// SPDX-License-Identifier: GPL-2.0 // // Test the server cookie is generated by aes64 encoding of remote and local // IP addresses with a master key specified via sockopt TCP_FASTOPEN_KEY // `./defaults.sh ./set_sysctls.py /proc/sys/net/ipv4/tcp_fastopen_key=00000000-00000000-00000000-00000000` 0 socket(..., SOCK_STREAM|SOCK_NONBLOCK, IPPROTO_TCP) = 3 +0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0 // Set a key of a1a1a1a1-b2b2b2b2-c3c3c3c3-d4d4d4d4 (big endian). // This would produce a cookie of TFO_COOKIE like many other // tests (which the same key but set via sysctl). +0 setsockopt(3, SOL_TCP, TCP_FASTOPEN_KEY, "\xa1\xa1\xa1\xa1\xb2\xb2\xb2\xb2\xc3\xc3\xc3\xc3\xd4\xd4\xd4\xd4", 16) = 0 +0 bind(3, ..., ...) = 0 +0 listen(3, 1) = 0 +0 setsockopt(3, SOL_TCP, TCP_FASTOPEN, [1], 4) = 0 // Request a valid cookie TFO_COOKIE +0 < S 1428932:1428942(10) win 10000 +0 > S. 0:0(0) ack 1428933 +0 < . 1:1(0) ack 1 win 257 +0 accept(3, ..., ...) = 4 +0 %{ assert (tcpi_options & TCPI_OPT_SYN_DATA) == 0, tcpi_options }% +0 close(4) = 0 +0 > F. 1:1(0) ack 1 +0 < F. 1:1(0) ack 2 win 257 +0 > . 2:2(0) ack 2 +0 close(3) = 0 // Restart the listener +0 socket(..., SOCK_STREAM|SOCK_NONBLOCK, IPPROTO_TCP) = 3 +0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0 +0 bind(3, ..., ...) = 0 +0 listen(3, 1) = 0 +0 setsockopt(3, SOL_TCP, TCP_FASTOPEN, [1], 4) = 0 // Test setting the key in the listen state, and produces an identical cookie +0 setsockopt(3, SOL_TCP, TCP_FASTOPEN_KEY, "\xa1\xa1\xa1\xa1\xb2\xb2\xb2\xb2\xc3\xc3\xc3\xc3\xd4\xd4\xd4\xd4", 16) = 0 +0 < S 6814000:6815000(1000) win 10000 +0 > S. 0:0(0) ack 6815001 +0 accept(3, ..., ...) = 4 +0 %{ assert (tcpi_options & TCPI_OPT_SYN_DATA) != 0, tcpi_options }% +0 < . 1001:1001(0) ack 1 win 257 +0 read(4, ..., 8192) = 1000 +0 close(4) = 0 +0 > F. 1:1(0) ack 1001 +0 < F. 1001:1001(0) ack 2 win 257 +0 > . 2:2(0) ack 1002 +0 close(3) = 0 // Restart the listener +0 socket(..., SOCK_STREAM|SOCK_NONBLOCK, IPPROTO_TCP) = 3 +0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0 +0 bind(3, ..., ...) = 0 +0 listen(3, 1) = 0 +0 setsockopt(3, SOL_TCP, TCP_FASTOPEN, [1], 4) = 0 // Test invalid key length (must be 16 bytes) +0 setsockopt(3, SOL_TCP, TCP_FASTOPEN_KEY, "", 0) = -1 (Invalid Argument) +0 setsockopt(3, SOL_TCP, TCP_FASTOPEN_KEY, "", 3) = -1 (Invalid Argument) // Previous cookie won't be accepted b/c this listener uses the global key (0-0-0-0) +0 < S 6814000:6815000(1000) win 10000 +0 > S. 0:0(0) ack 6814001