}
int
-tls_add_vpp_q_rx_evt (stream_session_t * s)
+tls_add_vpp_q_rx_evt (session_t * s)
{
- if (svm_fifo_set_event (s->server_rx_fifo))
- session_send_io_evt_to_thread (s->server_rx_fifo, FIFO_EVENT_APP_RX);
+ if (svm_fifo_set_event (s->rx_fifo))
+ session_send_io_evt_to_thread (s->rx_fifo, FIFO_EVENT_APP_RX);
return 0;
}
int
-tls_add_vpp_q_builtin_rx_evt (stream_session_t * s)
+tls_add_vpp_q_builtin_rx_evt (session_t * s)
{
- if (svm_fifo_set_event (s->server_rx_fifo))
- session_send_io_evt_to_thread (s->server_rx_fifo, FIFO_EVENT_BUILTIN_RX);
+ if (svm_fifo_set_event (s->rx_fifo))
+ session_send_io_evt_to_thread (s->rx_fifo, FIFO_EVENT_BUILTIN_RX);
return 0;
}
int
-tls_add_vpp_q_tx_evt (stream_session_t * s)
+tls_add_vpp_q_tx_evt (session_t * s)
{
- if (svm_fifo_set_event (s->server_tx_fifo))
- session_send_io_evt_to_thread (s->server_tx_fifo, FIFO_EVENT_APP_TX);
+ if (svm_fifo_set_event (s->tx_fifo))
+ session_send_io_evt_to_thread (s->tx_fifo, FIFO_EVENT_APP_TX);
return 0;
}
int
-tls_add_vpp_q_builtin_tx_evt (stream_session_t * s)
+tls_add_vpp_q_builtin_tx_evt (session_t * s)
{
- if (svm_fifo_set_event (s->server_tx_fifo))
+ if (svm_fifo_set_event (s->tx_fifo))
session_send_io_evt_to_thread_custom (s, s->thread_index,
FIFO_EVENT_BUILTIN_TX);
return 0;
}
static inline int
-tls_add_app_q_evt (app_worker_t * app, stream_session_t * app_session)
+tls_add_app_q_evt (app_worker_t * app, session_t * app_session)
{
return app_worker_lock_and_send_event (app, app_session, FIFO_EVENT_APP_RX);
}
}
void
-tls_notify_app_enqueue (tls_ctx_t * ctx, stream_session_t * app_session)
+tls_notify_app_enqueue (tls_ctx_t * ctx, session_t * app_session)
{
app_worker_t *app;
app = app_worker_get_if_valid (app_session->app_wrk_index);
int
tls_notify_app_accept (tls_ctx_t * ctx)
{
- stream_session_t *app_listener, *app_session;
+ session_t *app_listener, *app_session;
segment_manager_t *sm;
app_worker_t *app_wrk;
application_t *app;
app = application_get (app_wrk->app_index);
lctx = tls_listener_ctx_get (ctx->listener_ctx_index);
- app_session = session_alloc (vlib_get_thread_index ());
+ app_session = session_get (ctx->c_s_index, ctx->c_thread_index);
app_session->app_wrk_index = ctx->parent_app_index;
app_session->connection_index = ctx->tls_ctx_handle;
TLS_DBG (1, "failed to allocate fifos");
return rv;
}
- ctx->c_s_index = app_session->session_index;
ctx->app_session_handle = session_handle (app_session);
session_lookup_add_connection (&ctx->connection,
session_handle (app_session));
int
tls_notify_app_connected (tls_ctx_t * ctx, u8 is_failed)
{
- int (*cb_fn) (u32, u32, stream_session_t *, u8);
- stream_session_t *app_session;
+ int (*cb_fn) (u32, u32, session_t *, u8);
+ session_t *app_session;
segment_manager_t *sm;
app_worker_t *app_wrk;
application_t *app;
goto failed;
sm = app_worker_get_connect_segment_manager (app_wrk);
- app_session = session_alloc (vlib_get_thread_index ());
+ app_session = session_get (ctx->c_s_index, ctx->c_thread_index);
app_session->app_wrk_index = ctx->parent_app_index;
app_session->connection_index = ctx->tls_ctx_handle;
app_session->session_type =
if (session_alloc_fifos (sm, app_session))
goto failed;
- ctx->app_session_handle = session_handle (app_session);
- ctx->c_s_index = app_session->session_index;
app_session->session_state = SESSION_STATE_CONNECTING;
if (cb_fn (ctx->parent_app_index, ctx->parent_app_api_context,
app_session, 0 /* not failed */ ))
return -1;
}
+ ctx->app_session_handle = session_handle (app_session);
app_session->session_state = SESSION_STATE_READY;
session_lookup_add_connection (&ctx->connection,
session_handle (app_session));
}
static inline int
-tls_ctx_write (tls_ctx_t * ctx, stream_session_t * app_session)
+tls_ctx_write (tls_ctx_t * ctx, session_t * app_session)
{
return tls_vfts[ctx->tls_ctx_engine].ctx_write (ctx, app_session);
}
static inline int
-tls_ctx_read (tls_ctx_t * ctx, stream_session_t * tls_session)
+tls_ctx_read (tls_ctx_t * ctx, session_t * tls_session)
{
return tls_vfts[ctx->tls_ctx_engine].ctx_read (ctx, tls_session);
}
}
void
-tls_session_reset_callback (stream_session_t * s)
+tls_session_reset_callback (session_t * s)
{
clib_warning ("called...");
}
int
-tls_add_segment_callback (u32 client_index, const ssvm_private_t * fs)
+tls_add_segment_callback (u32 client_index, u64 segment_handle)
{
/* No-op for builtin */
return 0;
}
int
-tls_del_segment_callback (u32 client_index, const ssvm_private_t * fs)
+tls_del_segment_callback (u32 client_index, u64 segment_handle)
{
return 0;
}
void
-tls_session_disconnect_callback (stream_session_t * tls_session)
+tls_session_disconnect_callback (session_t * tls_session)
{
- stream_session_t *app_session;
+ session_t *app_session;
tls_ctx_t *ctx;
app_worker_t *app_wrk;
application_t *app;
ctx = tls_ctx_get (tls_session->opaque);
if (!tls_ctx_handshake_is_over (ctx))
{
- stream_session_disconnect (tls_session);
+ session_close (tls_session);
return;
}
ctx->is_passive_close = 1;
}
int
-tls_session_accept_callback (stream_session_t * tls_session)
+tls_session_accept_callback (session_t * tls_session)
{
- stream_session_t *tls_listener;
+ session_t *tls_listener, *app_session;
tls_ctx_t *lctx, *ctx;
u32 ctx_handle;
ctx->tls_session_handle = session_handle (tls_session);
ctx->listener_ctx_index = tls_listener->opaque;
+ /* Preallocate app session. Avoids allocating a session post handshake
+ * on tls_session rx and potentially invalidating the session pool */
+ app_session = session_alloc (ctx->c_thread_index);
+ app_session->session_state = SESSION_STATE_CLOSED;
+ ctx->c_s_index = app_session->session_index;
+
TLS_DBG (1, "Accept on listener %u new connection [%u]%x",
tls_listener->opaque, vlib_get_thread_index (), ctx_handle);
}
int
-tls_app_tx_callback (stream_session_t * app_session)
+tls_app_tx_callback (session_t * app_session)
{
tls_ctx_t *ctx;
if (PREDICT_FALSE (app_session->session_state == SESSION_STATE_CLOSED))
}
int
-tls_app_rx_callback (stream_session_t * tls_session)
+tls_app_rx_callback (session_t * tls_session)
{
tls_ctx_t *ctx;
int
tls_session_connected_callback (u32 tls_app_index, u32 ho_ctx_index,
- stream_session_t * tls_session, u8 is_fail)
+ session_t * tls_session, u8 is_fail)
{
+ session_t *app_session;
tls_ctx_t *ho_ctx, *ctx;
u32 ctx_handle;
if (is_fail)
{
- int (*cb_fn) (u32, u32, stream_session_t *, u8), rv = 0;
+ int (*cb_fn) (u32, u32, session_t *, u8), rv = 0;
u32 wrk_index, api_context;
app_worker_t *app_wrk;
application_t *app;
tls_session->opaque = ctx_handle;
tls_session->session_state = SESSION_STATE_READY;
+ /* Preallocate app session. Avoids allocating a session post handshake
+ * on tls_session rx and potentially invalidating the session pool */
+ app_session = session_alloc (ctx->c_thread_index);
+ app_session->session_state = SESSION_STATE_CLOSED;
+ ctx->c_s_index = app_session->session_index;
+
return tls_ctx_init_client (ctx);
}
ctx = tls_ctx_get (ctx_handle);
tls_disconnect_transport (ctx);
- stream_session_delete_notify (&ctx->connection);
+ session_transport_delete_notify (&ctx->connection);
tls_ctx_free (ctx);
}
tls_main_t *tm = &tls_main;
session_handle_t tls_handle;
session_endpoint_cfg_t *sep;
- stream_session_t *tls_listener;
- stream_session_t *app_listener;
+ session_t *tls_listener;
+ session_t *app_listener;
tls_engine_type_t engine_type;
application_t *app;
tls_ctx_t *lctx;
s = format (s, "%-50U", format_tls_ctx, ctx, thread_index);
if (verbose)
{
- stream_session_t *ts;
+ session_t *ts;
ts = session_get_from_handle (ctx->app_session_handle);
s = format (s, "state: %-7u", ts->session_state);
if (verbose > 1)
/* *INDENT-OFF* */
const static transport_proto_vft_t tls_proto = {
- .open = tls_connect,
+ .connect = tls_connect,
.close = tls_disconnect,
- .bind = tls_start_listen,
+ .start_listen = tls_start_listen,
+ .stop_listen = tls_stop_listen,
.get_connection = tls_connection_get,
.get_listener = tls_listener_get,
- .unbind = tls_stop_listen,
.tx_type = TRANSPORT_TX_INTERNAL,
.service_type = TRANSPORT_SERVICE_APP,
.format_connection = format_tls_connection,