if (!(*ctx))
*ctx = clib_mem_alloc (sizeof (openssl_ctx_t));
- memset (*ctx, 0, sizeof (openssl_ctx_t));
+ clib_memset (*ctx, 0, sizeof (openssl_ctx_t));
(*ctx)->ctx.c_thread_index = thread_index;
(*ctx)->ctx.tls_ctx_engine = TLS_ENGINE_OPENSSL;
(*ctx)->ctx.app_session_handle = SESSION_INVALID_HANDLE;
pool_get (om->lctx_pool, lctx);
- memset (lctx, 0, sizeof (openssl_listen_ctx_t));
+ clib_memset (lctx, 0, sizeof (openssl_listen_ctx_t));
lctx->openssl_lctx_index = lctx - om->lctx_pool;
return lctx->openssl_lctx_index;
}
}
static int
-openssl_try_handshake_read (openssl_ctx_t * oc,
- stream_session_t * tls_session)
+openssl_try_handshake_read (openssl_ctx_t * oc, session_t * tls_session)
{
u32 deq_max, deq_now;
svm_fifo_t *f;
int wrote, rv;
- f = tls_session->server_rx_fifo;
+ f = tls_session->rx_fifo;
deq_max = svm_fifo_max_dequeue (f);
if (!deq_max)
return 0;
}
static int
-openssl_try_handshake_write (openssl_ctx_t * oc,
- stream_session_t * tls_session)
+openssl_try_handshake_write (openssl_ctx_t * oc, session_t * tls_session)
{
u32 enq_max, deq_now;
svm_fifo_t *f;
if (BIO_ctrl_pending (oc->rbio) <= 0)
return 0;
- f = tls_session->server_tx_fifo;
+ f = tls_session->tx_fifo;
enq_max = svm_fifo_max_enqueue (f);
if (!enq_max)
return 0;
engine_cb = vpp_add_async_pending_event (ctx, handler);
if (engine_cb)
{
- SSL_set_async_callback (oc->ssl, (void *) engine_cb->callback,
- (void *) engine_cb->arg);
+ SSL_set_async_callback_arg (oc->ssl, (void *) engine_cb->arg);
TLS_DBG (2, "set callback to engine %p\n", engine_cb->callback);
}
return 0;
static int
vpp_ssl_async_retry_func (tls_ctx_t * ctx, openssl_resume_handler * handler)
{
- openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
if (vpp_add_async_run_event (ctx, handler))
- {
- SSL_set_async_estatus (oc->ssl, 0);
- }
+ return 1;
+
return 0;
}
#endif
int
-openssl_ctx_handshake_rx (tls_ctx_t * ctx, stream_session_t * tls_session)
+openssl_ctx_handshake_rx (tls_ctx_t * ctx, session_t * tls_session)
{
openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
int rv = 0, err;
break;
}
+#ifdef HAVE_OPENSSL_ASYNC
+ myself = openssl_ctx_handshake_rx;
+ vpp_ssl_async_process_event (ctx, myself);
+#endif
+
rv = SSL_do_handshake (oc->ssl);
err = SSL_get_error (oc->ssl, rv);
openssl_try_handshake_write (oc, tls_session);
#ifdef HAVE_OPENSSL_ASYNC
- myself = openssl_ctx_handshake_rx;
- if (SSL_get_async_estatus (oc->ssl, &estatus)
- && (estatus == ENGINE_STATUS_RETRY))
- {
- vpp_ssl_async_retry_func (ctx, myself);
- }
- else if (err == SSL_ERROR_WANT_ASYNC)
+ if (err == SSL_ERROR_WANT_ASYNC)
{
- vpp_ssl_async_process_event (ctx, myself);
+ SSL_get_async_status (oc->ssl, &estatus);
+
+ if (estatus == ASYNC_STATUS_EAGAIN)
+ {
+ vpp_ssl_async_retry_func (ctx, myself);
+ }
}
#endif
}
static inline int
-openssl_ctx_write (tls_ctx_t * ctx, stream_session_t * app_session)
+openssl_ctx_write (tls_ctx_t * ctx, session_t * app_session)
{
openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
int wrote = 0, rv, read, max_buf = 100 * TLS_CHUNK_SIZE, max_space;
u32 enq_max, deq_max, deq_now, to_write;
- stream_session_t *tls_session;
+ session_t *tls_session;
svm_fifo_t *f;
- f = app_session->server_tx_fifo;
+ f = app_session->tx_fifo;
deq_max = svm_fifo_max_dequeue (f);
if (!deq_max)
goto check_tls_fifo;
tls_add_vpp_q_builtin_tx_evt (app_session);
goto check_tls_fifo;
}
- svm_fifo_dequeue_drop (app_session->server_tx_fifo, wrote);
+ svm_fifo_dequeue_drop (app_session->tx_fifo, wrote);
if (wrote < deq_now)
{
to_write = clib_min (svm_fifo_max_read_chunk (f), deq_now - wrote);
rv = SSL_write (oc->ssl, svm_fifo_head (f), to_write);
if (rv > 0)
{
- svm_fifo_dequeue_drop (app_session->server_tx_fifo, rv);
+ svm_fifo_dequeue_drop (app_session->tx_fifo, rv);
wrote += rv;
}
}
return wrote;
tls_session = session_get_from_handle (ctx->tls_session_handle);
- f = tls_session->server_tx_fifo;
+ f = tls_session->tx_fifo;
enq_max = svm_fifo_max_enqueue (f);
if (!enq_max)
{
}
static inline int
-openssl_ctx_read (tls_ctx_t * ctx, stream_session_t * tls_session)
+openssl_ctx_read (tls_ctx_t * ctx, session_t * tls_session)
{
int read, wrote = 0, max_space, max_buf = 100 * TLS_CHUNK_SIZE, rv;
openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
u32 deq_max, enq_max, deq_now, to_read;
- stream_session_t *app_session;
+ session_t *app_session;
svm_fifo_t *f;
if (PREDICT_FALSE (SSL_in_init (oc->ssl)))
return 0;
}
- f = tls_session->server_rx_fifo;
+ f = tls_session->rx_fifo;
deq_max = svm_fifo_max_dequeue (f);
max_space = max_buf - BIO_ctrl_pending (oc->wbio);
max_space = max_space < 0 ? 0 : max_space;
return wrote;
app_session = session_get_from_handle (ctx->app_session_handle);
- f = app_session->server_rx_fifo;
+ f = app_session->rx_fifo;
enq_max = svm_fifo_max_enqueue (f);
if (!enq_max)
{
long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
openssl_main_t *om = &openssl_main;
- stream_session_t *tls_session;
+ session_t *tls_session;
const SSL_METHOD *method;
int rv, err;
#ifdef HAVE_OPENSSL_ASYNC
#ifdef HAVE_OPENSSL_ASYNC
if (om->async)
SSL_CTX_set_mode (ssl_ctx, SSL_MODE_ASYNC);
+ SSL_CTX_set_async_callback (ssl_ctx, tls_async_openssl_callback);
#endif
SSL_CTX_set_options (ssl_ctx, flags);
SSL_CTX_set_ecdh_auto (ssl_ctx, 1);
openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
u32 olc_index = ctx->tls_ssl_ctx;
openssl_listen_ctx_t *olc;
- stream_session_t *tls_session;
+ session_t *tls_session;
int rv, err;
#ifdef HAVE_OPENSSL_ASYNC
openssl_resume_handler *handler;