1 files changed, 161 insertions, 1 deletions
diff --git a/auto_tests/TCP_test.c b/auto_tests/TCP_test.c
index 983b07d2..989867b4 100644
--- a/auto_tests/TCP_test.c
+++ b/auto_tests/TCP_test.c
@@ -21,9 +21,10 @@
 #define NUM_PORTS 3
+uint16_t ports[NUM_PORTS] = {12345, 33445, 25643};
 START_TEST(test_basic)
 {
-    uint16_t ports[NUM_PORTS] = {12345, 33445, 25643};
    uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];
    uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
    crypto_box_keypair(self_public_key, self_secret_key);
@@ -80,7 +81,165 @@ START_TEST(test_basic)
    encrypt_precompute(response_plain, t_secret_key, f_shared_key);
    memcpy(f_nonce_r, response_plain + crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES);
+    uint8_t r_req_p[1 + crypto_box_PUBLICKEYBYTES] = {0};
+    memcpy(r_req_p + 1, f_public_key, crypto_box_PUBLICKEYBYTES);
+    uint8_t r_req[2 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES];
+    uint16_t size = 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES;
+    size = htons(size);
+    ret = encrypt_data_fast(f_shared_key, f_nonce, r_req_p, 1 + crypto_box_PUBLICKEYBYTES, r_req + 2);
+    increment_nonce(f_nonce);
+    memcpy(r_req, &size, 2);
+    uint32_t i;
+    for (i = 0; i < sizeof(r_req); ++i) {
+        ck_assert_msg(send(sock, r_req + i, 1, 0) == 1, "send Failed.");
+        //ck_assert_msg(send(sock, r_req, sizeof(r_req), 0) == sizeof(r_req), "send Failed.");
+        do_TCP_server(tcp_s);
+        c_sleep(50);
+    }
+    do_TCP_server(tcp_s);
+    c_sleep(50);
+    uint8_t packet_resp[4096];
+    int recv_data_len;
+    ck_assert_msg((recv_data_len = recv(sock, packet_resp, 2 + 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES,
+                                        0)) == 2 + 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, "recv Failed. %u", recv_data_len);
+    memcpy(&size, packet_resp, 2);
+    ck_assert_msg(ntohs(size) == 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, "Wrong packet size.");
+    uint8_t packet_resp_plain[4096];
+    ret = decrypt_data_fast(f_shared_key, f_nonce_r, packet_resp + 2, recv_data_len - 2, packet_resp_plain);
+    ck_assert_msg(ret != -1, "decryption failed");
+    increment_nonce(f_nonce_r);
+    ck_assert_msg(packet_resp_plain[0] == 1, "wrong packet id %u", packet_resp_plain[0]);
+    ck_assert_msg(packet_resp_plain[1] == 0, "connection not refused %u", packet_resp_plain[1]);
+    ck_assert_msg(memcmp(packet_resp_plain + 2, f_public_key, crypto_box_PUBLICKEYBYTES) == 0, "key in packet wrong");
+}
+END_TEST
+struct sec_TCP_con {
+    sock_t  sock;
+    uint8_t public_key[crypto_box_PUBLICKEYBYTES];
+    uint8_t recv_nonce[crypto_box_NONCEBYTES];
+    uint8_t sent_nonce[crypto_box_NONCEBYTES];
+    uint8_t shared_key[crypto_box_BEFORENMBYTES];
+};
+struct sec_TCP_con *new_TCP_con(TCP_Server *tcp_s)
+{
+    struct sec_TCP_con *sec_c = malloc(sizeof(struct sec_TCP_con));
+    sock_t sock = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP);
+    struct sockaddr_in6 addr6_loopback = {0};
+    addr6_loopback.sin6_family = AF_INET6;
+    addr6_loopback.sin6_port = htons(ports[rand() % NUM_PORTS]);
+    addr6_loopback.sin6_addr = in6addr_loopback;
+    int ret = connect(sock, (struct sockaddr *)&addr6_loopback, sizeof(addr6_loopback));
+    ck_assert_msg(ret == 0, "Failed to connect to TCP relay server");
+    uint8_t f_secret_key[crypto_box_SECRETKEYBYTES];
+    crypto_box_keypair(sec_c->public_key, f_secret_key);
+    random_nonce(sec_c->sent_nonce);
+    uint8_t t_secret_key[crypto_box_SECRETKEYBYTES];
+    uint8_t handshake_plain[TCP_HANDSHAKE_PLAIN_SIZE];
+    crypto_box_keypair(handshake_plain, t_secret_key);
+    memcpy(handshake_plain + crypto_box_PUBLICKEYBYTES, sec_c->sent_nonce, crypto_box_NONCEBYTES);
+    uint8_t handshake[TCP_CLIENT_HANDSHAKE_SIZE];
+    memcpy(handshake, sec_c->public_key, crypto_box_PUBLICKEYBYTES);
+    new_nonce(handshake + crypto_box_PUBLICKEYBYTES);
+    ret = encrypt_data(tcp_s->public_key, f_secret_key, handshake + crypto_box_PUBLICKEYBYTES, handshake_plain,
+                       TCP_HANDSHAKE_PLAIN_SIZE, handshake + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES);
+    ck_assert_msg(ret == TCP_CLIENT_HANDSHAKE_SIZE - (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES),
+                  "Encrypt failed.");
+    ck_assert_msg(send(sock, handshake, TCP_CLIENT_HANDSHAKE_SIZE - 1, 0) == TCP_CLIENT_HANDSHAKE_SIZE - 1, "send Failed.");
+    do_TCP_server(tcp_s);
+    c_sleep(50);
+    ck_assert_msg(send(sock, handshake + (TCP_CLIENT_HANDSHAKE_SIZE - 1), 1, 0) == 1, "send Failed.");
+    c_sleep(50);
+    do_TCP_server(tcp_s);
+    uint8_t response[TCP_SERVER_HANDSHAKE_SIZE];
+    uint8_t response_plain[TCP_HANDSHAKE_PLAIN_SIZE];
+    ck_assert_msg(recv(sock, response, TCP_SERVER_HANDSHAKE_SIZE, 0) == TCP_SERVER_HANDSHAKE_SIZE, "recv Failed.");
+    ret = decrypt_data(tcp_s->public_key, f_secret_key, response, response + crypto_box_NONCEBYTES,
+                       TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, response_plain);
+    ck_assert_msg(ret == TCP_HANDSHAKE_PLAIN_SIZE, "Decrypt Failed.");
+    encrypt_precompute(response_plain, t_secret_key, sec_c->shared_key);
+    memcpy(sec_c->recv_nonce, response_plain + crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES);
+    sec_c->sock = sock;
+    return sec_c;
+}
+int write_packet_TCP_secure_connection(struct sec_TCP_con *con, uint8_t *data, uint16_t length)
+{
+    uint8_t packet[sizeof(uint16_t) + length + crypto_box_MACBYTES];
+    uint16_t c_length = htons(length + crypto_box_MACBYTES);
+    memcpy(packet, &c_length, sizeof(uint16_t));
+    int len = encrypt_data_fast(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
+    if ((unsigned int)len != (sizeof(packet) - sizeof(uint16_t)))
+        return -1;
+    increment_nonce(con->sent_nonce);
+    ck_assert_msg(send(con->sock, packet, sizeof(packet), 0) == sizeof(packet), "send failed");
+    return 0;
+}
+int read_packet_sec_TCP(struct sec_TCP_con *con, uint8_t *data, uint16_t length)
+{
+    int len;
+    ck_assert_msg((len = recv(con->sock, data, length, 0)) == length, "wrong len %i\n", len);
+    ck_assert_msg((len = decrypt_data_fast(con->shared_key, con->recv_nonce, data + 2, length - 2, data)) != -1,
+                  "Decrypt failed");
+    increment_nonce(con->recv_nonce);
+    return len;
+}
+START_TEST(test_some)
+{
+    uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];
+    uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
+    crypto_box_keypair(self_public_key, self_secret_key);
+    TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_public_key, self_secret_key);
+    ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server");
+    struct sec_TCP_con *con1 = new_TCP_con(tcp_s);
+    struct sec_TCP_con *con2 = new_TCP_con(tcp_s);
+    struct sec_TCP_con *con3 = new_TCP_con(tcp_s);
+    uint8_t requ_p[1 + crypto_box_PUBLICKEYBYTES];
+    requ_p[0] = 0;
+    memcpy(requ_p + 1, con3->public_key, crypto_box_PUBLICKEYBYTES);
+    write_packet_TCP_secure_connection(con1, requ_p, sizeof(requ_p));
+    memcpy(requ_p + 1, con1->public_key, crypto_box_PUBLICKEYBYTES);
+    write_packet_TCP_secure_connection(con3, requ_p, sizeof(requ_p));
+    do_TCP_server(tcp_s);
+    c_sleep(50);
+    uint8_t data[2048];
+    int len = read_packet_sec_TCP(con1, data, 2 + 1 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES);
+    ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len);
+    ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]);
+    ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]);
+    ck_assert_msg(memcmp(data + 2, con3->public_key, crypto_box_PUBLICKEYBYTES) == 0, "key in packet wrong");
+    len = read_packet_sec_TCP(con3, data, 2 + 1 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES);
+    ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len);
+    ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]);
+    ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]);
+    ck_assert_msg(memcmp(data + 2, con1->public_key, crypto_box_PUBLICKEYBYTES) == 0, "key in packet wrong");
+    uint8_t test_packet[1024] = {16};
+    write_packet_TCP_secure_connection(con3, test_packet, sizeof(test_packet));
+    do_TCP_server(tcp_s);
+    c_sleep(50);
+    len = read_packet_sec_TCP(con1, data, 2 + 2 + crypto_box_MACBYTES);
+    ck_assert_msg(len == 2, "wrong len %u", len);
+    ck_assert_msg(data[0] == 2, "wrong packet id %u", data[0]);
+    ck_assert_msg(data[1] == 16, "wrong peer id %u", data[1]);
+    len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES);
+    ck_assert_msg(len == 1024, "wrong len %u", len);
+    ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong");
 }
 END_TEST
@@ -97,6 +256,7 @@ Suite *TCP_suite(void)
    Suite *s = suite_create("TCP");
    DEFTESTCASE_SLOW(basic, 5);
+    DEFTESTCASE_SLOW(some, 10);
    return s;
 }

diff --git a/auto_tests/TCP_test.c b/auto_tests/TCP_test.c index 983b07d2..989867b4 100644 --- a/auto_tests/TCP_test.c +++ b/auto_tests/TCP_test.c
@@ -21,9 +21,10 @@
21		21
22	#define NUM_PORTS 3	22	#define NUM_PORTS 3
23		23
		24	uint16_t ports[NUM_PORTS] = {12345, 33445, 25643};
		25
24	START_TEST(test_basic)	26	START_TEST(test_basic)
25	{	27	{
26	uint16_t ports[NUM_PORTS] = {12345, 33445, 25643};
27	uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];	28	uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];
28	uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];	29	uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
29	crypto_box_keypair(self_public_key, self_secret_key);	30	crypto_box_keypair(self_public_key, self_secret_key);
@@ -80,7 +81,165 @@ START_TEST(test_basic)
80	encrypt_precompute(response_plain, t_secret_key, f_shared_key);	81	encrypt_precompute(response_plain, t_secret_key, f_shared_key);
81	memcpy(f_nonce_r, response_plain + crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES);	82	memcpy(f_nonce_r, response_plain + crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES);
82		83
		84	uint8_t r_req_p[1 + crypto_box_PUBLICKEYBYTES] = {0};
		85	memcpy(r_req_p + 1, f_public_key, crypto_box_PUBLICKEYBYTES);
		86	uint8_t r_req[2 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES];
		87	uint16_t size = 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES;
		88	size = htons(size);
		89	ret = encrypt_data_fast(f_shared_key, f_nonce, r_req_p, 1 + crypto_box_PUBLICKEYBYTES, r_req + 2);
		90	increment_nonce(f_nonce);
		91	memcpy(r_req, &size, 2);
		92	uint32_t i;
		93
		94	for (i = 0; i < sizeof(r_req); ++i) {
		95	ck_assert_msg(send(sock, r_req + i, 1, 0) == 1, "send Failed.");
		96	//ck_assert_msg(send(sock, r_req, sizeof(r_req), 0) == sizeof(r_req), "send Failed.");
		97	do_TCP_server(tcp_s);
		98	c_sleep(50);
		99	}
83		100
		101	do_TCP_server(tcp_s);
		102	c_sleep(50);
		103	uint8_t packet_resp[4096];
		104	int recv_data_len;
		105	ck_assert_msg((recv_data_len = recv(sock, packet_resp, 2 + 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES,
		106	0)) == 2 + 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, "recv Failed. %u", recv_data_len);
		107	memcpy(&size, packet_resp, 2);
		108	ck_assert_msg(ntohs(size) == 2 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES, "Wrong packet size.");
		109	uint8_t packet_resp_plain[4096];
		110	ret = decrypt_data_fast(f_shared_key, f_nonce_r, packet_resp + 2, recv_data_len - 2, packet_resp_plain);
		111	ck_assert_msg(ret != -1, "decryption failed");
		112	increment_nonce(f_nonce_r);
		113	ck_assert_msg(packet_resp_plain[0] == 1, "wrong packet id %u", packet_resp_plain[0]);
		114	ck_assert_msg(packet_resp_plain[1] == 0, "connection not refused %u", packet_resp_plain[1]);
		115	ck_assert_msg(memcmp(packet_resp_plain + 2, f_public_key, crypto_box_PUBLICKEYBYTES) == 0, "key in packet wrong");
		116	}
		117	END_TEST
		118
		119	struct sec_TCP_con {
		120	sock_t sock;
		121	uint8_t public_key[crypto_box_PUBLICKEYBYTES];
		122	uint8_t recv_nonce[crypto_box_NONCEBYTES];
		123	uint8_t sent_nonce[crypto_box_NONCEBYTES];
		124	uint8_t shared_key[crypto_box_BEFORENMBYTES];
		125	};
		126
		127	struct sec_TCP_con new_TCP_con(TCP_Server tcp_s)
		128	{
		129	struct sec_TCP_con *sec_c = malloc(sizeof(struct sec_TCP_con));
		130	sock_t sock = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP);
		131	struct sockaddr_in6 addr6_loopback = {0};
		132	addr6_loopback.sin6_family = AF_INET6;
		133	addr6_loopback.sin6_port = htons(ports[rand() % NUM_PORTS]);
		134	addr6_loopback.sin6_addr = in6addr_loopback;
		135
		136	int ret = connect(sock, (struct sockaddr *)&addr6_loopback, sizeof(addr6_loopback));
		137	ck_assert_msg(ret == 0, "Failed to connect to TCP relay server");
		138
		139	uint8_t f_secret_key[crypto_box_SECRETKEYBYTES];
		140	crypto_box_keypair(sec_c->public_key, f_secret_key);
		141	random_nonce(sec_c->sent_nonce);
		142
		143	uint8_t t_secret_key[crypto_box_SECRETKEYBYTES];
		144	uint8_t handshake_plain[TCP_HANDSHAKE_PLAIN_SIZE];
		145	crypto_box_keypair(handshake_plain, t_secret_key);
		146	memcpy(handshake_plain + crypto_box_PUBLICKEYBYTES, sec_c->sent_nonce, crypto_box_NONCEBYTES);
		147	uint8_t handshake[TCP_CLIENT_HANDSHAKE_SIZE];
		148	memcpy(handshake, sec_c->public_key, crypto_box_PUBLICKEYBYTES);
		149	new_nonce(handshake + crypto_box_PUBLICKEYBYTES);
		150
		151	ret = encrypt_data(tcp_s->public_key, f_secret_key, handshake + crypto_box_PUBLICKEYBYTES, handshake_plain,
		152	TCP_HANDSHAKE_PLAIN_SIZE, handshake + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES);
		153	ck_assert_msg(ret == TCP_CLIENT_HANDSHAKE_SIZE - (crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES),
		154	"Encrypt failed.");
		155	ck_assert_msg(send(sock, handshake, TCP_CLIENT_HANDSHAKE_SIZE - 1, 0) == TCP_CLIENT_HANDSHAKE_SIZE - 1, "send Failed.");
		156	do_TCP_server(tcp_s);
		157	c_sleep(50);
		158	ck_assert_msg(send(sock, handshake + (TCP_CLIENT_HANDSHAKE_SIZE - 1), 1, 0) == 1, "send Failed.");
		159	c_sleep(50);
		160	do_TCP_server(tcp_s);
		161	uint8_t response[TCP_SERVER_HANDSHAKE_SIZE];
		162	uint8_t response_plain[TCP_HANDSHAKE_PLAIN_SIZE];
		163	ck_assert_msg(recv(sock, response, TCP_SERVER_HANDSHAKE_SIZE, 0) == TCP_SERVER_HANDSHAKE_SIZE, "recv Failed.");
		164	ret = decrypt_data(tcp_s->public_key, f_secret_key, response, response + crypto_box_NONCEBYTES,
		165	TCP_SERVER_HANDSHAKE_SIZE - crypto_box_NONCEBYTES, response_plain);
		166	ck_assert_msg(ret == TCP_HANDSHAKE_PLAIN_SIZE, "Decrypt Failed.");
		167	encrypt_precompute(response_plain, t_secret_key, sec_c->shared_key);
		168	memcpy(sec_c->recv_nonce, response_plain + crypto_box_BEFORENMBYTES, crypto_box_NONCEBYTES);
		169	sec_c->sock = sock;
		170	return sec_c;
		171	}
		172
		173	int write_packet_TCP_secure_connection(struct sec_TCP_con con, uint8_t data, uint16_t length)
		174	{
		175	uint8_t packet[sizeof(uint16_t) + length + crypto_box_MACBYTES];
		176
		177	uint16_t c_length = htons(length + crypto_box_MACBYTES);
		178	memcpy(packet, &c_length, sizeof(uint16_t));
		179	int len = encrypt_data_fast(con->shared_key, con->sent_nonce, data, length, packet + sizeof(uint16_t));
		180
		181	if ((unsigned int)len != (sizeof(packet) - sizeof(uint16_t)))
		182	return -1;
		183
		184	increment_nonce(con->sent_nonce);
		185
		186	ck_assert_msg(send(con->sock, packet, sizeof(packet), 0) == sizeof(packet), "send failed");
		187	return 0;
		188	}
		189
		190	int read_packet_sec_TCP(struct sec_TCP_con con, uint8_t data, uint16_t length)
		191	{
		192	int len;
		193	ck_assert_msg((len = recv(con->sock, data, length, 0)) == length, "wrong len %i\n", len);
		194	ck_assert_msg((len = decrypt_data_fast(con->shared_key, con->recv_nonce, data + 2, length - 2, data)) != -1,
		195	"Decrypt failed");
		196	increment_nonce(con->recv_nonce);
		197	return len;
		198	}
		199
		200	START_TEST(test_some)
		201	{
		202	uint8_t self_public_key[crypto_box_PUBLICKEYBYTES];
		203	uint8_t self_secret_key[crypto_box_SECRETKEYBYTES];
		204	crypto_box_keypair(self_public_key, self_secret_key);
		205	TCP_Server *tcp_s = new_TCP_server(1, NUM_PORTS, ports, self_public_key, self_secret_key);
		206	ck_assert_msg(tcp_s != NULL, "Failed to create TCP relay server");
		207
		208	struct sec_TCP_con *con1 = new_TCP_con(tcp_s);
		209	struct sec_TCP_con *con2 = new_TCP_con(tcp_s);
		210	struct sec_TCP_con *con3 = new_TCP_con(tcp_s);
		211
		212	uint8_t requ_p[1 + crypto_box_PUBLICKEYBYTES];
		213	requ_p[0] = 0;
		214	memcpy(requ_p + 1, con3->public_key, crypto_box_PUBLICKEYBYTES);
		215	write_packet_TCP_secure_connection(con1, requ_p, sizeof(requ_p));
		216	memcpy(requ_p + 1, con1->public_key, crypto_box_PUBLICKEYBYTES);
		217	write_packet_TCP_secure_connection(con3, requ_p, sizeof(requ_p));
		218	do_TCP_server(tcp_s);
		219	c_sleep(50);
		220	uint8_t data[2048];
		221	int len = read_packet_sec_TCP(con1, data, 2 + 1 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES);
		222	ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len);
		223	ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]);
		224	ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]);
		225	ck_assert_msg(memcmp(data + 2, con3->public_key, crypto_box_PUBLICKEYBYTES) == 0, "key in packet wrong");
		226	len = read_packet_sec_TCP(con3, data, 2 + 1 + 1 + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES);
		227	ck_assert_msg(len == 1 + 1 + crypto_box_PUBLICKEYBYTES, "wrong len %u", len);
		228	ck_assert_msg(data[0] == 1, "wrong packet id %u", data[0]);
		229	ck_assert_msg(data[1] == 16, "connection not refused %u", data[1]);
		230	ck_assert_msg(memcmp(data + 2, con1->public_key, crypto_box_PUBLICKEYBYTES) == 0, "key in packet wrong");
		231
		232	uint8_t test_packet[1024] = {16};
		233	write_packet_TCP_secure_connection(con3, test_packet, sizeof(test_packet));
		234	do_TCP_server(tcp_s);
		235	c_sleep(50);
		236	len = read_packet_sec_TCP(con1, data, 2 + 2 + crypto_box_MACBYTES);
		237	ck_assert_msg(len == 2, "wrong len %u", len);
		238	ck_assert_msg(data[0] == 2, "wrong packet id %u", data[0]);
		239	ck_assert_msg(data[1] == 16, "wrong peer id %u", data[1]);
		240	len = read_packet_sec_TCP(con1, data, 2 + sizeof(test_packet) + crypto_box_MACBYTES);
		241	ck_assert_msg(len == 1024, "wrong len %u", len);
		242	ck_assert_msg(memcmp(data, test_packet, sizeof(test_packet)) == 0, "packet is wrong");
84	}	243	}
85	END_TEST	244	END_TEST
86		245
@@ -97,6 +256,7 @@ Suite *TCP_suite(void)
97	Suite *s = suite_create("TCP");	256	Suite *s = suite_create("TCP");
98		257
99	DEFTESTCASE_SLOW(basic, 5);	258	DEFTESTCASE_SLOW(basic, 5);
		259	DEFTESTCASE_SLOW(some, 10);
100	return s;	260	return s;
101	}	261	}
102		262