); -S2N_RESULT s2n_test_validate_ancillary(struct s2n_test_ktls_io_stuffer *ktls_io, uint8_t expected_record_type, uint16_t expected_len); +S2N_RESULT s2n_test_validate_data(struct s2n_test_ktls_io_stuffer *ktls_io, uint8_t *expected_data, + uint16_t expected_len); +S2N_RESULT s2n_test_validate_ancillary(struct s2n_test_ktls_io_stuffer *ktls_io, + uint8_t expected_record_type, uint16_t expected_len); diff --git a/tests/unit/s2n_ktls_io_test.c b/tests/unit/s2n_ktls_io_test.c index 74ed0512ca0..218a3b1f316 100644 --- a/tests/unit/s2n_ktls_io_test.c +++ b/tests/unit/s2n_ktls_io_test.c @@ -146,8 +146,8 @@ int main(int argc, char **argv) s2n_blocked_status blocked = S2N_NOT_BLOCKED; struct iovec msg_iov = { .iov_base = test_data, .iov_len = S2N_TEST_TO_SEND }; EXPECT_OK(s2n_ktls_sendmsg(server, test_record_type, &msg_iov, 1, &blocked, &bytes_written)); - EXPECT_EQUAL(bytes_written, S2N_TEST_TO_SEND); EXPECT_EQUAL(blocked, S2N_NOT_BLOCKED); + EXPECT_EQUAL(bytes_written, S2N_TEST_TO_SEND); /* confirm sent data */ EXPECT_OK(s2n_test_validate_data(&io_pair.client_in, test_data, S2N_TEST_TO_SEND)); @@ -180,8 +180,8 @@ int main(int argc, char **argv) s2n_blocked_status blocked = S2N_NOT_BLOCKED; EXPECT_OK(s2n_ktls_sendmsg( server, test_record_type, msg_iov, count, &blocked, &bytes_written)); - EXPECT_EQUAL(bytes_written, total_sent); EXPECT_EQUAL(blocked, S2N_NOT_BLOCKED); + EXPECT_EQUAL(bytes_written, total_sent); /* confirm sent data */ EXPECT_OK(s2n_test_validate_data(&io_pair.client_in, test_data, total_sent)); @@ -189,6 +189,7 @@ int main(int argc, char **argv) /* validate only 1 record was sent */ EXPECT_EQUAL(s2n_stuffer_data_available(&io_pair.client_in.ancillary_buffer), S2N_TEST_KTLS_MOCK_HEADER_SIZE); + EXPECT_EQUAL(io_pair.client_in.sendmsg_invoked_count, 1); }; @@ -227,7 +228,6 @@ int main(int argc, char **argv) EXPECT_OK(s2n_test_validate_ancillary(&io_pair.client_in, test_record_type, S2N_TEST_TO_SEND)); EXPECT_EQUAL(io_pair.client_in.sendmsg_invoked_count, blocked_invoked_count + 1); - EXPECT_EQUAL(io_pair.server_in.sendmsg_invoked_count, 0); }; /* Both EWOULDBLOCK and EAGAIN should return a S2N_ERR_IO_BLOCKED error */ @@ -288,17 +288,19 @@ int main(int argc, char **argv) size_t bytes_written = 0; s2n_blocked_status blocked = S2N_NOT_BLOCKED; - struct iovec msg_iov = { .iov_base = test_data, .iov_len = S2N_TEST_TO_SEND }; size_t iovlen_zero = 0; + struct iovec msg_iov = { .iov_base = test_data, .iov_len = S2N_TEST_TO_SEND }; EXPECT_OK(s2n_ktls_sendmsg( server, test_record_type, &msg_iov, iovlen_zero, &blocked, &bytes_written)); EXPECT_EQUAL(bytes_written, 0); + EXPECT_EQUAL(blocked, S2N_NOT_BLOCKED); struct iovec msg_iov_len_zero = { .iov_base = test_data, .iov_len = 0 }; EXPECT_OK(s2n_ktls_sendmsg( server, test_record_type, &msg_iov_len_zero, 1, &blocked, &bytes_written)); EXPECT_EQUAL(bytes_written, 0); + EXPECT_EQUAL(blocked, S2N_NOT_BLOCKED); EXPECT_EQUAL(io_pair.client_in.sendmsg_invoked_count, 2); }; diff --git a/tests/unit/s2n_ktls_test_utils_test.c b/tests/unit/s2n_ktls_test_utils_test.c index d041c7296c5..3fa23227b4a 100644 --- a/tests/unit/s2n_ktls_test_utils_test.c +++ b/tests/unit/s2n_ktls_test_utils_test.c @@ -128,8 +128,7 @@ int main(int argc, char **argv) uint8_t count = 5; size_t total_sent = 0; - struct iovec *send_msg_iov = NULL; - send_msg_iov = malloc(sizeof(*send_msg_iov) * count); + struct iovec send_msg_iov[sizeof(struct iovec) * 5] = { 0 }; for (size_t i = 0; i < count; i++) { send_msg_iov[i].iov_base = test_data + total_sent; send_msg_iov[i].iov_len = S2N_TEST_TO_SEND; @@ -149,8 +148,6 @@ int main(int argc, char **argv) /* validate only 1 record was sent */ EXPECT_EQUAL(s2n_stuffer_data_available(&io_pair.client_in.ancillary_buffer), S2N_TEST_KTLS_MOCK_HEADER_SIZE); EXPECT_EQUAL(io_pair.client_in.sendmsg_invoked_count, 1); - - free(send_msg_iov); }; /* Send multiple records of same type */ @@ -291,9 +288,8 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_stuffer_alloc(&io_pair.client_in.data_buffer, S2N_TEST_TO_SEND)); uint8_t count = 2; - struct iovec *send_msg_iov = NULL; - send_msg_iov = malloc(sizeof(*send_msg_iov) * count); uint8_t *test_data_ptr = test_data; + struct iovec send_msg_iov[sizeof(struct iovec) * 5] = { 0 }; for (size_t i = 0; i < count; i++) { send_msg_iov[i].iov_base = (void *) test_data_ptr; send_msg_iov[i].iov_len = S2N_TEST_TO_SEND; @@ -309,7 +305,6 @@ int main(int argc, char **argv) EXPECT_EQUAL(s2n_stuffer_data_available(&io_pair.client_in.ancillary_buffer), 0); EXPECT_EQUAL(io_pair.client_in.sendmsg_invoked_count, 1); - free(send_msg_iov); }; }; diff --git a/tls/s2n_ktls_io.c b/tls/s2n_ktls_io.c index 0c863e6685d..5849c4c98f6 100644 --- a/tls/s2n_ktls_io.c +++ b/tls/s2n_ktls_io.c @@ -127,8 +127,8 @@ S2N_RESULT s2n_ktls_set_control_data(struct msghdr *msg, char *buf, size_t buf_s * should be set to the sum of the CMSG_SPACE() of the length of all * control messages in the buffer */ - RESULT_ENSURE_GTE(msg->msg_controllen, S2N_KTLS_CONTROL_BUFFER_SIZE); - msg->msg_controllen = S2N_KTLS_CONTROL_BUFFER_SIZE; + RESULT_ENSURE_GTE(msg->msg_controllen, CMSG_SPACE(S2N_KTLS_RECORD_TYPE_SIZE)); + msg->msg_controllen = CMSG_SPACE(S2N_KTLS_RECORD_TYPE_SIZE); return S2N_RESULT_OK; } @@ -153,7 +153,7 @@ S2N_RESULT s2n_ktls_get_control_data(struct msghdr *msg, int cmsg_type, uint8_t * buffer. */ RESULT_ENSURE(msg->msg_control, S2N_ERR_SAFETY); - RESULT_ENSURE(msg->msg_controllen >= S2N_KTLS_CONTROL_BUFFER_SIZE, S2N_ERR_SAFETY); + RESULT_ENSURE(msg->msg_controllen >= CMSG_SPACE(S2N_KTLS_RECORD_TYPE_SIZE), S2N_ERR_SAFETY); /* https://man7.org/linux/man-pages/man3/cmsg.3.html * Use CMSG_FIRSTHDR() on the msghdr to get the first