diff --git a/src/main.h b/src/main.h
index 4d20d180..5ec782e7 100644
--- a/src/main.h
+++ b/src/main.h
@@ -231,7 +231,7 @@ int send_udp_fd(main_server_st* s, struct proc_st * proc, int fd);
 int session_open(main_server_st * s, struct proc_st *proc, const uint8_t *cookie, unsigned cookie_size);
 int session_close(main_server_st * s, struct proc_st *proc);
 
-#ifdef DISABLE_LOGS
+#ifdef UNDER_TEST
 /* for testing */
 # define mslog(...)
 
diff --git a/src/tlslib.c b/src/tlslib.c
index 5ddfc498..80044793 100644
--- a/src/tlslib.c
+++ b/src/tlslib.c
@@ -625,6 +625,7 @@ int ret;
 	}
 }
 
+#ifndef UNDER_TEST
 struct key_cb_data {
 	unsigned idx; /* the index of the key */
 	struct sockaddr_un sa;
@@ -999,6 +1000,7 @@ static unsigned crl_type = GNUTLS_X509_FMT_PEM;
 		mslog(s, NULL, LOG_INFO, "loaded CRL: %s", s->config->crl);
 	}
 }
+#endif
 
 void tls_cork(gnutls_session_t session)
 {
diff --git a/src/tlslib.h b/src/tlslib.h
index dc5af659..b444e64d 100644
--- a/src/tlslib.h
+++ b/src/tlslib.h
@@ -65,6 +65,10 @@ size_t tls_get_overhead(gnutls_protocol_t, gnutls_cipher_algorithm_t, gnutls_mac
 
 #define GNUTLS_FATAL_ERR DTLS_FATAL_ERR
 
+#ifdef UNDER_TEST
+# define syslog_open 0
+#endif
+
 #define DTLS_FATAL_ERR_CMD(x, CMD) \
         if (x < 0 && gnutls_error_is_fatal (x) != 0) { \
                 if (syslog_open) \
diff --git a/src/worker.h b/src/worker.h
index b45f7430..39f2071d 100644
--- a/src/worker.h
+++ b/src/worker.h
@@ -316,12 +316,16 @@ void set_resume_db_funcs(gnutls_session_t);
 void __attribute__ ((format(printf, 3, 4)))
     _oclog(const worker_st * server, int priority, const char *fmt, ...);
 
-#ifdef __GNUC__
-# define oclog(server, prio, fmt, ...) \
+#ifdef UNDER_TEST
+# define oclog(...)
+#else
+# ifdef __GNUC__
+#  define oclog(server, prio, fmt, ...) \
 	(prio==LOG_ERR)?_oclog(server, prio, "%s:%d: "fmt, __FILE__, __LINE__, ##__VA_ARGS__): \
 	_oclog(server, prio, fmt, ##__VA_ARGS__)
-#else
-# define oclog _oclog
+# else
+#  define oclog _oclog
+# endif
 #endif
 
 void  oclog_hex(const worker_st* ws, int priority,
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 50245522..2c04928d 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -67,6 +67,10 @@ LDADD = ../gl/libgnu.a $(LIBTALLOC_LIBS) ../src/libccan.a $(CODE_COVERAGE_LDFLAG
 kkdcp_parsing_SOURCES = kkdcp-parsing.c
 kkdcp_parsing_LDADD = $(LDADD)
 
+cstp_recv_SOURCES = cstp-recv.c
+cstp_recv_CFLAGS = $(CFLAGS) $(LIBGNUTLS_CFLAGS) $(LIBTALLOC_CFLAGS)
+cstp_recv_LDADD = $(LDADD) $(LIBGNUTLS_LIBS)
+
 json_escape_SOURCES = json-escape.c
 json_escape_LDADD = $(LDADD)
 
@@ -79,7 +83,7 @@ html_escape_LDADD = $(LDADD)
 ipv4_prefix_SOURCES = ipv4-prefix.c
 ipv4_prefix_LDADD = $(LDADD)
 
-ban_ips_CPPFLAGS = $(AM_CPPFLAGS) -DDISABLE_LOGS
+ban_ips_CPPFLAGS = $(AM_CPPFLAGS) -DUNDER_TEST
 ban_ips_SOURCES = ban-ips.c
 ban_ips_LDADD = $(LDADD)
 
@@ -101,7 +105,7 @@ valid_hostname_LDADD = $(LDADD)
 port_parsing_LDADD = $(LDADD)
 
 check_PROGRAMS = str-test str-test2 ipv4-prefix ipv6-prefix kkdcp-parsing json-escape ban-ips \
-	port-parsing human_addr valid-hostname url-escape html-escape
+	port-parsing human_addr valid-hostname url-escape html-escape cstp-recv
 
 
 TESTS = $(dist_check_SCRIPTS) $(check_PROGRAMS)
diff --git a/tests/cstp-recv.c b/tests/cstp-recv.c
new file mode 100644
index 00000000..d6c26646
--- /dev/null
+++ b/tests/cstp-recv.c
@@ -0,0 +1,123 @@
+/*
+ * Copyright (C) 2017 Nikos Mavrogiannopoulos
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <config.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+
+#include <gnutls/gnutls.h>
+
+/* Unit test for _cstp_recv_packet(). I checks whether
+ * CSTP packets are received and decoded as expected.
+ */
+static unsigned verbose = 0;
+#define UNDER_TEST
+#define force_write write
+
+#include "../src/tlslib.c"
+
+int get_cert_names(worker_st * ws, const gnutls_datum_t * raw)
+{
+	return 0;
+}
+
+#define MAX_SIZE 256
+#define ITERATIONS 1024
+
+void writer(int fd)
+{
+	unsigned size, i, j;
+	unsigned char buf[MAX_SIZE+8];
+
+	memset(buf, 0, sizeof(buf));
+
+	for (i=0;i<ITERATIONS;i++) {
+		assert(gnutls_rnd(GNUTLS_RND_NONCE, &size, sizeof(unsigned)) >= 0);
+
+		size %= MAX_SIZE;
+		size++; /* non-zero */
+
+		buf[4] = (size >> 8) & 0xff;
+		buf[5] = size & 0xff;
+
+		size += 8;
+
+		if (verbose)
+			fprintf(stderr, "sending %d\n", size);
+		for (j=0;j<size;j++) { /* use multiple writes */
+			assert(write(fd, buf+j, 1) == 1);
+		}
+	}
+	return;
+}
+
+void receiver(int fd)
+{
+	worker_st ws;
+	unsigned char buf[MAX_SIZE*3];
+	int ret;
+	unsigned i;
+
+	memset(&ws, 0, sizeof(ws));
+	ws.conn_fd = fd;
+
+	for (i=0;i<ITERATIONS;i++) {
+		ret = _cstp_recv_packet(&ws, buf, sizeof(buf));
+		if (verbose)
+			fprintf(stderr, "received %d\n", ret);
+		assert(ret > 0);
+	}
+
+	return;
+}
+
+int main(int argc, char **argv)
+{
+	int sockets[2];
+	pid_t child;
+	int status = 0;
+
+	if (argc > 1)
+		verbose = 1;
+
+	assert(socketpair(AF_UNIX, SOCK_STREAM, 0, sockets) >= 0);
+
+	child = fork();
+	assert(child >= 0);
+	
+	if (child) {
+		close(sockets[1]);
+		receiver(sockets[0]);
+		wait(&status);
+		if (WEXITSTATUS(status) != 0) {
+			fprintf(stderr, "child failed %d!\n", (int)WEXITSTATUS(status));
+			exit(1);
+		}
+	} else {
+		close(sockets[0]);
+		writer(sockets[1]);
+		return 0;
+	}
+
+	return 0;
+}