1 // SPDX-License-Identifier: GPL-2.0
2 /* nettest - used for functional tests of networking APIs
10 #include <sys/ioctl.h>
11 #include <sys/socket.h>
13 #include <linux/tcp.h>
14 #include <linux/udp.h>
15 #include <arpa/inet.h>
17 #include <netinet/in.h>
18 #include <netinet/ip.h>
33 #include <linux/xfrm.h>
34 #include <linux/ipsec.h>
35 #include <linux/pfkeyv2.h>
37 #ifndef IPV6_UNICAST_IF
38 #define IPV6_UNICAST_IF 76
40 #ifndef IPV6_MULTICAST_IF
41 #define IPV6_MULTICAST_IF 17
44 #define DEFAULT_PORT 12345
46 #define NS_PREFIX "/run/netns/"
49 #define MAX(a, b) ((a) > (b) ? (a) : (b))
52 #define MIN(a, b) ((a) < (b) ? (a) : (b))
57 const char *local_addr_str;
58 const char *client_local_addr_str;
65 const char *remote_addr_str;
70 int scope_id; /* remote scope; v6 send only */
72 struct in_addr grp; /* multicast group */
74 unsigned int has_local_ip:1,
85 int type; /* DGRAM, STREAM, RAW */
87 int version; /* AF_INET/AF_INET6 */
94 const char *server_dev;
100 const char *password;
101 const char *client_pw;
102 /* prefix for MD5 password */
103 const char *md5_prefix_str;
105 struct sockaddr_in v4;
106 struct sockaddr_in6 v6;
108 unsigned int prefix_len;
109 /* 0: default, -1: force off, +1: force on */
110 int bind_key_ifindex;
112 /* expected addresses and device index for connection */
113 const char *expected_dev;
114 const char *expected_server_dev;
115 int expected_ifindex;
118 const char *expected_laddr_str;
125 const char *expected_raddr_str;
131 /* ESP in UDP encap test */
134 /* use send() and connect() instead of sendto */
135 int datagram_connect;
138 static int server_mode;
139 static unsigned int prog_timeout = 5;
140 static unsigned int interactive;
142 static char *msg = "Hello world!";
145 static int try_broadcast = 1;
147 static char *timestamp(char *timebuf, int buflen)
152 if (strftime(timebuf, buflen, "%T", localtime(&now)) == 0) {
153 memset(timebuf, 0, buflen);
154 strncpy(timebuf, "00:00:00", buflen-1);
160 static void log_msg(const char *format, ...)
168 fprintf(stdout, "%s %s:",
169 timestamp(timebuf, sizeof(timebuf)),
170 server_mode ? "server" : "client");
171 va_start(args, format);
172 vfprintf(stdout, format, args);
178 static void log_error(const char *format, ...)
186 fprintf(stderr, "%s %s:",
187 timestamp(timebuf, sizeof(timebuf)),
188 server_mode ? "server" : "client");
189 va_start(args, format);
190 vfprintf(stderr, format, args);
196 static void log_err_errno(const char *fmt, ...)
204 fprintf(stderr, "%s %s: ",
205 timestamp(timebuf, sizeof(timebuf)),
206 server_mode ? "server" : "client");
208 vfprintf(stderr, fmt, args);
211 fprintf(stderr, ": %d: %s\n", errno, strerror(errno));
215 static void log_address(const char *desc, struct sockaddr *sa)
222 if (sa->sa_family == AF_INET) {
223 struct sockaddr_in *s = (struct sockaddr_in *) sa;
225 log_msg("%s %s:%d\n",
227 inet_ntop(AF_INET, &s->sin_addr, addrstr,
231 } else if (sa->sa_family == AF_INET6) {
232 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
234 log_msg("%s [%s]:%d\n",
236 inet_ntop(AF_INET6, &s6->sin6_addr, addrstr,
238 ntohs(s6->sin6_port));
244 static int switch_ns(const char *ns)
250 log_error("warning: likely need root to set netns %s!\n", ns);
252 snprintf(path, sizeof(path), "%s%s", NS_PREFIX, ns);
255 log_err_errno("Failed to open netns path; can not switch netns");
259 ret = setns(fd, CLONE_NEWNET);
265 static int tcp_md5sig(int sd, void *addr, socklen_t alen, struct sock_args *args)
267 int keylen = strlen(args->password);
268 struct tcp_md5sig md5sig = {};
269 int opt = TCP_MD5SIG;
272 md5sig.tcpm_keylen = keylen;
273 memcpy(md5sig.tcpm_key, args->password, keylen);
275 if (args->prefix_len) {
276 opt = TCP_MD5SIG_EXT;
277 md5sig.tcpm_flags |= TCP_MD5SIG_FLAG_PREFIX;
279 md5sig.tcpm_prefixlen = args->prefix_len;
280 addr = &args->md5_prefix;
282 memcpy(&md5sig.tcpm_addr, addr, alen);
284 if ((args->ifindex && args->bind_key_ifindex >= 0) || args->bind_key_ifindex >= 1) {
285 opt = TCP_MD5SIG_EXT;
286 md5sig.tcpm_flags |= TCP_MD5SIG_FLAG_IFINDEX;
288 md5sig.tcpm_ifindex = args->ifindex;
289 log_msg("TCP_MD5SIG_FLAG_IFINDEX set tcpm_ifindex=%d\n", md5sig.tcpm_ifindex);
291 log_msg("TCP_MD5SIG_FLAG_IFINDEX off\n", md5sig.tcpm_ifindex);
294 rc = setsockopt(sd, IPPROTO_TCP, opt, &md5sig, sizeof(md5sig));
296 /* ENOENT is harmless. Returned when a password is cleared */
300 log_err_errno("setsockopt(TCP_MD5SIG)");
306 static int tcp_md5_remote(int sd, struct sock_args *args)
308 struct sockaddr_in sin = {
309 .sin_family = AF_INET,
311 struct sockaddr_in6 sin6 = {
312 .sin6_family = AF_INET6,
317 switch (args->version) {
319 sin.sin_port = htons(args->port);
320 sin.sin_addr = args->md5_prefix.v4.sin_addr;
325 sin6.sin6_port = htons(args->port);
326 sin6.sin6_addr = args->md5_prefix.v6.sin6_addr;
331 log_error("unknown address family\n");
335 if (tcp_md5sig(sd, addr, alen, args))
341 static int get_ifidx(const char *ifname)
346 if (!ifname || *ifname == '\0')
349 memset(&ifdata, 0, sizeof(ifdata));
351 strcpy(ifdata.ifr_name, ifname);
353 sd = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP);
355 log_err_errno("socket failed");
359 rc = ioctl(sd, SIOCGIFINDEX, (char *)&ifdata);
362 log_err_errno("ioctl(SIOCGIFINDEX) failed");
366 return ifdata.ifr_ifindex;
369 static int bind_to_device(int sd, const char *name)
373 rc = setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, name, strlen(name)+1);
375 log_err_errno("setsockopt(SO_BINDTODEVICE)");
380 static int get_bind_to_device(int sd, char *name, size_t len)
383 socklen_t optlen = len;
386 rc = getsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, name, &optlen);
388 log_err_errno("setsockopt(SO_BINDTODEVICE)");
393 static int check_device(int sd, struct sock_args *args)
398 if (get_bind_to_device(sd, name, sizeof(name)))
401 ifindex = get_ifidx(name);
403 log_msg(" bound to device %s/%d\n",
404 *name ? name : "<none>", ifindex);
406 if (!args->expected_ifindex)
409 if (args->expected_ifindex != ifindex) {
410 log_error("Device index mismatch: expected %d have %d\n",
411 args->expected_ifindex, ifindex);
415 log_msg("Device index matches: expected %d have %d\n",
416 args->expected_ifindex, ifindex);
421 static int set_pktinfo_v4(int sd)
426 rc = setsockopt(sd, SOL_IP, IP_PKTINFO, &one, sizeof(one));
427 if (rc < 0 && rc != -ENOTSUP)
428 log_err_errno("setsockopt(IP_PKTINFO)");
433 static int set_recvpktinfo_v6(int sd)
438 rc = setsockopt(sd, SOL_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
439 if (rc < 0 && rc != -ENOTSUP)
440 log_err_errno("setsockopt(IPV6_RECVPKTINFO)");
445 static int set_recverr_v4(int sd)
450 rc = setsockopt(sd, SOL_IP, IP_RECVERR, &one, sizeof(one));
451 if (rc < 0 && rc != -ENOTSUP)
452 log_err_errno("setsockopt(IP_RECVERR)");
457 static int set_recverr_v6(int sd)
462 rc = setsockopt(sd, SOL_IPV6, IPV6_RECVERR, &one, sizeof(one));
463 if (rc < 0 && rc != -ENOTSUP)
464 log_err_errno("setsockopt(IPV6_RECVERR)");
469 static int set_unicast_if(int sd, int ifindex, int version)
471 int opt = IP_UNICAST_IF;
475 ifindex = htonl(ifindex);
477 if (version == AF_INET6) {
478 opt = IPV6_UNICAST_IF;
481 rc = setsockopt(sd, level, opt, &ifindex, sizeof(ifindex));
483 log_err_errno("setsockopt(IP_UNICAST_IF)");
488 static int set_multicast_if(int sd, int ifindex)
490 struct ip_mreqn mreq = { .imr_ifindex = ifindex };
493 rc = setsockopt(sd, SOL_IP, IP_MULTICAST_IF, &mreq, sizeof(mreq));
495 log_err_errno("setsockopt(IP_MULTICAST_IF)");
500 static int set_membership(int sd, uint32_t grp, uint32_t addr, int ifindex)
502 uint32_t if_addr = addr;
503 struct ip_mreqn mreq;
506 if (addr == htonl(INADDR_ANY) && !ifindex) {
507 log_error("Either local address or device needs to be given for multicast membership\n");
511 mreq.imr_multiaddr.s_addr = grp;
512 mreq.imr_address.s_addr = if_addr;
513 mreq.imr_ifindex = ifindex;
515 rc = setsockopt(sd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq));
517 log_err_errno("setsockopt(IP_ADD_MEMBERSHIP)");
524 static int set_freebind(int sd, int version)
526 unsigned int one = 1;
531 if (setsockopt(sd, SOL_IP, IP_FREEBIND, &one, sizeof(one))) {
532 log_err_errno("setsockopt(IP_FREEBIND)");
537 if (setsockopt(sd, SOL_IPV6, IPV6_FREEBIND, &one, sizeof(one))) {
538 log_err_errno("setsockopt(IPV6_FREEBIND");
547 static int set_broadcast(int sd)
549 unsigned int one = 1;
552 if (setsockopt(sd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) != 0) {
553 log_err_errno("setsockopt(SO_BROADCAST)");
560 static int set_reuseport(int sd)
562 unsigned int one = 1;
565 if (setsockopt(sd, SOL_SOCKET, SO_REUSEPORT, &one, sizeof(one)) != 0) {
566 log_err_errno("setsockopt(SO_REUSEPORT)");
573 static int set_reuseaddr(int sd)
575 unsigned int one = 1;
578 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) != 0) {
579 log_err_errno("setsockopt(SO_REUSEADDR)");
586 static int set_dsfield(int sd, int version, int dsfield)
593 if (setsockopt(sd, SOL_IP, IP_TOS, &dsfield,
594 sizeof(dsfield)) < 0) {
595 log_err_errno("setsockopt(IP_TOS)");
601 if (setsockopt(sd, SOL_IPV6, IPV6_TCLASS, &dsfield,
602 sizeof(dsfield)) < 0) {
603 log_err_errno("setsockopt(IPV6_TCLASS)");
609 log_error("Invalid address family\n");
616 static int set_dontroute(int sd)
618 unsigned int one = 1;
620 if (setsockopt(sd, SOL_SOCKET, SO_DONTROUTE, &one, sizeof(one)) < 0) {
621 log_err_errno("setsockopt(SO_DONTROUTE)");
628 static int str_to_uint(const char *str, int min, int max, unsigned int *value)
634 number = (unsigned int) strtoul(str, &end, 0);
636 /* entire string should be consumed by conversion
637 * and value should be between min and max
639 if (((*end == '\0') || (*end == '\n')) && (end != str) &&
640 (errno != ERANGE) && (min <= number) && (number <= max)) {
648 static int resolve_devices(struct sock_args *args)
651 args->ifindex = get_ifidx(args->dev);
652 if (args->ifindex < 0) {
653 log_error("Invalid device name\n");
658 if (args->expected_dev) {
661 if (str_to_uint(args->expected_dev, 0, INT_MAX, &tmp) == 0) {
662 args->expected_ifindex = (int)tmp;
664 args->expected_ifindex = get_ifidx(args->expected_dev);
665 if (args->expected_ifindex < 0) {
666 fprintf(stderr, "Invalid expected device\n");
675 static int expected_addr_match(struct sockaddr *sa, void *expected,
681 if (sa->sa_family == AF_INET) {
682 struct sockaddr_in *s = (struct sockaddr_in *) sa;
683 struct in_addr *exp_in = (struct in_addr *) expected;
685 if (s->sin_addr.s_addr != exp_in->s_addr) {
686 log_error("%s address does not match expected %s\n",
688 inet_ntop(AF_INET, exp_in,
689 addrstr, sizeof(addrstr)));
692 } else if (sa->sa_family == AF_INET6) {
693 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
694 struct in6_addr *exp_in = (struct in6_addr *) expected;
696 if (memcmp(&s6->sin6_addr, exp_in, sizeof(*exp_in))) {
697 log_error("%s address does not match expected %s\n",
699 inet_ntop(AF_INET6, exp_in,
700 addrstr, sizeof(addrstr)));
704 log_error("%s address does not match expected - unknown family\n",
710 log_msg("%s address matches expected\n", desc);
715 static int show_sockstat(int sd, struct sock_args *args)
717 struct sockaddr_in6 local_addr, remote_addr;
718 socklen_t alen = sizeof(local_addr);
723 desc = server_mode ? "server local:" : "client local:";
724 sa = (struct sockaddr *) &local_addr;
725 if (getsockname(sd, sa, &alen) == 0) {
726 log_address(desc, sa);
728 if (args->has_expected_laddr) {
729 rc = expected_addr_match(sa, &args->expected_laddr,
733 log_err_errno("getsockname failed");
736 sa = (struct sockaddr *) &remote_addr;
737 desc = server_mode ? "server peer:" : "client peer:";
738 if (getpeername(sd, sa, &alen) == 0) {
739 log_address(desc, sa);
741 if (args->has_expected_raddr) {
742 rc |= expected_addr_match(sa, &args->expected_raddr,
746 log_err_errno("getpeername failed");
756 ADDR_TYPE_EXPECTED_LOCAL,
757 ADDR_TYPE_EXPECTED_REMOTE,
758 ADDR_TYPE_MD5_PREFIX,
761 static int convert_addr(struct sock_args *args, const char *_str,
762 enum addr_type atype)
764 int pfx_len_max = args->version == AF_INET6 ? 128 : 32;
765 int family = args->version;
766 char *str, *dev, *sep;
767 struct in6_addr *in6;
778 case ADDR_TYPE_LOCAL:
780 addr = &args->local_addr;
782 case ADDR_TYPE_REMOTE:
784 addr = &args->remote_addr;
786 case ADDR_TYPE_MCAST:
790 case ADDR_TYPE_EXPECTED_LOCAL:
791 desc = "expected local";
792 addr = &args->expected_laddr;
794 case ADDR_TYPE_EXPECTED_REMOTE:
795 desc = "expected remote";
796 addr = &args->expected_raddr;
798 case ADDR_TYPE_MD5_PREFIX:
800 if (family == AF_INET) {
801 args->md5_prefix.v4.sin_family = AF_INET;
802 addr = &args->md5_prefix.v4.sin_addr;
803 } else if (family == AF_INET6) {
804 args->md5_prefix.v6.sin6_family = AF_INET6;
805 addr = &args->md5_prefix.v6.sin6_addr;
809 sep = strchr(str, '/');
813 if (str_to_uint(sep, 1, pfx_len_max,
814 &args->prefix_len) != 0) {
815 fprintf(stderr, "Invalid port\n");
819 args->prefix_len = 0;
823 log_error("unknown address type\n");
829 in = (struct in_addr *) addr;
831 if (inet_pton(AF_INET, str, in) == 0) {
832 log_error("Invalid %s IP address\n", desc);
837 in->s_addr = htonl(INADDR_ANY);
842 dev = strchr(str, '%');
848 in6 = (struct in6_addr *) addr;
850 if (inet_pton(AF_INET6, str, in6) == 0) {
851 log_error("Invalid %s IPv6 address\n", desc);
859 args->scope_id = get_ifidx(dev);
860 if (args->scope_id < 0) {
861 log_error("Invalid scope on %s IPv6 address\n",
870 log_error("Invalid address family\n");
878 static int validate_addresses(struct sock_args *args)
880 if (args->local_addr_str &&
881 convert_addr(args, args->local_addr_str, ADDR_TYPE_LOCAL) < 0)
884 if (args->remote_addr_str &&
885 convert_addr(args, args->remote_addr_str, ADDR_TYPE_REMOTE) < 0)
888 if (args->md5_prefix_str &&
889 convert_addr(args, args->md5_prefix_str,
890 ADDR_TYPE_MD5_PREFIX) < 0)
893 if (args->expected_laddr_str &&
894 convert_addr(args, args->expected_laddr_str,
895 ADDR_TYPE_EXPECTED_LOCAL))
898 if (args->expected_raddr_str &&
899 convert_addr(args, args->expected_raddr_str,
900 ADDR_TYPE_EXPECTED_REMOTE))
906 static int get_index_from_cmsg(struct msghdr *m)
912 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(m);
913 m->msg_controllen != 0 && cm;
914 cm = (struct cmsghdr *)CMSG_NXTHDR(m, cm)) {
916 if (cm->cmsg_level == SOL_IP &&
917 cm->cmsg_type == IP_PKTINFO) {
918 struct in_pktinfo *pi;
920 pi = (struct in_pktinfo *)(CMSG_DATA(cm));
921 inet_ntop(AF_INET, &pi->ipi_addr, buf, sizeof(buf));
922 ifindex = pi->ipi_ifindex;
923 } else if (cm->cmsg_level == SOL_IPV6 &&
924 cm->cmsg_type == IPV6_PKTINFO) {
925 struct in6_pktinfo *pi6;
927 pi6 = (struct in6_pktinfo *)(CMSG_DATA(cm));
928 inet_ntop(AF_INET6, &pi6->ipi6_addr, buf, sizeof(buf));
929 ifindex = pi6->ipi6_ifindex;
934 log_msg(" pktinfo: ifindex %d dest addr %s\n",
940 static int send_msg_no_cmsg(int sd, void *addr, socklen_t alen)
945 err = sendto(sd, msg, msglen, 0, addr, alen);
947 if (errno == EACCES && try_broadcast) {
949 if (!set_broadcast(sd))
954 log_err_errno("sendto failed");
961 static int send_msg_cmsg(int sd, void *addr, socklen_t alen,
962 int ifindex, int version)
964 unsigned char cmsgbuf[64];
970 iov[0].iov_base = msg;
971 iov[0].iov_len = msglen;
974 m.msg_name = (caddr_t)addr;
975 m.msg_namelen = alen;
977 memset(cmsgbuf, 0, sizeof(cmsgbuf));
978 cm = (struct cmsghdr *)cmsgbuf;
979 m.msg_control = (caddr_t)cm;
981 if (version == AF_INET) {
982 struct in_pktinfo *pi;
984 cm->cmsg_level = SOL_IP;
985 cm->cmsg_type = IP_PKTINFO;
986 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
987 pi = (struct in_pktinfo *)(CMSG_DATA(cm));
988 pi->ipi_ifindex = ifindex;
990 m.msg_controllen = cm->cmsg_len;
992 } else if (version == AF_INET6) {
993 struct in6_pktinfo *pi6;
995 cm->cmsg_level = SOL_IPV6;
996 cm->cmsg_type = IPV6_PKTINFO;
997 cm->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
999 pi6 = (struct in6_pktinfo *)(CMSG_DATA(cm));
1000 pi6->ipi6_ifindex = ifindex;
1002 m.msg_controllen = cm->cmsg_len;
1006 err = sendmsg(sd, &m, 0);
1008 if (errno == EACCES && try_broadcast) {
1010 if (!set_broadcast(sd))
1015 log_err_errno("sendmsg failed");
1023 static int send_msg(int sd, void *addr, socklen_t alen, struct sock_args *args)
1025 if (args->type == SOCK_STREAM) {
1026 if (write(sd, msg, msglen) < 0) {
1027 log_err_errno("write failed sending msg to peer");
1030 } else if (args->datagram_connect) {
1031 if (send(sd, msg, msglen, 0) < 0) {
1032 log_err_errno("send failed sending msg to peer");
1035 } else if (args->ifindex && args->use_cmsg) {
1036 if (send_msg_cmsg(sd, addr, alen, args->ifindex, args->version))
1039 if (send_msg_no_cmsg(sd, addr, alen))
1043 log_msg("Sent message:\n");
1044 log_msg(" %.24s%s\n", msg, msglen > 24 ? " ..." : "");
1049 static int socket_read_dgram(int sd, struct sock_args *args)
1051 unsigned char addr[sizeof(struct sockaddr_in6)];
1052 struct sockaddr *sa = (struct sockaddr *) addr;
1053 socklen_t alen = sizeof(addr);
1054 struct iovec iov[2];
1056 .msg_name = (caddr_t)addr,
1057 .msg_namelen = alen,
1061 unsigned char cmsgbuf[256];
1062 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
1067 iov[0].iov_base = (caddr_t)buf;
1068 iov[0].iov_len = sizeof(buf);
1070 memset(cmsgbuf, 0, sizeof(cmsgbuf));
1071 m.msg_control = (caddr_t)cm;
1072 m.msg_controllen = sizeof(cmsgbuf);
1074 len = recvmsg(sd, &m, 0);
1076 log_msg("peer closed connection.\n");
1078 } else if (len < 0) {
1079 log_msg("failed to read message: %d: %s\n",
1080 errno, strerror(errno));
1086 log_address("Message from:", sa);
1087 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1089 ifindex = get_index_from_cmsg(&m);
1090 if (args->expected_ifindex) {
1091 if (args->expected_ifindex != ifindex) {
1092 log_error("Device index mismatch: expected %d have %d\n",
1093 args->expected_ifindex, ifindex);
1096 log_msg("Device index matches: expected %d have %d\n",
1097 args->expected_ifindex, ifindex);
1100 if (!interactive && server_mode) {
1101 if (sa->sa_family == AF_INET6) {
1102 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
1103 struct in6_addr *in6 = &s6->sin6_addr;
1105 if (IN6_IS_ADDR_V4MAPPED(in6)) {
1106 const uint32_t *pa = (uint32_t *) &in6->s6_addr;
1108 struct sockaddr_in *sin;
1110 sin = (struct sockaddr_in *) addr;
1113 sin->sin_addr = in4;
1114 sin->sin_family = AF_INET;
1115 if (send_msg_cmsg(sd, addr, alen,
1116 ifindex, AF_INET) < 0)
1121 iov[0].iov_len = len;
1123 if (args->version == AF_INET6) {
1124 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
1127 /* avoid PKTINFO conflicts with bindtodev */
1128 if (sendto(sd, buf, len, 0,
1129 (void *) addr, alen) < 0)
1132 /* kernel is allowing scope_id to be set to VRF
1133 * index for LLA. for sends to global address
1136 s6->sin6_scope_id = ifindex;
1137 if (sendmsg(sd, &m, 0) < 0)
1143 err = sendmsg(sd, &m, 0);
1145 if (errno == EACCES && try_broadcast) {
1147 if (!set_broadcast(sd))
1154 log_msg("Sent message:\n");
1155 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1160 log_err_errno("failed to send msg to peer");
1164 static int socket_read_stream(int sd)
1169 len = read(sd, buf, sizeof(buf)-1);
1171 log_msg("client closed connection.\n");
1173 } else if (len < 0) {
1174 log_msg("failed to read message\n");
1179 log_msg("Incoming message:\n");
1180 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1182 if (!interactive && server_mode) {
1183 if (write(sd, buf, len) < 0) {
1184 log_err_errno("failed to send buf");
1187 log_msg("Sent message:\n");
1188 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1194 static int socket_read(int sd, struct sock_args *args)
1196 if (args->type == SOCK_STREAM)
1197 return socket_read_stream(sd);
1199 return socket_read_dgram(sd, args);
1202 static int stdin_to_socket(int sd, int type, void *addr, socklen_t alen)
1207 if (fgets(buf, sizeof(buf), stdin) == NULL)
1211 if (type == SOCK_STREAM) {
1212 if (write(sd, buf, len) < 0) {
1213 log_err_errno("failed to send buf");
1220 err = sendto(sd, buf, len, 0, addr, alen);
1222 if (errno == EACCES && try_broadcast) {
1224 if (!set_broadcast(sd))
1228 log_err_errno("failed to send msg to peer");
1232 log_msg("Sent message:\n");
1233 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1238 static void set_recv_attr(int sd, int version)
1240 if (version == AF_INET6) {
1241 set_recvpktinfo_v6(sd);
1249 static int msg_loop(int client, int sd, void *addr, socklen_t alen,
1250 struct sock_args *args)
1252 struct timeval timeout = { .tv_sec = prog_timeout }, *ptval = NULL;
1257 if (args->type != SOCK_STREAM)
1258 set_recv_attr(sd, args->version);
1261 msglen = strlen(msg);
1263 /* client sends first message */
1265 if (send_msg(sd, addr, alen, args))
1275 nfds = interactive ? MAX(fileno(stdin), sd) + 1 : sd + 1;
1280 FD_SET(fileno(stdin), &rfds);
1282 rc = select(nfds, &rfds, NULL, NULL, ptval);
1288 log_err_errno("select failed");
1290 } else if (rc == 0) {
1291 log_error("Timed out waiting for response\n");
1296 if (FD_ISSET(sd, &rfds)) {
1297 rc = socket_read(sd, args);
1308 if (FD_ISSET(fileno(stdin), &rfds)) {
1309 if (stdin_to_socket(sd, args->type, addr, alen) <= 0)
1322 log_msg("Going into quiet mode\n");
1326 if (send_msg(sd, addr, alen, args)) {
1336 static int msock_init(struct sock_args *args, int server)
1338 uint32_t if_addr = htonl(INADDR_ANY);
1339 struct sockaddr_in laddr = {
1340 .sin_family = AF_INET,
1341 .sin_port = htons(args->port),
1346 if (!server && args->has_local_ip)
1347 if_addr = args->local_addr.in.s_addr;
1349 sd = socket(PF_INET, SOCK_DGRAM, 0);
1351 log_err_errno("socket");
1355 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR,
1356 (char *)&one, sizeof(one)) < 0) {
1357 log_err_errno("Setting SO_REUSEADDR error");
1361 if (setsockopt(sd, SOL_SOCKET, SO_BROADCAST,
1362 (char *)&one, sizeof(one)) < 0)
1363 log_err_errno("Setting SO_BROADCAST error");
1365 if (set_dsfield(sd, AF_INET, args->dsfield) != 0)
1369 if (args->server_dontroute && set_dontroute(sd) != 0)
1372 if (args->client_dontroute && set_dontroute(sd) != 0)
1376 if (args->dev && bind_to_device(sd, args->dev) != 0)
1378 else if (args->use_setsockopt &&
1379 set_multicast_if(sd, args->ifindex))
1382 laddr.sin_addr.s_addr = if_addr;
1384 if (bind(sd, (struct sockaddr *) &laddr, sizeof(laddr)) < 0) {
1385 log_err_errno("bind failed");
1390 set_membership(sd, args->grp.s_addr,
1391 args->local_addr.in.s_addr, args->ifindex))
1400 static int msock_server(struct sock_args *args)
1402 return msock_init(args, 1);
1405 static int msock_client(struct sock_args *args)
1407 return msock_init(args, 0);
1410 static int bind_socket(int sd, struct sock_args *args)
1412 struct sockaddr_in serv_addr = {
1413 .sin_family = AF_INET,
1415 struct sockaddr_in6 serv6_addr = {
1416 .sin6_family = AF_INET6,
1421 if (!args->has_local_ip && args->type == SOCK_RAW)
1424 switch (args->version) {
1426 serv_addr.sin_port = htons(args->port);
1427 serv_addr.sin_addr = args->local_addr.in;
1429 alen = sizeof(serv_addr);
1433 serv6_addr.sin6_port = htons(args->port);
1434 serv6_addr.sin6_addr = args->local_addr.in6;
1436 alen = sizeof(serv6_addr);
1440 log_error("Invalid address family\n");
1444 if (bind(sd, addr, alen) < 0) {
1445 log_err_errno("error binding socket");
1452 static int config_xfrm_policy(int sd, struct sock_args *args)
1454 struct xfrm_userpolicy_info policy = {};
1455 int type = UDP_ENCAP_ESPINUDP;
1456 int xfrm_af = IP_XFRM_POLICY;
1459 if (args->type != SOCK_DGRAM) {
1460 log_error("Invalid socket type. Only DGRAM could be used for XFRM\n");
1464 policy.action = XFRM_POLICY_ALLOW;
1465 policy.sel.family = args->version;
1466 if (args->version == AF_INET6) {
1467 xfrm_af = IPV6_XFRM_POLICY;
1471 policy.dir = XFRM_POLICY_OUT;
1472 if (setsockopt(sd, level, xfrm_af, &policy, sizeof(policy)) < 0)
1475 policy.dir = XFRM_POLICY_IN;
1476 if (setsockopt(sd, level, xfrm_af, &policy, sizeof(policy)) < 0)
1479 if (setsockopt(sd, IPPROTO_UDP, UDP_ENCAP, &type, sizeof(type)) < 0) {
1480 log_err_errno("Failed to set xfrm encap");
1487 static int lsock_init(struct sock_args *args)
1492 sd = socket(args->version, args->type, args->protocol);
1494 log_err_errno("Error opening socket");
1498 if (set_reuseaddr(sd) != 0)
1501 if (set_reuseport(sd) != 0)
1504 if (set_dsfield(sd, args->version, args->dsfield) != 0)
1507 if (args->server_dontroute && set_dontroute(sd) != 0)
1510 if (args->dev && bind_to_device(sd, args->dev) != 0)
1512 else if (args->use_setsockopt &&
1513 set_unicast_if(sd, args->ifindex, args->version))
1516 if (args->use_freebind && set_freebind(sd, args->version))
1519 if (bind_socket(sd, args))
1522 if (args->bind_test_only)
1525 if (args->type == SOCK_STREAM && listen(sd, 1) < 0) {
1526 log_err_errno("listen failed");
1530 flags = fcntl(sd, F_GETFL);
1531 if ((flags < 0) || (fcntl(sd, F_SETFL, flags|O_NONBLOCK) < 0)) {
1532 log_err_errno("Failed to set non-blocking option");
1536 if (fcntl(sd, F_SETFD, FD_CLOEXEC) < 0)
1537 log_err_errno("Failed to set close-on-exec flag");
1539 if (args->use_xfrm && config_xfrm_policy(sd, args)) {
1540 log_err_errno("Failed to set xfrm policy");
1552 static void ipc_write(int fd, int message)
1554 /* Not in both_mode, so there's no process to signal */
1558 if (write(fd, &message, sizeof(message)) < 0)
1559 log_err_errno("Failed to send client status");
1562 static int do_server(struct sock_args *args, int ipc_fd)
1564 /* ipc_fd = -1 if no parent process to signal */
1565 struct timeval timeout = { .tv_sec = prog_timeout }, *ptval = NULL;
1566 unsigned char addr[sizeof(struct sockaddr_in6)] = {};
1567 socklen_t alen = sizeof(addr);
1573 if (args->serverns) {
1574 if (switch_ns(args->serverns)) {
1575 log_error("Could not set server netns to %s\n",
1579 log_msg("Switched server netns\n");
1582 args->dev = args->server_dev;
1583 args->expected_dev = args->expected_server_dev;
1584 if (resolve_devices(args) || validate_addresses(args))
1591 lsd = msock_server(args);
1593 lsd = lsock_init(args);
1598 if (args->bind_test_only) {
1600 ipc_write(ipc_fd, 1);
1604 if (args->type != SOCK_STREAM) {
1605 ipc_write(ipc_fd, 1);
1606 rc = msg_loop(0, lsd, (void *) addr, alen, args);
1611 if (args->password && tcp_md5_remote(lsd, args)) {
1616 ipc_write(ipc_fd, 1);
1618 log_msg("waiting for client connection.\n");
1622 rc = select(lsd+1, &rfds, NULL, NULL, ptval);
1632 log_err_errno("select failed");
1636 if (FD_ISSET(lsd, &rfds)) {
1638 csd = accept(lsd, (void *) addr, &alen);
1640 log_err_errno("accept failed");
1644 rc = show_sockstat(csd, args);
1648 rc = check_device(csd, args);
1653 rc = msg_loop(0, csd, (void *) addr, alen, args);
1664 ipc_write(ipc_fd, 0);
1668 static int wait_for_connect(int sd)
1670 struct timeval _tv = { .tv_sec = prog_timeout }, *tv = NULL;
1672 int val = 0, sz = sizeof(val);
1681 rc = select(FD_SETSIZE, NULL, &wfd, NULL, tv);
1683 log_error("connect timed out\n");
1685 } else if (rc < 0) {
1686 log_err_errno("select failed");
1690 if (getsockopt(sd, SOL_SOCKET, SO_ERROR, &val, (socklen_t *)&sz) < 0) {
1691 log_err_errno("getsockopt(SO_ERROR) failed");
1696 log_error("connect failed: %d: %s\n", val, strerror(val));
1703 static int connectsock(void *addr, socklen_t alen, struct sock_args *args)
1708 sd = socket(args->version, args->type, args->protocol);
1710 log_err_errno("Failed to create socket");
1714 flags = fcntl(sd, F_GETFL);
1715 if ((flags < 0) || (fcntl(sd, F_SETFL, flags|O_NONBLOCK) < 0)) {
1716 log_err_errno("Failed to set non-blocking option");
1720 if (set_reuseport(sd) != 0)
1723 if (set_dsfield(sd, args->version, args->dsfield) != 0)
1726 if (args->client_dontroute && set_dontroute(sd) != 0)
1729 if (args->dev && bind_to_device(sd, args->dev) != 0)
1731 else if (args->use_setsockopt &&
1732 set_unicast_if(sd, args->ifindex, args->version))
1735 if (args->has_local_ip && bind_socket(sd, args))
1738 if (args->type != SOCK_STREAM && !args->datagram_connect)
1741 if (args->password && tcp_md5sig(sd, addr, alen, args))
1744 if (args->bind_test_only)
1747 if (connect(sd, addr, alen) < 0) {
1748 if (errno != EINPROGRESS) {
1749 log_err_errno("Failed to connect to remote host");
1753 rc = wait_for_connect(sd);
1765 static int do_client(struct sock_args *args)
1767 struct sockaddr_in sin = {
1768 .sin_family = AF_INET,
1770 struct sockaddr_in6 sin6 = {
1771 .sin6_family = AF_INET6,
1778 if (!args->has_remote_ip && !args->has_grp) {
1779 fprintf(stderr, "remote IP or multicast group not given\n");
1783 if (args->clientns) {
1784 if (switch_ns(args->clientns)) {
1785 log_error("Could not set client netns to %s\n",
1789 log_msg("Switched client netns\n");
1792 args->local_addr_str = args->client_local_addr_str;
1793 if (resolve_devices(args) || validate_addresses(args))
1796 if ((args->use_setsockopt || args->use_cmsg) && !args->ifindex) {
1797 fprintf(stderr, "Device binding not specified\n");
1800 if (args->use_setsockopt || args->use_cmsg)
1803 switch (args->version) {
1805 sin.sin_port = htons(args->port);
1807 sin.sin_addr = args->grp;
1809 sin.sin_addr = args->remote_addr.in;
1814 sin6.sin6_port = htons(args->port);
1815 sin6.sin6_addr = args->remote_addr.in6;
1816 sin6.sin6_scope_id = args->scope_id;
1818 alen = sizeof(sin6);
1822 args->password = args->client_pw;
1825 sd = msock_client(args);
1827 sd = connectsock(addr, alen, args);
1832 if (args->bind_test_only)
1835 if (args->type == SOCK_STREAM) {
1836 rc = show_sockstat(sd, args);
1841 rc = msg_loop(1, sd, addr, alen, args);
1849 static char *random_msg(int len)
1851 int i, n = 0, olen = len + 1;
1862 i = snprintf(m + n, olen - n, "%.26s",
1863 "abcdefghijklmnopqrstuvwxyz");
1868 snprintf(m + n, olen - n, "%.*s", len,
1869 "abcdefghijklmnopqrstuvwxyz");
1873 static int ipc_child(int fd, struct sock_args *args)
1875 char *outbuf, *errbuf;
1878 outbuf = malloc(4096);
1879 errbuf = malloc(4096);
1880 if (!outbuf || !errbuf) {
1881 fprintf(stderr, "server: Failed to allocate buffers for stdout and stderr\n");
1885 setbuffer(stdout, outbuf, 4096);
1886 setbuffer(stderr, errbuf, 4096);
1888 server_mode = 1; /* to tell log_msg in case we are in both_mode */
1890 /* when running in both mode, address validation applies
1891 * solely to client side
1893 args->has_expected_laddr = 0;
1894 args->has_expected_raddr = 0;
1896 rc = do_server(args, fd);
1905 static int ipc_parent(int cpid, int fd, struct sock_args *args)
1911 /* do the client-side function here in the parent process,
1912 * waiting to be told when to continue
1914 if (read(fd, &buf, sizeof(buf)) <= 0) {
1915 log_err_errno("Failed to read IPC status from status");
1919 log_error("Server failed; can not continue\n");
1922 log_msg("Server is ready\n");
1924 client_status = do_client(args);
1925 log_msg("parent is done!\n");
1927 if (kill(cpid, 0) == 0)
1928 kill(cpid, SIGKILL);
1931 return client_status;
1934 #define GETOPT_STR "sr:l:c:Q:p:t:g:P:DRn:M:X:m:d:I:BN:O:SUCi6xL:0:1:2:3:Fbqf"
1935 #define OPT_FORCE_BIND_KEY_IFINDEX 1001
1936 #define OPT_NO_BIND_KEY_IFINDEX 1002
1937 #define OPT_CLIENT_DONTROUTE 1003
1938 #define OPT_SERVER_DONTROUTE 1004
1940 static struct option long_opts[] = {
1941 {"force-bind-key-ifindex", 0, 0, OPT_FORCE_BIND_KEY_IFINDEX},
1942 {"no-bind-key-ifindex", 0, 0, OPT_NO_BIND_KEY_IFINDEX},
1943 {"client-dontroute", 0, 0, OPT_CLIENT_DONTROUTE},
1944 {"server-dontroute", 0, 0, OPT_SERVER_DONTROUTE},
1948 static void print_usage(char *prog)
1953 " -r addr remote address to connect to (client mode only)\n"
1954 " -p port port to connect to (client mode)/listen on (server mode)\n"
1956 " -s server mode (default: client mode)\n"
1957 " -t timeout seconds (default: none)\n"
1960 " -B do both client and server via fork and IPC\n"
1961 " -N ns set client to network namespace ns (requires root)\n"
1962 " -O ns set server to network namespace ns (requires root)\n"
1963 " -F Restart server loop\n"
1964 " -6 IPv6 (default is IPv4)\n"
1965 " -P proto protocol for socket: icmp, ospf (default: none)\n"
1966 " -D|R datagram (D) / raw (R) socket (default stream)\n"
1967 " -l addr local address to bind to in server mode\n"
1968 " -c addr local address to bind to in client mode\n"
1969 " -Q dsfield DS Field value of the socket (the IP_TOS or\n"
1970 " IPV6_TCLASS socket option)\n"
1971 " -x configure XFRM policy on socket\n"
1973 " -d dev bind socket to given device name\n"
1974 " -I dev bind socket to given device name - server mode\n"
1975 " -S use setsockopt (IP_UNICAST_IF or IP_MULTICAST_IF)\n"
1976 " to set device binding\n"
1977 " -U Use connect() and send() for datagram sockets\n"
1978 " -f bind socket with the IP[V6]_FREEBIND option\n"
1979 " -C use cmsg and IP_PKTINFO to specify device binding\n"
1981 " -L len send random message of given length\n"
1982 " -n num number of times to send message\n"
1984 " -M password use MD5 sum protection\n"
1985 " -X password MD5 password for client mode\n"
1986 " -m prefix/len prefix and length to use for MD5 key\n"
1987 " --no-bind-key-ifindex: Force TCP_MD5SIG_FLAG_IFINDEX off\n"
1988 " --force-bind-key-ifindex: Force TCP_MD5SIG_FLAG_IFINDEX on\n"
1989 " (default: only if -I is passed)\n"
1990 " --client-dontroute: don't use gateways for client socket: send\n"
1991 " packets only if destination is on link (see\n"
1992 " SO_DONTROUTE in socket(7))\n"
1993 " --server-dontroute: don't use gateways for server socket: send\n"
1994 " packets only if destination is on link (see\n"
1995 " SO_DONTROUTE in socket(7))\n"
1997 " -g grp multicast group (e.g., 239.1.1.1)\n"
1998 " -i interactive mode (default is echo and terminate)\n"
2000 " -0 addr Expected local address\n"
2001 " -1 addr Expected remote address\n"
2002 " -2 dev Expected device name (or index) to receive packet\n"
2003 " -3 dev Expected device name (or index) to receive packets - server mode\n"
2005 " -b Bind test only.\n"
2006 " -q Be quiet. Run test without printing anything.\n"
2007 , prog, DEFAULT_PORT);
2010 int main(int argc, char *argv[])
2012 struct sock_args args = {
2014 .type = SOCK_STREAM,
2015 .port = DEFAULT_PORT,
2017 struct protoent *pe;
2024 /* process inputs */
2025 extern char *optarg;
2029 * process input args
2032 while ((rc = getopt_long(argc, argv, GETOPT_STR, long_opts, NULL)) != -1) {
2044 args.has_local_ip = 1;
2045 args.local_addr_str = optarg;
2048 args.has_remote_ip = 1;
2049 args.remote_addr_str = optarg;
2052 args.has_local_ip = 1;
2053 args.client_local_addr_str = optarg;
2056 if (str_to_uint(optarg, 0, 255, &tmp) != 0) {
2057 fprintf(stderr, "Invalid DS Field\n");
2063 if (str_to_uint(optarg, 1, 65535, &tmp) != 0) {
2064 fprintf(stderr, "Invalid port\n");
2067 args.port = (unsigned short) tmp;
2070 if (str_to_uint(optarg, 0, INT_MAX,
2071 &prog_timeout) != 0) {
2072 fprintf(stderr, "Invalid timeout\n");
2077 args.type = SOCK_DGRAM;
2080 args.type = SOCK_RAW;
2083 args.protocol = IPPROTO_RAW;
2086 pe = getprotobyname(optarg);
2088 args.protocol = pe->p_proto;
2090 if (str_to_uint(optarg, 0, 0xffff, &tmp) != 0) {
2091 fprintf(stderr, "Invalid protocol\n");
2094 args.protocol = tmp;
2098 iter = atoi(optarg);
2101 args.clientns = optarg;
2104 args.serverns = optarg;
2107 msg = random_msg(atoi(optarg));
2110 args.password = optarg;
2112 case OPT_FORCE_BIND_KEY_IFINDEX:
2113 args.bind_key_ifindex = 1;
2115 case OPT_NO_BIND_KEY_IFINDEX:
2116 args.bind_key_ifindex = -1;
2118 case OPT_CLIENT_DONTROUTE:
2119 args.client_dontroute = 1;
2121 case OPT_SERVER_DONTROUTE:
2122 args.server_dontroute = 1;
2125 args.client_pw = optarg;
2128 args.md5_prefix_str = optarg;
2131 args.use_setsockopt = 1;
2134 args.use_freebind = 1;
2143 args.server_dev = optarg;
2150 if (convert_addr(&args, optarg, ADDR_TYPE_MCAST) < 0)
2152 args.type = SOCK_DGRAM;
2155 args.version = AF_INET6;
2158 args.bind_test_only = 1;
2161 args.has_expected_laddr = 1;
2162 args.expected_laddr_str = optarg;
2165 args.has_expected_raddr = 1;
2166 args.expected_raddr_str = optarg;
2169 args.expected_dev = optarg;
2172 args.expected_server_dev = optarg;
2181 args.datagram_connect = 1;
2184 print_usage(argv[0]);
2189 if (args.password &&
2190 ((!args.has_remote_ip && !args.md5_prefix_str) ||
2191 args.type != SOCK_STREAM)) {
2192 log_error("MD5 passwords apply to TCP only and require a remote ip for the password\n");
2196 if (args.md5_prefix_str && !args.password) {
2197 log_error("Prefix range for MD5 protection specified without a password\n");
2202 fprintf(stderr, "Invalid number of messages to send\n");
2206 if (args.type == SOCK_STREAM && !args.protocol)
2207 args.protocol = IPPROTO_TCP;
2208 if (args.type == SOCK_DGRAM && !args.protocol)
2209 args.protocol = IPPROTO_UDP;
2211 if ((args.type == SOCK_STREAM || args.type == SOCK_DGRAM) &&
2213 fprintf(stderr, "Invalid port number\n");
2217 if ((both_mode || !server_mode) && !args.has_grp &&
2218 !args.has_remote_ip && !args.has_local_ip) {
2220 "Local (server mode) or remote IP (client IP) required\n");
2241 return ipc_parent(cpid, fd[0], &args);
2243 return ipc_child(fd[1], &args);
2248 rc = do_server(&args, -1);
2253 return do_client(&args);
projects / linux.git / blob