diff options
author | bors[bot] <26634292+bors[bot]@users.noreply.github.com> | 2021-09-07 23:37:26 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-09-07 23:37:26 +0000 |
commit | 630700eb7c525b461d8f32b591e39a786cc3e2a0 (patch) | |
tree | 9d74ace8e108bbec09888968bcbbcdd61c8c6fb7 /test/sys | |
parent | 2142ec3c27f1c6a275aecc502b7fd3ee3bdaf08a (diff) | |
parent | e03e40095302b5e316aeb98d4fc02f19b1895965 (diff) | |
download | nix-630700eb7c525b461d8f32b591e39a786cc3e2a0.zip |
Merge #1317
1317: test_af_alg_aead waits indefinitely r=asomers a=ritzk
Starting with linux kernel 4.9, the crypto interface changed slightly such that the authentication tag memory is only needed in the output buffer for encryption and in the input buffer for decryption. Thus, we have fewer bytes to read than the buffer size. Do not block on read.
alternatively, we can adjust the decrypted buffer size based on kernel version ( ">= 4.9") to not include auth_size .
```
if kernel_version >= "4.9":
let mut decrypted = vec![0u8; payload_len + (assoc_size as usize) ];
```
before
```
test sys::test_socket::test_af_alg_aead ... test sys::test_socket::test_af_alg_aead has been running for over 60 seconds
```
after
```
test sys::test_socket::test_af_alg_aead ... ok
```
Co-authored-by: Ritesh Khadgaray <khadgaray@gmail.com>
Diffstat (limited to 'test/sys')
-rw-r--r-- | test/sys/test_socket.rs | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/test/sys/test_socket.rs b/test/sys/test_socket.rs index 6e41207e..2b0bc831 100644 --- a/test/sys/test_socket.rs +++ b/test/sys/test_socket.rs @@ -712,6 +712,7 @@ pub fn test_af_alg_cipher() { #[test] pub fn test_af_alg_aead() { use libc::{ALG_OP_DECRYPT, ALG_OP_ENCRYPT}; + use nix::fcntl::{fcntl, FcntlArg, OFlag}; use nix::sys::uio::IoVec; use nix::unistd::{read, close}; use nix::sys::socket::{socket, sendmsg, bind, accept, setsockopt, @@ -790,6 +791,11 @@ pub fn test_af_alg_aead() { // allocate buffer for decrypted data let mut decrypted = vec![0u8; payload_len + (assoc_size as usize) + auth_size]; + // Starting with kernel 4.9, the interface changed slightly such that the + // authentication tag memory is only needed in the output buffer for encryption + // and in the input buffer for decryption. + // Do not block on read, as we may have fewer bytes than buffer size + fcntl(session_socket,FcntlArg::F_SETFL(OFlag::O_NONBLOCK)).expect("fcntl non_blocking"); let num_bytes = read(session_socket, &mut decrypted).expect("read decrypt"); assert!(num_bytes >= payload_len + (assoc_size as usize)); |