tls_session_reset_callback (session_t * s)
{
tls_ctx_t *ctx;
+ transport_connection_t *tc;
+ session_t *app_session;
ctx = tls_ctx_get (s->opaque);
- session_transport_reset_notify (&ctx->connection);
- session_transport_closed_notify (&ctx->connection);
+ tc = &ctx->connection;
+ if (tls_ctx_handshake_is_over (ctx))
+ {
+ session_transport_reset_notify (tc);
+ session_transport_closed_notify (tc);
+ }
+ else if ((app_session = session_get (tc->s_index, tc->thread_index)))
+ session_free (app_session);
tls_disconnect_transport (ctx);
}
TLS_DBG (1, "TCP disconnecting handle %x session %u", tls_session->opaque,
tls_session->session_index);
- ctx = tls_ctx_get (tls_session->opaque);
+ ASSERT (tls_session->thread_index == vlib_get_thread_index ()
+ || vlib_thread_is_main_w_barrier ());
+
+ ctx = tls_ctx_get_w_thread (tls_session->opaque, tls_session->thread_index);
ctx->is_passive_close = 1;
tls_ctx_transport_close (ctx);
}
/* Preallocate app session. Avoids allocating a session post handshake
* on tls_session rx and potentially invalidating the session pool */
app_session = session_alloc (ctx->c_thread_index);
- app_session->session_state = SESSION_STATE_CLOSED;
+ app_session->session_state = SESSION_STATE_CREATED;
ctx->c_s_index = app_session->session_index;
TLS_DBG (1, "Accept on listener %u new connection [%u]%x",
/* Preallocate app session. Avoids allocating a session post handshake
* on tls_session rx and potentially invalidating the session pool */
app_session = session_alloc (ctx->c_thread_index);
- app_session->session_state = SESSION_STATE_CLOSED;
+ app_session->session_state = SESSION_STATE_CREATED;
ctx->c_s_index = app_session->session_index;
return tls_ctx_init_client (ctx);
tls_config_fn (vlib_main_t * vm, unformat_input_t * input)
{
tls_main_t *tm = &tls_main;
+ uword tmp;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "use-test-cert-in-ca"))
else if (unformat (input, "first-segment-size %U", unformat_memory_size,
&tm->first_seg_size))
;
- else if (unformat (input, "fifo-size %U", unformat_memory_size,
- &tm->fifo_size))
- ;
+ else if (unformat (input, "fifo-size %U", unformat_memory_size, &tmp))
+ {
+ if (tmp >= 0x100000000ULL)
+ {
+ return clib_error_return
+ (0, "fifo-size %llu (0x%llx) too large", tmp, tmp);
+ }
+ tm->fifo_size = tmp;
+ }
else
return clib_error_return (0, "unknown input `%U'",
format_unformat_error, input);