1 // SPDX-License-Identifier: GPL-2.0
2 /* nettest - used for functional tests of networking APIs
4 * Copyright (c) 2013-2019 David Ahern <dsahern@gmail.com>. All rights reserved.
10 #include <sys/ioctl.h>
11 #include <sys/socket.h>
13 #include <linux/tcp.h>
14 #include <linux/udp.h>
15 #include <arpa/inet.h>
17 #include <netinet/in.h>
18 #include <netinet/ip.h>
33 #include <linux/xfrm.h>
34 #include <linux/ipsec.h>
35 #include <linux/pfkeyv2.h>
37 #ifndef IPV6_UNICAST_IF
38 #define IPV6_UNICAST_IF 76
40 #ifndef IPV6_MULTICAST_IF
41 #define IPV6_MULTICAST_IF 17
44 #define DEFAULT_PORT 12345
46 #define NS_PREFIX "/run/netns/"
49 #define MAX(a, b) ((a) > (b) ? (a) : (b))
52 #define MIN(a, b) ((a) < (b) ? (a) : (b))
57 const char *local_addr_str;
58 const char *client_local_addr_str;
65 const char *remote_addr_str;
70 int scope_id; /* remote scope; v6 send only */
72 struct in_addr grp; /* multicast group */
74 unsigned int has_local_ip:1,
83 int type; /* DGRAM, STREAM, RAW */
85 int version; /* AF_INET/AF_INET6 */
91 const char *server_dev;
98 const char *client_pw;
99 /* prefix for MD5 password */
100 const char *md5_prefix_str;
102 struct sockaddr_in v4;
103 struct sockaddr_in6 v6;
105 unsigned int prefix_len;
106 /* 0: default, -1: force off, +1: force on */
107 int bind_key_ifindex;
109 /* expected addresses and device index for connection */
110 const char *expected_dev;
111 const char *expected_server_dev;
112 int expected_ifindex;
115 const char *expected_laddr_str;
122 const char *expected_raddr_str;
128 /* ESP in UDP encap test */
132 static int server_mode;
133 static unsigned int prog_timeout = 5;
134 static unsigned int interactive;
136 static char *msg = "Hello world!";
139 static int try_broadcast = 1;
141 static char *timestamp(char *timebuf, int buflen)
146 if (strftime(timebuf, buflen, "%T", localtime(&now)) == 0) {
147 memset(timebuf, 0, buflen);
148 strncpy(timebuf, "00:00:00", buflen-1);
154 static void log_msg(const char *format, ...)
162 fprintf(stdout, "%s %s:",
163 timestamp(timebuf, sizeof(timebuf)),
164 server_mode ? "server" : "client");
165 va_start(args, format);
166 vfprintf(stdout, format, args);
172 static void log_error(const char *format, ...)
180 fprintf(stderr, "%s %s:",
181 timestamp(timebuf, sizeof(timebuf)),
182 server_mode ? "server" : "client");
183 va_start(args, format);
184 vfprintf(stderr, format, args);
190 static void log_err_errno(const char *fmt, ...)
198 fprintf(stderr, "%s %s: ",
199 timestamp(timebuf, sizeof(timebuf)),
200 server_mode ? "server" : "client");
202 vfprintf(stderr, fmt, args);
205 fprintf(stderr, ": %d: %s\n", errno, strerror(errno));
209 static void log_address(const char *desc, struct sockaddr *sa)
216 if (sa->sa_family == AF_INET) {
217 struct sockaddr_in *s = (struct sockaddr_in *) sa;
219 log_msg("%s %s:%d\n",
221 inet_ntop(AF_INET, &s->sin_addr, addrstr,
225 } else if (sa->sa_family == AF_INET6) {
226 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
228 log_msg("%s [%s]:%d\n",
230 inet_ntop(AF_INET6, &s6->sin6_addr, addrstr,
232 ntohs(s6->sin6_port));
238 static int switch_ns(const char *ns)
244 log_error("warning: likely need root to set netns %s!\n", ns);
246 snprintf(path, sizeof(path), "%s%s", NS_PREFIX, ns);
249 log_err_errno("Failed to open netns path; can not switch netns");
253 ret = setns(fd, CLONE_NEWNET);
259 static int tcp_md5sig(int sd, void *addr, socklen_t alen, struct sock_args *args)
261 int keylen = strlen(args->password);
262 struct tcp_md5sig md5sig = {};
263 int opt = TCP_MD5SIG;
266 md5sig.tcpm_keylen = keylen;
267 memcpy(md5sig.tcpm_key, args->password, keylen);
269 if (args->prefix_len) {
270 opt = TCP_MD5SIG_EXT;
271 md5sig.tcpm_flags |= TCP_MD5SIG_FLAG_PREFIX;
273 md5sig.tcpm_prefixlen = args->prefix_len;
274 addr = &args->md5_prefix;
276 memcpy(&md5sig.tcpm_addr, addr, alen);
278 if ((args->ifindex && args->bind_key_ifindex >= 0) || args->bind_key_ifindex >= 1) {
279 opt = TCP_MD5SIG_EXT;
280 md5sig.tcpm_flags |= TCP_MD5SIG_FLAG_IFINDEX;
282 md5sig.tcpm_ifindex = args->ifindex;
283 log_msg("TCP_MD5SIG_FLAG_IFINDEX set tcpm_ifindex=%d\n", md5sig.tcpm_ifindex);
285 log_msg("TCP_MD5SIG_FLAG_IFINDEX off\n", md5sig.tcpm_ifindex);
288 rc = setsockopt(sd, IPPROTO_TCP, opt, &md5sig, sizeof(md5sig));
290 /* ENOENT is harmless. Returned when a password is cleared */
294 log_err_errno("setsockopt(TCP_MD5SIG)");
300 static int tcp_md5_remote(int sd, struct sock_args *args)
302 struct sockaddr_in sin = {
303 .sin_family = AF_INET,
305 struct sockaddr_in6 sin6 = {
306 .sin6_family = AF_INET6,
311 switch (args->version) {
313 sin.sin_port = htons(args->port);
314 sin.sin_addr = args->md5_prefix.v4.sin_addr;
319 sin6.sin6_port = htons(args->port);
320 sin6.sin6_addr = args->md5_prefix.v6.sin6_addr;
325 log_error("unknown address family\n");
329 if (tcp_md5sig(sd, addr, alen, args))
335 static int get_ifidx(const char *ifname)
340 if (!ifname || *ifname == '\0')
343 memset(&ifdata, 0, sizeof(ifdata));
345 strcpy(ifdata.ifr_name, ifname);
347 sd = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP);
349 log_err_errno("socket failed");
353 rc = ioctl(sd, SIOCGIFINDEX, (char *)&ifdata);
356 log_err_errno("ioctl(SIOCGIFINDEX) failed");
360 return ifdata.ifr_ifindex;
363 static int bind_to_device(int sd, const char *name)
367 rc = setsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, name, strlen(name)+1);
369 log_err_errno("setsockopt(SO_BINDTODEVICE)");
374 static int get_bind_to_device(int sd, char *name, size_t len)
377 socklen_t optlen = len;
380 rc = getsockopt(sd, SOL_SOCKET, SO_BINDTODEVICE, name, &optlen);
382 log_err_errno("setsockopt(SO_BINDTODEVICE)");
387 static int check_device(int sd, struct sock_args *args)
392 if (get_bind_to_device(sd, name, sizeof(name)))
395 ifindex = get_ifidx(name);
397 log_msg(" bound to device %s/%d\n",
398 *name ? name : "<none>", ifindex);
400 if (!args->expected_ifindex)
403 if (args->expected_ifindex != ifindex) {
404 log_error("Device index mismatch: expected %d have %d\n",
405 args->expected_ifindex, ifindex);
409 log_msg("Device index matches: expected %d have %d\n",
410 args->expected_ifindex, ifindex);
415 static int set_pktinfo_v4(int sd)
420 rc = setsockopt(sd, SOL_IP, IP_PKTINFO, &one, sizeof(one));
421 if (rc < 0 && rc != -ENOTSUP)
422 log_err_errno("setsockopt(IP_PKTINFO)");
427 static int set_recvpktinfo_v6(int sd)
432 rc = setsockopt(sd, SOL_IPV6, IPV6_RECVPKTINFO, &one, sizeof(one));
433 if (rc < 0 && rc != -ENOTSUP)
434 log_err_errno("setsockopt(IPV6_RECVPKTINFO)");
439 static int set_recverr_v4(int sd)
444 rc = setsockopt(sd, SOL_IP, IP_RECVERR, &one, sizeof(one));
445 if (rc < 0 && rc != -ENOTSUP)
446 log_err_errno("setsockopt(IP_RECVERR)");
451 static int set_recverr_v6(int sd)
456 rc = setsockopt(sd, SOL_IPV6, IPV6_RECVERR, &one, sizeof(one));
457 if (rc < 0 && rc != -ENOTSUP)
458 log_err_errno("setsockopt(IPV6_RECVERR)");
463 static int set_unicast_if(int sd, int ifindex, int version)
465 int opt = IP_UNICAST_IF;
469 ifindex = htonl(ifindex);
471 if (version == AF_INET6) {
472 opt = IPV6_UNICAST_IF;
475 rc = setsockopt(sd, level, opt, &ifindex, sizeof(ifindex));
477 log_err_errno("setsockopt(IP_UNICAST_IF)");
482 static int set_multicast_if(int sd, int ifindex)
484 struct ip_mreqn mreq = { .imr_ifindex = ifindex };
487 rc = setsockopt(sd, SOL_IP, IP_MULTICAST_IF, &mreq, sizeof(mreq));
489 log_err_errno("setsockopt(IP_MULTICAST_IF)");
494 static int set_membership(int sd, uint32_t grp, uint32_t addr, int ifindex)
496 uint32_t if_addr = addr;
497 struct ip_mreqn mreq;
500 if (addr == htonl(INADDR_ANY) && !ifindex) {
501 log_error("Either local address or device needs to be given for multicast membership\n");
505 mreq.imr_multiaddr.s_addr = grp;
506 mreq.imr_address.s_addr = if_addr;
507 mreq.imr_ifindex = ifindex;
509 rc = setsockopt(sd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq));
511 log_err_errno("setsockopt(IP_ADD_MEMBERSHIP)");
518 static int set_freebind(int sd, int version)
520 unsigned int one = 1;
525 if (setsockopt(sd, SOL_IP, IP_FREEBIND, &one, sizeof(one))) {
526 log_err_errno("setsockopt(IP_FREEBIND)");
531 if (setsockopt(sd, SOL_IPV6, IPV6_FREEBIND, &one, sizeof(one))) {
532 log_err_errno("setsockopt(IPV6_FREEBIND");
541 static int set_broadcast(int sd)
543 unsigned int one = 1;
546 if (setsockopt(sd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) != 0) {
547 log_err_errno("setsockopt(SO_BROADCAST)");
554 static int set_reuseport(int sd)
556 unsigned int one = 1;
559 if (setsockopt(sd, SOL_SOCKET, SO_REUSEPORT, &one, sizeof(one)) != 0) {
560 log_err_errno("setsockopt(SO_REUSEPORT)");
567 static int set_reuseaddr(int sd)
569 unsigned int one = 1;
572 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) != 0) {
573 log_err_errno("setsockopt(SO_REUSEADDR)");
580 static int str_to_uint(const char *str, int min, int max, unsigned int *value)
586 number = (unsigned int) strtoul(str, &end, 0);
588 /* entire string should be consumed by conversion
589 * and value should be between min and max
591 if (((*end == '\0') || (*end == '\n')) && (end != str) &&
592 (errno != ERANGE) && (min <= number) && (number <= max)) {
600 static int resolve_devices(struct sock_args *args)
603 args->ifindex = get_ifidx(args->dev);
604 if (args->ifindex < 0) {
605 log_error("Invalid device name\n");
610 if (args->expected_dev) {
613 if (str_to_uint(args->expected_dev, 0, INT_MAX, &tmp) == 0) {
614 args->expected_ifindex = (int)tmp;
616 args->expected_ifindex = get_ifidx(args->expected_dev);
617 if (args->expected_ifindex < 0) {
618 fprintf(stderr, "Invalid expected device\n");
627 static int expected_addr_match(struct sockaddr *sa, void *expected,
633 if (sa->sa_family == AF_INET) {
634 struct sockaddr_in *s = (struct sockaddr_in *) sa;
635 struct in_addr *exp_in = (struct in_addr *) expected;
637 if (s->sin_addr.s_addr != exp_in->s_addr) {
638 log_error("%s address does not match expected %s\n",
640 inet_ntop(AF_INET, exp_in,
641 addrstr, sizeof(addrstr)));
644 } else if (sa->sa_family == AF_INET6) {
645 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
646 struct in6_addr *exp_in = (struct in6_addr *) expected;
648 if (memcmp(&s6->sin6_addr, exp_in, sizeof(*exp_in))) {
649 log_error("%s address does not match expected %s\n",
651 inet_ntop(AF_INET6, exp_in,
652 addrstr, sizeof(addrstr)));
656 log_error("%s address does not match expected - unknown family\n",
662 log_msg("%s address matches expected\n", desc);
667 static int show_sockstat(int sd, struct sock_args *args)
669 struct sockaddr_in6 local_addr, remote_addr;
670 socklen_t alen = sizeof(local_addr);
675 desc = server_mode ? "server local:" : "client local:";
676 sa = (struct sockaddr *) &local_addr;
677 if (getsockname(sd, sa, &alen) == 0) {
678 log_address(desc, sa);
680 if (args->has_expected_laddr) {
681 rc = expected_addr_match(sa, &args->expected_laddr,
685 log_err_errno("getsockname failed");
688 sa = (struct sockaddr *) &remote_addr;
689 desc = server_mode ? "server peer:" : "client peer:";
690 if (getpeername(sd, sa, &alen) == 0) {
691 log_address(desc, sa);
693 if (args->has_expected_raddr) {
694 rc |= expected_addr_match(sa, &args->expected_raddr,
698 log_err_errno("getpeername failed");
708 ADDR_TYPE_EXPECTED_LOCAL,
709 ADDR_TYPE_EXPECTED_REMOTE,
710 ADDR_TYPE_MD5_PREFIX,
713 static int convert_addr(struct sock_args *args, const char *_str,
714 enum addr_type atype)
716 int pfx_len_max = args->version == AF_INET6 ? 128 : 32;
717 int family = args->version;
718 char *str, *dev, *sep;
719 struct in6_addr *in6;
730 case ADDR_TYPE_LOCAL:
732 addr = &args->local_addr;
734 case ADDR_TYPE_REMOTE:
736 addr = &args->remote_addr;
738 case ADDR_TYPE_MCAST:
742 case ADDR_TYPE_EXPECTED_LOCAL:
743 desc = "expected local";
744 addr = &args->expected_laddr;
746 case ADDR_TYPE_EXPECTED_REMOTE:
747 desc = "expected remote";
748 addr = &args->expected_raddr;
750 case ADDR_TYPE_MD5_PREFIX:
752 if (family == AF_INET) {
753 args->md5_prefix.v4.sin_family = AF_INET;
754 addr = &args->md5_prefix.v4.sin_addr;
755 } else if (family == AF_INET6) {
756 args->md5_prefix.v6.sin6_family = AF_INET6;
757 addr = &args->md5_prefix.v6.sin6_addr;
761 sep = strchr(str, '/');
765 if (str_to_uint(sep, 1, pfx_len_max,
766 &args->prefix_len) != 0) {
767 fprintf(stderr, "Invalid port\n");
771 args->prefix_len = 0;
775 log_error("unknown address type\n");
781 in = (struct in_addr *) addr;
783 if (inet_pton(AF_INET, str, in) == 0) {
784 log_error("Invalid %s IP address\n", desc);
789 in->s_addr = htonl(INADDR_ANY);
794 dev = strchr(str, '%');
800 in6 = (struct in6_addr *) addr;
802 if (inet_pton(AF_INET6, str, in6) == 0) {
803 log_error("Invalid %s IPv6 address\n", desc);
811 args->scope_id = get_ifidx(dev);
812 if (args->scope_id < 0) {
813 log_error("Invalid scope on %s IPv6 address\n",
822 log_error("Invalid address family\n");
830 static int validate_addresses(struct sock_args *args)
832 if (args->local_addr_str &&
833 convert_addr(args, args->local_addr_str, ADDR_TYPE_LOCAL) < 0)
836 if (args->remote_addr_str &&
837 convert_addr(args, args->remote_addr_str, ADDR_TYPE_REMOTE) < 0)
840 if (args->md5_prefix_str &&
841 convert_addr(args, args->md5_prefix_str,
842 ADDR_TYPE_MD5_PREFIX) < 0)
845 if (args->expected_laddr_str &&
846 convert_addr(args, args->expected_laddr_str,
847 ADDR_TYPE_EXPECTED_LOCAL))
850 if (args->expected_raddr_str &&
851 convert_addr(args, args->expected_raddr_str,
852 ADDR_TYPE_EXPECTED_REMOTE))
858 static int get_index_from_cmsg(struct msghdr *m)
864 for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(m);
865 m->msg_controllen != 0 && cm;
866 cm = (struct cmsghdr *)CMSG_NXTHDR(m, cm)) {
868 if (cm->cmsg_level == SOL_IP &&
869 cm->cmsg_type == IP_PKTINFO) {
870 struct in_pktinfo *pi;
872 pi = (struct in_pktinfo *)(CMSG_DATA(cm));
873 inet_ntop(AF_INET, &pi->ipi_addr, buf, sizeof(buf));
874 ifindex = pi->ipi_ifindex;
875 } else if (cm->cmsg_level == SOL_IPV6 &&
876 cm->cmsg_type == IPV6_PKTINFO) {
877 struct in6_pktinfo *pi6;
879 pi6 = (struct in6_pktinfo *)(CMSG_DATA(cm));
880 inet_ntop(AF_INET6, &pi6->ipi6_addr, buf, sizeof(buf));
881 ifindex = pi6->ipi6_ifindex;
886 log_msg(" pktinfo: ifindex %d dest addr %s\n",
892 static int send_msg_no_cmsg(int sd, void *addr, socklen_t alen)
897 err = sendto(sd, msg, msglen, 0, addr, alen);
899 if (errno == EACCES && try_broadcast) {
901 if (!set_broadcast(sd))
906 log_err_errno("sendto failed");
913 static int send_msg_cmsg(int sd, void *addr, socklen_t alen,
914 int ifindex, int version)
916 unsigned char cmsgbuf[64];
922 iov[0].iov_base = msg;
923 iov[0].iov_len = msglen;
926 m.msg_name = (caddr_t)addr;
927 m.msg_namelen = alen;
929 memset(cmsgbuf, 0, sizeof(cmsgbuf));
930 cm = (struct cmsghdr *)cmsgbuf;
931 m.msg_control = (caddr_t)cm;
933 if (version == AF_INET) {
934 struct in_pktinfo *pi;
936 cm->cmsg_level = SOL_IP;
937 cm->cmsg_type = IP_PKTINFO;
938 cm->cmsg_len = CMSG_LEN(sizeof(struct in_pktinfo));
939 pi = (struct in_pktinfo *)(CMSG_DATA(cm));
940 pi->ipi_ifindex = ifindex;
942 m.msg_controllen = cm->cmsg_len;
944 } else if (version == AF_INET6) {
945 struct in6_pktinfo *pi6;
947 cm->cmsg_level = SOL_IPV6;
948 cm->cmsg_type = IPV6_PKTINFO;
949 cm->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo));
951 pi6 = (struct in6_pktinfo *)(CMSG_DATA(cm));
952 pi6->ipi6_ifindex = ifindex;
954 m.msg_controllen = cm->cmsg_len;
958 err = sendmsg(sd, &m, 0);
960 if (errno == EACCES && try_broadcast) {
962 if (!set_broadcast(sd))
967 log_err_errno("sendmsg failed");
975 static int send_msg(int sd, void *addr, socklen_t alen, struct sock_args *args)
977 if (args->type == SOCK_STREAM) {
978 if (write(sd, msg, msglen) < 0) {
979 log_err_errno("write failed sending msg to peer");
982 } else if (args->ifindex && args->use_cmsg) {
983 if (send_msg_cmsg(sd, addr, alen, args->ifindex, args->version))
986 if (send_msg_no_cmsg(sd, addr, alen))
990 log_msg("Sent message:\n");
991 log_msg(" %.24s%s\n", msg, msglen > 24 ? " ..." : "");
996 static int socket_read_dgram(int sd, struct sock_args *args)
998 unsigned char addr[sizeof(struct sockaddr_in6)];
999 struct sockaddr *sa = (struct sockaddr *) addr;
1000 socklen_t alen = sizeof(addr);
1001 struct iovec iov[2];
1003 .msg_name = (caddr_t)addr,
1004 .msg_namelen = alen,
1008 unsigned char cmsgbuf[256];
1009 struct cmsghdr *cm = (struct cmsghdr *)cmsgbuf;
1014 iov[0].iov_base = (caddr_t)buf;
1015 iov[0].iov_len = sizeof(buf);
1017 memset(cmsgbuf, 0, sizeof(cmsgbuf));
1018 m.msg_control = (caddr_t)cm;
1019 m.msg_controllen = sizeof(cmsgbuf);
1021 len = recvmsg(sd, &m, 0);
1023 log_msg("peer closed connection.\n");
1025 } else if (len < 0) {
1026 log_msg("failed to read message: %d: %s\n",
1027 errno, strerror(errno));
1033 log_address("Message from:", sa);
1034 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1036 ifindex = get_index_from_cmsg(&m);
1037 if (args->expected_ifindex) {
1038 if (args->expected_ifindex != ifindex) {
1039 log_error("Device index mismatch: expected %d have %d\n",
1040 args->expected_ifindex, ifindex);
1043 log_msg("Device index matches: expected %d have %d\n",
1044 args->expected_ifindex, ifindex);
1047 if (!interactive && server_mode) {
1048 if (sa->sa_family == AF_INET6) {
1049 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
1050 struct in6_addr *in6 = &s6->sin6_addr;
1052 if (IN6_IS_ADDR_V4MAPPED(in6)) {
1053 const uint32_t *pa = (uint32_t *) &in6->s6_addr;
1055 struct sockaddr_in *sin;
1057 sin = (struct sockaddr_in *) addr;
1060 sin->sin_addr = in4;
1061 sin->sin_family = AF_INET;
1062 if (send_msg_cmsg(sd, addr, alen,
1063 ifindex, AF_INET) < 0)
1068 iov[0].iov_len = len;
1070 if (args->version == AF_INET6) {
1071 struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) sa;
1074 /* avoid PKTINFO conflicts with bindtodev */
1075 if (sendto(sd, buf, len, 0,
1076 (void *) addr, alen) < 0)
1079 /* kernel is allowing scope_id to be set to VRF
1080 * index for LLA. for sends to global address
1083 s6->sin6_scope_id = ifindex;
1084 if (sendmsg(sd, &m, 0) < 0)
1090 err = sendmsg(sd, &m, 0);
1092 if (errno == EACCES && try_broadcast) {
1094 if (!set_broadcast(sd))
1101 log_msg("Sent message:\n");
1102 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1107 log_err_errno("failed to send msg to peer");
1111 static int socket_read_stream(int sd)
1116 len = read(sd, buf, sizeof(buf)-1);
1118 log_msg("client closed connection.\n");
1120 } else if (len < 0) {
1121 log_msg("failed to read message\n");
1126 log_msg("Incoming message:\n");
1127 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1129 if (!interactive && server_mode) {
1130 if (write(sd, buf, len) < 0) {
1131 log_err_errno("failed to send buf");
1134 log_msg("Sent message:\n");
1135 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1141 static int socket_read(int sd, struct sock_args *args)
1143 if (args->type == SOCK_STREAM)
1144 return socket_read_stream(sd);
1146 return socket_read_dgram(sd, args);
1149 static int stdin_to_socket(int sd, int type, void *addr, socklen_t alen)
1154 if (fgets(buf, sizeof(buf), stdin) == NULL)
1158 if (type == SOCK_STREAM) {
1159 if (write(sd, buf, len) < 0) {
1160 log_err_errno("failed to send buf");
1167 err = sendto(sd, buf, len, 0, addr, alen);
1169 if (errno == EACCES && try_broadcast) {
1171 if (!set_broadcast(sd))
1175 log_err_errno("failed to send msg to peer");
1179 log_msg("Sent message:\n");
1180 log_msg(" %.24s%s\n", buf, len > 24 ? " ..." : "");
1185 static void set_recv_attr(int sd, int version)
1187 if (version == AF_INET6) {
1188 set_recvpktinfo_v6(sd);
1196 static int msg_loop(int client, int sd, void *addr, socklen_t alen,
1197 struct sock_args *args)
1199 struct timeval timeout = { .tv_sec = prog_timeout }, *ptval = NULL;
1204 if (args->type != SOCK_STREAM)
1205 set_recv_attr(sd, args->version);
1208 msglen = strlen(msg);
1210 /* client sends first message */
1212 if (send_msg(sd, addr, alen, args))
1222 nfds = interactive ? MAX(fileno(stdin), sd) + 1 : sd + 1;
1227 FD_SET(fileno(stdin), &rfds);
1229 rc = select(nfds, &rfds, NULL, NULL, ptval);
1235 log_err_errno("select failed");
1237 } else if (rc == 0) {
1238 log_error("Timed out waiting for response\n");
1243 if (FD_ISSET(sd, &rfds)) {
1244 rc = socket_read(sd, args);
1255 if (FD_ISSET(fileno(stdin), &rfds)) {
1256 if (stdin_to_socket(sd, args->type, addr, alen) <= 0)
1269 log_msg("Going into quiet mode\n");
1273 if (send_msg(sd, addr, alen, args)) {
1283 static int msock_init(struct sock_args *args, int server)
1285 uint32_t if_addr = htonl(INADDR_ANY);
1286 struct sockaddr_in laddr = {
1287 .sin_family = AF_INET,
1288 .sin_port = htons(args->port),
1293 if (!server && args->has_local_ip)
1294 if_addr = args->local_addr.in.s_addr;
1296 sd = socket(PF_INET, SOCK_DGRAM, 0);
1298 log_err_errno("socket");
1302 if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR,
1303 (char *)&one, sizeof(one)) < 0) {
1304 log_err_errno("Setting SO_REUSEADDR error");
1308 if (setsockopt(sd, SOL_SOCKET, SO_BROADCAST,
1309 (char *)&one, sizeof(one)) < 0)
1310 log_err_errno("Setting SO_BROADCAST error");
1312 if (args->dev && bind_to_device(sd, args->dev) != 0)
1314 else if (args->use_setsockopt &&
1315 set_multicast_if(sd, args->ifindex))
1318 laddr.sin_addr.s_addr = if_addr;
1320 if (bind(sd, (struct sockaddr *) &laddr, sizeof(laddr)) < 0) {
1321 log_err_errno("bind failed");
1326 set_membership(sd, args->grp.s_addr,
1327 args->local_addr.in.s_addr, args->ifindex))
1336 static int msock_server(struct sock_args *args)
1338 return msock_init(args, 1);
1341 static int msock_client(struct sock_args *args)
1343 return msock_init(args, 0);
1346 static int bind_socket(int sd, struct sock_args *args)
1348 struct sockaddr_in serv_addr = {
1349 .sin_family = AF_INET,
1351 struct sockaddr_in6 serv6_addr = {
1352 .sin6_family = AF_INET6,
1357 if (!args->has_local_ip && args->type == SOCK_RAW)
1360 switch (args->version) {
1362 serv_addr.sin_port = htons(args->port);
1363 serv_addr.sin_addr = args->local_addr.in;
1365 alen = sizeof(serv_addr);
1369 serv6_addr.sin6_port = htons(args->port);
1370 serv6_addr.sin6_addr = args->local_addr.in6;
1372 alen = sizeof(serv6_addr);
1376 log_error("Invalid address family\n");
1380 if (bind(sd, addr, alen) < 0) {
1381 log_err_errno("error binding socket");
1388 static int config_xfrm_policy(int sd, struct sock_args *args)
1390 struct xfrm_userpolicy_info policy = {};
1391 int type = UDP_ENCAP_ESPINUDP;
1392 int xfrm_af = IP_XFRM_POLICY;
1395 if (args->type != SOCK_DGRAM) {
1396 log_error("Invalid socket type. Only DGRAM could be used for XFRM\n");
1400 policy.action = XFRM_POLICY_ALLOW;
1401 policy.sel.family = args->version;
1402 if (args->version == AF_INET6) {
1403 xfrm_af = IPV6_XFRM_POLICY;
1407 policy.dir = XFRM_POLICY_OUT;
1408 if (setsockopt(sd, level, xfrm_af, &policy, sizeof(policy)) < 0)
1411 policy.dir = XFRM_POLICY_IN;
1412 if (setsockopt(sd, level, xfrm_af, &policy, sizeof(policy)) < 0)
1415 if (setsockopt(sd, IPPROTO_UDP, UDP_ENCAP, &type, sizeof(type)) < 0) {
1416 log_err_errno("Failed to set xfrm encap");
1423 static int lsock_init(struct sock_args *args)
1428 sd = socket(args->version, args->type, args->protocol);
1430 log_err_errno("Error opening socket");
1434 if (set_reuseaddr(sd) != 0)
1437 if (set_reuseport(sd) != 0)
1440 if (args->dev && bind_to_device(sd, args->dev) != 0)
1442 else if (args->use_setsockopt &&
1443 set_unicast_if(sd, args->ifindex, args->version))
1446 if (args->use_freebind && set_freebind(sd, args->version))
1449 if (bind_socket(sd, args))
1452 if (args->bind_test_only)
1455 if (args->type == SOCK_STREAM && listen(sd, 1) < 0) {
1456 log_err_errno("listen failed");
1460 flags = fcntl(sd, F_GETFL);
1461 if ((flags < 0) || (fcntl(sd, F_SETFL, flags|O_NONBLOCK) < 0)) {
1462 log_err_errno("Failed to set non-blocking option");
1466 if (fcntl(sd, F_SETFD, FD_CLOEXEC) < 0)
1467 log_err_errno("Failed to set close-on-exec flag");
1469 if (args->use_xfrm && config_xfrm_policy(sd, args)) {
1470 log_err_errno("Failed to set xfrm policy");
1482 static void ipc_write(int fd, int message)
1484 /* Not in both_mode, so there's no process to signal */
1488 if (write(fd, &message, sizeof(message)) < 0)
1489 log_err_errno("Failed to send client status");
1492 static int do_server(struct sock_args *args, int ipc_fd)
1494 /* ipc_fd = -1 if no parent process to signal */
1495 struct timeval timeout = { .tv_sec = prog_timeout }, *ptval = NULL;
1496 unsigned char addr[sizeof(struct sockaddr_in6)] = {};
1497 socklen_t alen = sizeof(addr);
1503 if (args->serverns) {
1504 if (switch_ns(args->serverns)) {
1505 log_error("Could not set server netns to %s\n",
1509 log_msg("Switched server netns\n");
1512 args->dev = args->server_dev;
1513 args->expected_dev = args->expected_server_dev;
1514 if (resolve_devices(args) || validate_addresses(args))
1521 lsd = msock_server(args);
1523 lsd = lsock_init(args);
1528 if (args->bind_test_only) {
1530 ipc_write(ipc_fd, 1);
1534 if (args->type != SOCK_STREAM) {
1535 ipc_write(ipc_fd, 1);
1536 rc = msg_loop(0, lsd, (void *) addr, alen, args);
1541 if (args->password && tcp_md5_remote(lsd, args)) {
1546 ipc_write(ipc_fd, 1);
1548 log_msg("waiting for client connection.\n");
1552 rc = select(lsd+1, &rfds, NULL, NULL, ptval);
1562 log_err_errno("select failed");
1566 if (FD_ISSET(lsd, &rfds)) {
1568 csd = accept(lsd, (void *) addr, &alen);
1570 log_err_errno("accept failed");
1574 rc = show_sockstat(csd, args);
1578 rc = check_device(csd, args);
1583 rc = msg_loop(0, csd, (void *) addr, alen, args);
1594 ipc_write(ipc_fd, 0);
1598 static int wait_for_connect(int sd)
1600 struct timeval _tv = { .tv_sec = prog_timeout }, *tv = NULL;
1602 int val = 0, sz = sizeof(val);
1611 rc = select(FD_SETSIZE, NULL, &wfd, NULL, tv);
1613 log_error("connect timed out\n");
1615 } else if (rc < 0) {
1616 log_err_errno("select failed");
1620 if (getsockopt(sd, SOL_SOCKET, SO_ERROR, &val, (socklen_t *)&sz) < 0) {
1621 log_err_errno("getsockopt(SO_ERROR) failed");
1626 log_error("connect failed: %d: %s\n", val, strerror(val));
1633 static int connectsock(void *addr, socklen_t alen, struct sock_args *args)
1638 sd = socket(args->version, args->type, args->protocol);
1640 log_err_errno("Failed to create socket");
1644 flags = fcntl(sd, F_GETFL);
1645 if ((flags < 0) || (fcntl(sd, F_SETFL, flags|O_NONBLOCK) < 0)) {
1646 log_err_errno("Failed to set non-blocking option");
1650 if (set_reuseport(sd) != 0)
1653 if (args->dev && bind_to_device(sd, args->dev) != 0)
1655 else if (args->use_setsockopt &&
1656 set_unicast_if(sd, args->ifindex, args->version))
1659 if (args->has_local_ip && bind_socket(sd, args))
1662 if (args->type != SOCK_STREAM)
1665 if (args->password && tcp_md5sig(sd, addr, alen, args))
1668 if (args->bind_test_only)
1671 if (connect(sd, addr, alen) < 0) {
1672 if (errno != EINPROGRESS) {
1673 log_err_errno("Failed to connect to remote host");
1677 rc = wait_for_connect(sd);
1689 static int do_client(struct sock_args *args)
1691 struct sockaddr_in sin = {
1692 .sin_family = AF_INET,
1694 struct sockaddr_in6 sin6 = {
1695 .sin6_family = AF_INET6,
1702 if (!args->has_remote_ip && !args->has_grp) {
1703 fprintf(stderr, "remote IP or multicast group not given\n");
1707 if (args->clientns) {
1708 if (switch_ns(args->clientns)) {
1709 log_error("Could not set client netns to %s\n",
1713 log_msg("Switched client netns\n");
1716 args->local_addr_str = args->client_local_addr_str;
1717 if (resolve_devices(args) || validate_addresses(args))
1720 if ((args->use_setsockopt || args->use_cmsg) && !args->ifindex) {
1721 fprintf(stderr, "Device binding not specified\n");
1724 if (args->use_setsockopt || args->use_cmsg)
1727 switch (args->version) {
1729 sin.sin_port = htons(args->port);
1731 sin.sin_addr = args->grp;
1733 sin.sin_addr = args->remote_addr.in;
1738 sin6.sin6_port = htons(args->port);
1739 sin6.sin6_addr = args->remote_addr.in6;
1740 sin6.sin6_scope_id = args->scope_id;
1742 alen = sizeof(sin6);
1746 args->password = args->client_pw;
1749 sd = msock_client(args);
1751 sd = connectsock(addr, alen, args);
1756 if (args->bind_test_only)
1759 if (args->type == SOCK_STREAM) {
1760 rc = show_sockstat(sd, args);
1765 rc = msg_loop(1, sd, addr, alen, args);
1773 static char *random_msg(int len)
1775 int i, n = 0, olen = len + 1;
1786 i = snprintf(m + n, olen - n, "%.26s",
1787 "abcdefghijklmnopqrstuvwxyz");
1791 i = snprintf(m + n, olen - n, "%.*s", len,
1792 "abcdefghijklmnopqrstuvwxyz");
1796 static int ipc_child(int fd, struct sock_args *args)
1798 char *outbuf, *errbuf;
1801 outbuf = malloc(4096);
1802 errbuf = malloc(4096);
1803 if (!outbuf || !errbuf) {
1804 fprintf(stderr, "server: Failed to allocate buffers for stdout and stderr\n");
1808 setbuffer(stdout, outbuf, 4096);
1809 setbuffer(stderr, errbuf, 4096);
1811 server_mode = 1; /* to tell log_msg in case we are in both_mode */
1813 /* when running in both mode, address validation applies
1814 * solely to client side
1816 args->has_expected_laddr = 0;
1817 args->has_expected_raddr = 0;
1819 rc = do_server(args, fd);
1828 static int ipc_parent(int cpid, int fd, struct sock_args *args)
1834 /* do the client-side function here in the parent process,
1835 * waiting to be told when to continue
1837 if (read(fd, &buf, sizeof(buf)) <= 0) {
1838 log_err_errno("Failed to read IPC status from status");
1842 log_error("Server failed; can not continue\n");
1845 log_msg("Server is ready\n");
1847 client_status = do_client(args);
1848 log_msg("parent is done!\n");
1850 if (kill(cpid, 0) == 0)
1851 kill(cpid, SIGKILL);
1854 return client_status;
1857 #define GETOPT_STR "sr:l:c:p:t:g:P:DRn:M:X:m:d:I:BN:O:SCi6xL:0:1:2:3:Fbqf"
1858 #define OPT_FORCE_BIND_KEY_IFINDEX 1001
1859 #define OPT_NO_BIND_KEY_IFINDEX 1002
1861 static struct option long_opts[] = {
1862 {"force-bind-key-ifindex", 0, 0, OPT_FORCE_BIND_KEY_IFINDEX},
1863 {"no-bind-key-ifindex", 0, 0, OPT_NO_BIND_KEY_IFINDEX},
1867 static void print_usage(char *prog)
1872 " -r addr remote address to connect to (client mode only)\n"
1873 " -p port port to connect to (client mode)/listen on (server mode)\n"
1875 " -s server mode (default: client mode)\n"
1876 " -t timeout seconds (default: none)\n"
1879 " -B do both client and server via fork and IPC\n"
1880 " -N ns set client to network namespace ns (requires root)\n"
1881 " -O ns set server to network namespace ns (requires root)\n"
1882 " -F Restart server loop\n"
1883 " -6 IPv6 (default is IPv4)\n"
1884 " -P proto protocol for socket: icmp, ospf (default: none)\n"
1885 " -D|R datagram (D) / raw (R) socket (default stream)\n"
1886 " -l addr local address to bind to in server mode\n"
1887 " -c addr local address to bind to in client mode\n"
1888 " -x configure XFRM policy on socket\n"
1890 " -d dev bind socket to given device name\n"
1891 " -I dev bind socket to given device name - server mode\n"
1892 " -S use setsockopt (IP_UNICAST_IF or IP_MULTICAST_IF)\n"
1893 " to set device binding\n"
1894 " -f bind socket with the IP[V6]_FREEBIND option\n"
1895 " -C use cmsg and IP_PKTINFO to specify device binding\n"
1897 " -L len send random message of given length\n"
1898 " -n num number of times to send message\n"
1900 " -M password use MD5 sum protection\n"
1901 " -X password MD5 password for client mode\n"
1902 " -m prefix/len prefix and length to use for MD5 key\n"
1903 " --no-bind-key-ifindex: Force TCP_MD5SIG_FLAG_IFINDEX off\n"
1904 " --force-bind-key-ifindex: Force TCP_MD5SIG_FLAG_IFINDEX on\n"
1905 " (default: only if -I is passed)\n"
1907 " -g grp multicast group (e.g., 239.1.1.1)\n"
1908 " -i interactive mode (default is echo and terminate)\n"
1910 " -0 addr Expected local address\n"
1911 " -1 addr Expected remote address\n"
1912 " -2 dev Expected device name (or index) to receive packet\n"
1913 " -3 dev Expected device name (or index) to receive packets - server mode\n"
1915 " -b Bind test only.\n"
1916 " -q Be quiet. Run test without printing anything.\n"
1917 , prog, DEFAULT_PORT);
1920 int main(int argc, char *argv[])
1922 struct sock_args args = {
1924 .type = SOCK_STREAM,
1925 .port = DEFAULT_PORT,
1927 struct protoent *pe;
1934 /* process inputs */
1935 extern char *optarg;
1939 * process input args
1942 while ((rc = getopt_long(argc, argv, GETOPT_STR, long_opts, NULL)) != -1) {
1954 args.has_local_ip = 1;
1955 args.local_addr_str = optarg;
1958 args.has_remote_ip = 1;
1959 args.remote_addr_str = optarg;
1962 args.has_local_ip = 1;
1963 args.client_local_addr_str = optarg;
1966 if (str_to_uint(optarg, 1, 65535, &tmp) != 0) {
1967 fprintf(stderr, "Invalid port\n");
1970 args.port = (unsigned short) tmp;
1973 if (str_to_uint(optarg, 0, INT_MAX,
1974 &prog_timeout) != 0) {
1975 fprintf(stderr, "Invalid timeout\n");
1980 args.type = SOCK_DGRAM;
1983 args.type = SOCK_RAW;
1986 args.protocol = IPPROTO_RAW;
1989 pe = getprotobyname(optarg);
1991 args.protocol = pe->p_proto;
1993 if (str_to_uint(optarg, 0, 0xffff, &tmp) != 0) {
1994 fprintf(stderr, "Invalid protocol\n");
1997 args.protocol = tmp;
2001 iter = atoi(optarg);
2004 args.clientns = optarg;
2007 args.serverns = optarg;
2010 msg = random_msg(atoi(optarg));
2013 args.password = optarg;
2015 case OPT_FORCE_BIND_KEY_IFINDEX:
2016 args.bind_key_ifindex = 1;
2018 case OPT_NO_BIND_KEY_IFINDEX:
2019 args.bind_key_ifindex = -1;
2022 args.client_pw = optarg;
2025 args.md5_prefix_str = optarg;
2028 args.use_setsockopt = 1;
2031 args.use_freebind = 1;
2040 args.server_dev = optarg;
2047 if (convert_addr(&args, optarg, ADDR_TYPE_MCAST) < 0)
2049 args.type = SOCK_DGRAM;
2052 args.version = AF_INET6;
2055 args.bind_test_only = 1;
2058 args.has_expected_laddr = 1;
2059 args.expected_laddr_str = optarg;
2062 args.has_expected_raddr = 1;
2063 args.expected_raddr_str = optarg;
2066 args.expected_dev = optarg;
2069 args.expected_server_dev = optarg;
2078 print_usage(argv[0]);
2083 if (args.password &&
2084 ((!args.has_remote_ip && !args.md5_prefix_str) ||
2085 args.type != SOCK_STREAM)) {
2086 log_error("MD5 passwords apply to TCP only and require a remote ip for the password\n");
2090 if (args.md5_prefix_str && !args.password) {
2091 log_error("Prefix range for MD5 protection specified without a password\n");
2096 fprintf(stderr, "Invalid number of messages to send\n");
2100 if (args.type == SOCK_STREAM && !args.protocol)
2101 args.protocol = IPPROTO_TCP;
2102 if (args.type == SOCK_DGRAM && !args.protocol)
2103 args.protocol = IPPROTO_UDP;
2105 if ((args.type == SOCK_STREAM || args.type == SOCK_DGRAM) &&
2107 fprintf(stderr, "Invalid port number\n");
2111 if ((both_mode || !server_mode) && !args.has_grp &&
2112 !args.has_remote_ip && !args.has_local_ip) {
2114 "Local (server mode) or remote IP (client IP) required\n");
2135 return ipc_parent(cpid, fd[0], &args);
2137 return ipc_child(fd[1], &args);
2142 rc = do_server(&args, -1);
2147 return do_client(&args);