git: 883d1742d3d7 - main - ktls_tests: Log more details when a test fails.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 15 Dec 2022 20:06:59 UTC
The branch main has been updated by jhb:
URL: https://cgit.FreeBSD.org/src/commit/?id=883d1742d3d74635afc3ae2d8208974ac51e3dd9
commit 883d1742d3d74635afc3ae2d8208974ac51e3dd9
Author: John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2022-12-15 20:06:09 +0000
Commit: John Baldwin <jhb@FreeBSD.org>
CommitDate: 2022-12-15 20:06:09 +0000
ktls_tests: Log more details when a test fails.
- Make use of ATF_REQUIRE_INTEQ to log the values of integers for
unexpected mismatches.
- Use ATF_REQUIRE_MSG in a few more places to log values when a
requirement fails.
- Consistently use ATF_REQUIRE_ERRNO when checking for an expected
errno value.
Reviewed by: markj
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D37691
---
tests/sys/kern/ktls_test.c | 157 ++++++++++++++++++++++++---------------------
1 file changed, 85 insertions(+), 72 deletions(-)
diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c
index ee575597f1f2..9488ac24f4cc 100644
--- a/tests/sys/kern/ktls_test.c
+++ b/tests/sys/kern/ktls_test.c
@@ -207,8 +207,8 @@ socketpair_tcp(int sv[2])
pfd.fd = cs;
pfd.events = POLLOUT;
pfd.revents = 0;
- ATF_REQUIRE(poll(&pfd, 1, INFTIM) == 1);
- ATF_REQUIRE(pfd.revents == POLLOUT);
+ ATF_REQUIRE_INTEQ(1, poll(&pfd, 1, INFTIM));
+ ATF_REQUIRE_INTEQ(POLLOUT, pfd.revents);
sv[0] = cs;
sv[1] = as;
@@ -795,8 +795,8 @@ decrypt_tls_aes_cbc_mte(const atf_tc_t *tc, struct tls_enable *en,
hdr = src;
hdr_len = tls_header_len(en);
mac_len = tls_mac_len(en);
- ATF_REQUIRE(hdr->tls_vmajor == TLS_MAJOR_VER_ONE);
- ATF_REQUIRE(hdr->tls_vminor == en->tls_vminor);
+ ATF_REQUIRE_INTEQ(TLS_MAJOR_VER_ONE, hdr->tls_vmajor);
+ ATF_REQUIRE_INTEQ(en->tls_vminor, hdr->tls_vminor);
debug(tc, "decrypting MTE record seqno %ju:\n", (uintmax_t)seqno);
debug_hexdump(tc, src, len, NULL);
@@ -826,8 +826,11 @@ decrypt_tls_aes_cbc_mte(const atf_tc_t *tc, struct tls_enable *en,
* The kernel always generates the smallest amount of padding.
*/
padding = buf[payload_len - 1] + 1;
- ATF_REQUIRE(padding > 0 && padding <= AES_BLOCK_LEN);
- ATF_REQUIRE(payload_len >= mac_len + padding);
+ ATF_REQUIRE_MSG(padding > 0 && padding <= AES_BLOCK_LEN,
+ "invalid padding %d", padding);
+ ATF_REQUIRE_MSG(payload_len >= mac_len + padding,
+ "payload_len (%zu) < mac_len (%zu) + padding (%d)", payload_len,
+ mac_len, padding);
payload_len -= padding;
/* Verify HMAC. */
@@ -837,7 +840,8 @@ decrypt_tls_aes_cbc_mte(const atf_tc_t *tc, struct tls_enable *en,
ATF_REQUIRE(verify_hash(tls_EVP_MD(en), en->auth_key, en->auth_key_len,
&aad, sizeof(aad), buf, payload_len, buf + payload_len));
- ATF_REQUIRE(payload_len <= avail);
+ ATF_REQUIRE_MSG(payload_len <= avail, "payload_len (%zu) < avail (%zu)",
+ payload_len, avail);
memcpy(dst, buf, payload_len);
*record_type = hdr->tls_type;
return (payload_len);
@@ -857,8 +861,8 @@ decrypt_tls_12_aead(const atf_tc_t *tc, struct tls_enable *en, uint64_t seqno,
hdr_len = tls_header_len(en);
mac_len = tls_mac_len(en);
payload_len = len - (hdr_len + mac_len);
- ATF_REQUIRE(hdr->tls_vmajor == TLS_MAJOR_VER_ONE);
- ATF_REQUIRE(hdr->tls_vminor == TLS_MINOR_VER_TWO);
+ ATF_REQUIRE_INTEQ(TLS_MAJOR_VER_ONE, hdr->tls_vmajor);
+ ATF_REQUIRE_INTEQ(TLS_MINOR_VER_TWO, hdr->tls_vminor);
debug(tc, "decrypting TLS 1.2 record seqno %ju:\n", (uintmax_t)seqno);
debug_hexdump(tc, src, len, NULL);
@@ -893,10 +897,12 @@ decrypt_tls_13_aead(const atf_tc_t *tc, struct tls_enable *en, uint64_t seqno,
hdr_len = tls_header_len(en);
mac_len = tls_mac_len(en);
payload_len = len - (hdr_len + mac_len);
- ATF_REQUIRE(payload_len >= 1);
- ATF_REQUIRE(hdr->tls_type == TLS_RLTYPE_APP);
- ATF_REQUIRE(hdr->tls_vmajor == TLS_MAJOR_VER_ONE);
- ATF_REQUIRE(hdr->tls_vminor == TLS_MINOR_VER_TWO);
+ ATF_REQUIRE_MSG(payload_len >= 1,
+ "payload_len (%zu) too short: len %zu hdr_len %zu mac_len %zu",
+ payload_len, len, hdr_len, mac_len);
+ ATF_REQUIRE_INTEQ(TLS_RLTYPE_APP, hdr->tls_type);
+ ATF_REQUIRE_INTEQ(TLS_MAJOR_VER_ONE, hdr->tls_vmajor);
+ ATF_REQUIRE_INTEQ(TLS_MINOR_VER_TWO, hdr->tls_vminor);
debug(tc, "decrypting TLS 1.3 record seqno %ju:\n", (uintmax_t)seqno);
debug_hexdump(tc, src, len, NULL);
@@ -934,17 +940,18 @@ decrypt_tls_aead(const atf_tc_t *tc, struct tls_enable *en, uint64_t seqno,
size_t payload_len;
hdr = src;
- ATF_REQUIRE(ntohs(hdr->tls_length) + sizeof(*hdr) == len);
+ ATF_REQUIRE_INTEQ(len, ntohs(hdr->tls_length) + sizeof(*hdr));
payload_len = len - (tls_header_len(en) + tls_trailer_len(en));
- ATF_REQUIRE(payload_len <= avail);
+ ATF_REQUIRE_MSG(payload_len <= avail, "payload_len (%zu) > avail (%zu)",
+ payload_len, avail);
if (en->tls_vminor == TLS_MINOR_VER_TWO) {
- ATF_REQUIRE(decrypt_tls_12_aead(tc, en, seqno, src, len, dst,
- record_type) == payload_len);
+ ATF_REQUIRE_INTEQ(payload_len, decrypt_tls_12_aead(tc, en,
+ seqno, src, len, dst, record_type));
} else {
- ATF_REQUIRE(decrypt_tls_13_aead(tc, en, seqno, src, len, dst,
- record_type) == payload_len);
+ ATF_REQUIRE_INTEQ(payload_len, decrypt_tls_13_aead(tc, en,
+ seqno, src, len, dst, record_type));
}
return (payload_len);
@@ -980,7 +987,7 @@ encrypt_tls_aes_cbc_mte(const atf_tc_t *tc, struct tls_enable *en,
size_t hdr_len, mac_len, record_len;
u_int digest_len, i;
- ATF_REQUIRE(padding % 16 == 0);
+ ATF_REQUIRE_INTEQ(0, padding % 16);
hdr = dst;
buf = dst;
@@ -989,10 +996,13 @@ encrypt_tls_aes_cbc_mte(const atf_tc_t *tc, struct tls_enable *en,
hdr_len = tls_header_len(en);
mac_len = tls_mac_len(en);
padding += (AES_BLOCK_LEN - (len + mac_len) % AES_BLOCK_LEN);
- ATF_REQUIRE(padding > 0 && padding <= 255);
+ ATF_REQUIRE_MSG(padding > 0 && padding <= 255, "invalid padding (%zu)",
+ padding);
record_len = hdr_len + len + mac_len + padding;
- ATF_REQUIRE(record_len <= avail);
+ ATF_REQUIRE_MSG(record_len <= avail, "record_len (%zu) > avail (%zu): "
+ "hdr_len %zu, len %zu, mac_len %zu, padding %zu", record_len,
+ avail, hdr_len, len, mac_len, padding);
hdr->tls_type = record_type;
hdr->tls_vmajor = TLS_MAJOR_VER_ONE;
@@ -1012,12 +1022,13 @@ encrypt_tls_aes_cbc_mte(const atf_tc_t *tc, struct tls_enable *en,
debug_hexdump(tc, src, len, "plaintext");
ATF_REQUIRE(compute_hash(tls_EVP_MD(en), en->auth_key, en->auth_key_len,
&aad, sizeof(aad), src, len, buf + hdr_len + len, &digest_len));
- ATF_REQUIRE(digest_len == mac_len);
+ ATF_REQUIRE_INTEQ(mac_len, digest_len);
/* Store padding. */
for (i = 0; i < padding; i++)
buf[hdr_len + len + mac_len + i] = padding - 1;
- debug_hexdump(tc, buf + hdr_len + len, mac_len + padding, "MAC and padding");
+ debug_hexdump(tc, buf + hdr_len + len, mac_len + padding,
+ "MAC and padding");
/* Encrypt the record. */
ATF_REQUIRE(cbc_encrypt(tls_EVP_CIPHER(en), en->cipher_key, iv,
@@ -1123,15 +1134,17 @@ encrypt_tls_aead(const atf_tc_t *tc, struct tls_enable *en,
size_t record_len;
record_len = tls_header_len(en) + len + padding + tls_trailer_len(en);
- ATF_REQUIRE(record_len <= avail);
+ ATF_REQUIRE_MSG(record_len <= avail, "record_len (%zu) > avail (%zu): "
+ "header %zu len %zu padding %zu trailer %zu", record_len, avail,
+ tls_header_len(en), len, padding, tls_trailer_len(en));
if (en->tls_vminor == TLS_MINOR_VER_TWO) {
- ATF_REQUIRE(padding == 0);
- ATF_REQUIRE(encrypt_tls_12_aead(tc, en, record_type, seqno, src,
- len, dst) == record_len);
+ ATF_REQUIRE_INTEQ(0, padding);
+ ATF_REQUIRE_INTEQ(record_len, encrypt_tls_12_aead(tc, en,
+ record_type, seqno, src, len, dst));
} else
- ATF_REQUIRE(encrypt_tls_13_aead(tc, en, record_type, seqno, src,
- len, dst, padding) == record_len);
+ ATF_REQUIRE_INTEQ(record_len, encrypt_tls_13_aead(tc, en,
+ record_type, seqno, src, len, dst, padding));
return (record_len);
}
@@ -1243,7 +1256,8 @@ test_ktls_transmit_app_data(const atf_tc_t *tc, struct tls_enable *en,
record_len - outbuf_len);
if (rv == -1 && errno == EAGAIN)
break;
- ATF_REQUIRE_MSG(rv > 0, "failed to read from socket");
+ ATF_REQUIRE_MSG(rv > 0,
+ "failed to read from socket: %s", strerror(errno));
outbuf_len += rv;
if (outbuf_len == record_len) {
@@ -1251,7 +1265,7 @@ test_ktls_transmit_app_data(const atf_tc_t *tc, struct tls_enable *en,
seqno, outbuf, outbuf_len,
decrypted + decrypted_len,
len - decrypted_len, &record_type);
- ATF_REQUIRE(record_type == TLS_RLTYPE_APP);
+ ATF_REQUIRE_INTEQ(TLS_RLTYPE_APP, record_type);
seqno++;
outbuf_len = 0;
@@ -1296,7 +1310,7 @@ ktls_send_control_message(int fd, uint8_t type, void *data, size_t len)
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
- ATF_REQUIRE(sendmsg(fd, &msg, 0) == (ssize_t)len);
+ ATF_REQUIRE_INTEQ((ssize_t)len, sendmsg(fd, &msg, 0));
}
static void
@@ -1334,20 +1348,21 @@ test_ktls_transmit_control(const atf_tc_t *tc, struct tls_enable *en,
* to read.
*/
rv = read(sockets[0], outbuf, sizeof(struct tls_record_layer));
- ATF_REQUIRE(rv == sizeof(struct tls_record_layer));
+ ATF_REQUIRE_INTEQ(sizeof(struct tls_record_layer), rv);
payload_len = ntohs(hdr->tls_length);
record_len = payload_len + sizeof(struct tls_record_layer);
- ATF_REQUIRE(record_len <= outbuf_cap);
+ ATF_REQUIRE_MSG(record_len <= outbuf_cap,
+ "record_len (%zu) > outbuf_cap (%zu)", record_len, outbuf_cap);
rv = read(sockets[0], outbuf + sizeof(struct tls_record_layer),
payload_len);
- ATF_REQUIRE(rv == (ssize_t)payload_len);
+ ATF_REQUIRE_INTEQ((ssize_t)payload_len, rv);
rv = decrypt_tls_record(tc, en, seqno, outbuf, record_len, decrypted,
len, &record_type);
ATF_REQUIRE_MSG((ssize_t)len == rv,
"read %zd decrypted bytes, but wrote %zu", rv, len);
- ATF_REQUIRE(record_type == type);
+ ATF_REQUIRE_INTEQ(type, record_type);
ATF_REQUIRE(memcmp(plaintext, decrypted, len) == 0);
@@ -1388,11 +1403,11 @@ test_ktls_transmit_empty_fragment(const atf_tc_t *tc, struct tls_enable *en,
*/
rv = write(sockets[1], NULL, 0);
if (rv == 0) {
- ATF_REQUIRE(en->cipher_algorithm == CRYPTO_AES_CBC);
- ATF_REQUIRE(en->tls_vminor == TLS_MINOR_VER_ZERO);
+ ATF_REQUIRE_INTEQ(CRYPTO_AES_CBC, en->cipher_algorithm);
+ ATF_REQUIRE_INTEQ(TLS_MINOR_VER_ZERO, en->tls_vminor);
} else {
- ATF_REQUIRE(rv == -1);
- ATF_REQUIRE(errno == EINVAL);
+ ATF_REQUIRE_INTEQ(-1, rv);
+ ATF_REQUIRE_ERRNO(EINVAL, true);
goto out;
}
@@ -1401,20 +1416,21 @@ test_ktls_transmit_empty_fragment(const atf_tc_t *tc, struct tls_enable *en,
* to read.
*/
rv = read(sockets[0], outbuf, sizeof(struct tls_record_layer));
- ATF_REQUIRE(rv == sizeof(struct tls_record_layer));
+ ATF_REQUIRE_INTEQ(sizeof(struct tls_record_layer), rv);
payload_len = ntohs(hdr->tls_length);
record_len = payload_len + sizeof(struct tls_record_layer);
- ATF_REQUIRE(record_len <= outbuf_cap);
+ ATF_REQUIRE_MSG(record_len <= outbuf_cap,
+ "record_len (%zu) > outbuf_cap (%zu)", record_len, outbuf_cap);
rv = read(sockets[0], outbuf + sizeof(struct tls_record_layer),
payload_len);
- ATF_REQUIRE(rv == (ssize_t)payload_len);
+ ATF_REQUIRE_INTEQ((ssize_t)payload_len, rv);
rv = decrypt_tls_record(tc, en, seqno, outbuf, record_len, NULL, 0,
&record_type);
ATF_REQUIRE_MSG(rv == 0,
"read %zd decrypted bytes for an empty fragment", rv);
- ATF_REQUIRE(record_type == TLS_RLTYPE_APP);
+ ATF_REQUIRE_INTEQ(TLS_RLTYPE_APP, record_type);
out:
free(outbuf);
@@ -1449,19 +1465,19 @@ ktls_receive_tls_record(struct tls_enable *en, int fd, uint8_t record_type,
cmsg = CMSG_FIRSTHDR(&msg);
ATF_REQUIRE(cmsg != NULL);
- ATF_REQUIRE(cmsg->cmsg_level == IPPROTO_TCP);
- ATF_REQUIRE(cmsg->cmsg_type == TLS_GET_RECORD);
- ATF_REQUIRE(cmsg->cmsg_len == CMSG_LEN(sizeof(*tgr)));
+ ATF_REQUIRE_INTEQ(IPPROTO_TCP, cmsg->cmsg_level);
+ ATF_REQUIRE_INTEQ(TLS_GET_RECORD, cmsg->cmsg_type);
+ ATF_REQUIRE_INTEQ(CMSG_LEN(sizeof(*tgr)), cmsg->cmsg_len);
tgr = (struct tls_get_record *)CMSG_DATA(cmsg);
- ATF_REQUIRE(tgr->tls_type == record_type);
- ATF_REQUIRE(tgr->tls_vmajor == en->tls_vmajor);
+ ATF_REQUIRE_INTEQ(record_type, tgr->tls_type);
+ ATF_REQUIRE_INTEQ(en->tls_vmajor, tgr->tls_vmajor);
/* XXX: Not sure if this is what OpenSSL expects? */
if (en->tls_vminor == TLS_MINOR_VER_THREE)
- ATF_REQUIRE(tgr->tls_vminor == TLS_MINOR_VER_TWO);
+ ATF_REQUIRE_INTEQ(TLS_MINOR_VER_TWO, tgr->tls_vminor);
else
- ATF_REQUIRE(tgr->tls_vminor == en->tls_vminor);
- ATF_REQUIRE(tgr->tls_length == htons(rv));
+ ATF_REQUIRE_INTEQ(en->tls_vminor, tgr->tls_vminor);
+ ATF_REQUIRE_INTEQ(htons(rv), tgr->tls_length);
return (rv);
}
@@ -1527,7 +1543,7 @@ test_ktls_receive_app_data(const atf_tc_t *tc, struct tls_enable *en,
rv = write(ev.ident, outbuf + outbuf_sent,
outbuf_len - outbuf_sent);
ATF_REQUIRE_MSG(rv > 0,
- "failed to write to socket");
+ "failed to write to socket: %s", strerror(errno));
outbuf_sent += rv;
if (outbuf_sent == outbuf_len) {
outbuf_len = 0;
@@ -1584,7 +1600,7 @@ ktls_receive_tls_error(int fd, int expected_error)
ATF_REQUIRE(recvmsg(fd, &msg, 0) == -1);
if (expected_error != 0)
- ATF_REQUIRE(errno == expected_error);
+ ATF_REQUIRE_ERRNO(expected_error, true);
}
static void
@@ -1620,7 +1636,7 @@ test_ktls_receive_corrupted_record(const atf_tc_t *tc, struct tls_enable *en,
outbuf[offset] ^= 0x01;
rv = write(sockets[1], outbuf, outbuf_len);
- ATF_REQUIRE(rv == (ssize_t)outbuf_len);
+ ATF_REQUIRE_INTEQ((ssize_t)outbuf_len, rv);
ktls_receive_tls_error(sockets[0], EBADMSG);
@@ -1670,7 +1686,7 @@ static void
test_ktls_receive_corrupted_padding(const atf_tc_t *tc, struct tls_enable *en,
uint64_t seqno, size_t len)
{
- ATF_REQUIRE(en->cipher_algorithm == CRYPTO_AES_CBC);
+ ATF_REQUIRE_INTEQ(CRYPTO_AES_CBC, en->cipher_algorithm);
/* Corrupt the last byte of the padding. */
test_ktls_receive_corrupted_record(tc, en, seqno, len, -1);
@@ -1704,7 +1720,7 @@ test_ktls_receive_truncated_record(const atf_tc_t *tc, struct tls_enable *en,
plaintext, len, outbuf, outbuf_cap, 0);
rv = write(sockets[1], outbuf, outbuf_len / 2);
- ATF_REQUIRE(rv == (ssize_t)(outbuf_len / 2));
+ ATF_REQUIRE_INTEQ((ssize_t)(outbuf_len / 2), rv);
ATF_REQUIRE(shutdown(sockets[1], SHUT_WR) == 0);
@@ -1748,7 +1764,7 @@ test_ktls_receive_bad_major(const atf_tc_t *tc, struct tls_enable *en,
hdr->tls_vmajor++;
rv = write(sockets[1], outbuf, outbuf_len);
- ATF_REQUIRE(rv == (ssize_t)outbuf_len);
+ ATF_REQUIRE_INTEQ((ssize_t)outbuf_len, rv);
ktls_receive_tls_error(sockets[0], EINVAL);
@@ -1790,7 +1806,7 @@ test_ktls_receive_bad_minor(const atf_tc_t *tc, struct tls_enable *en,
hdr->tls_vminor++;
rv = write(sockets[1], outbuf, outbuf_len);
- ATF_REQUIRE(rv == (ssize_t)outbuf_len);
+ ATF_REQUIRE_INTEQ((ssize_t)outbuf_len, rv);
ktls_receive_tls_error(sockets[0], EINVAL);
@@ -1811,7 +1827,7 @@ test_ktls_receive_bad_type(const atf_tc_t *tc, struct tls_enable *en,
int sockets[2];
ATF_REQUIRE(len <= TLS_MAX_MSG_SIZE_V10_2);
- ATF_REQUIRE(en->tls_vminor == TLS_MINOR_VER_THREE);
+ ATF_REQUIRE_INTEQ(TLS_MINOR_VER_THREE, en->tls_vminor);
plaintext = alloc_buffer(len);
outbuf_cap = tls_header_len(en) + len + tls_trailer_len(en);
@@ -1833,7 +1849,7 @@ test_ktls_receive_bad_type(const atf_tc_t *tc, struct tls_enable *en,
hdr->tls_type = TLS_RLTYPE_APP + 1;
rv = write(sockets[1], outbuf, outbuf_len);
- ATF_REQUIRE(rv == (ssize_t)outbuf_len);
+ ATF_REQUIRE_INTEQ((ssize_t)outbuf_len, rv);
ktls_receive_tls_error(sockets[0], EINVAL);
@@ -1875,7 +1891,7 @@ test_ktls_receive_bad_size(const atf_tc_t *tc, struct tls_enable *en,
hdr->tls_length = htons(len);
rv = write(sockets[1], outbuf, outbuf_len);
- ATF_REQUIRE(rv == (ssize_t)outbuf_len);
+ ATF_REQUIRE_INTEQ((ssize_t)outbuf_len, rv);
ATF_REQUIRE(shutdown(sockets[1], SHUT_WR) == 0);
@@ -2131,9 +2147,8 @@ test_ktls_invalid_transmit_cipher_suite(const atf_tc_t *tc,
ATF_REQUIRE_MSG(open_sockets(tc, sockets), "failed to create sockets");
- ATF_REQUIRE(setsockopt(sockets[1], IPPROTO_TCP, TCP_TXTLS_ENABLE, en,
- sizeof(*en)) == -1);
- ATF_REQUIRE(errno == EINVAL);
+ ATF_REQUIRE_ERRNO(EINVAL, setsockopt(sockets[1], IPPROTO_TCP,
+ TCP_TXTLS_ENABLE, en, sizeof(*en)) == -1);
close_sockets(sockets);
}
@@ -2628,9 +2643,8 @@ test_ktls_invalid_receive_cipher_suite(const atf_tc_t *tc,
ATF_REQUIRE_MSG(open_sockets(tc, sockets), "failed to create sockets");
- ATF_REQUIRE(setsockopt(sockets[1], IPPROTO_TCP, TCP_RXTLS_ENABLE, en,
- sizeof(*en)) == -1);
- ATF_REQUIRE(errno == EINVAL);
+ ATF_REQUIRE_ERRNO(EINVAL, setsockopt(sockets[1], IPPROTO_TCP,
+ TCP_RXTLS_ENABLE, en, sizeof(*en)) == -1);
close_sockets(sockets);
}
@@ -2668,9 +2682,8 @@ test_ktls_unsupported_receive_cipher_suite(const atf_tc_t *tc,
ATF_REQUIRE_MSG(open_sockets(tc, sockets), "failed to create sockets");
- ATF_REQUIRE(setsockopt(sockets[1], IPPROTO_TCP, TCP_RXTLS_ENABLE, en,
- sizeof(*en)) == -1);
- ATF_REQUIRE(errno == EPROTONOSUPPORT);
+ ATF_REQUIRE_ERRNO(EPROTONOSUPPORT, setsockopt(sockets[1], IPPROTO_TCP,
+ TCP_RXTLS_ENABLE, en, sizeof(*en)) == -1);
close_sockets(sockets);
}