X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Ftls%2Ftls.c;h=73a54c86282320ba7169de753305734e32285f62;hb=6a32ce326495bfe48ebef74dfbb8a9c1cf37a530;hp=8359cca5c0047293f293fc8fc0439aabf3b0ef08;hpb=f4a92f6a1cf6b27318b6819ad3145b4020a27779;p=vpp.git

diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index 8359cca5c00..73a54c86282 100644
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@@ -252,8 +252,6 @@ tls_notify_app_connected (tls_ctx_t * ctx, u8 is_failed)
 
   ctx->app_session_handle = session_handle (app_session);
   app_session->session_state = SESSION_STATE_READY;
-  session_lookup_add_connection (&ctx->connection,
-				 session_handle (app_session));
 
   return 0;
 
@@ -360,15 +358,22 @@ tls_session_reset_callback (session_t * s)
   session_t *app_session;
 
   ctx = tls_ctx_get (s->opaque);
+  ctx->is_passive_close = 1;
   tc = &ctx->connection;
   if (tls_ctx_handshake_is_over (ctx))
     {
       session_transport_reset_notify (tc);
       session_transport_closed_notify (tc);
+      tls_disconnect_transport (ctx);
+    }
+  else
+    if ((app_session =
+	 session_get_if_valid (ctx->c_s_index, ctx->c_thread_index)))
+    {
+      session_free (app_session);
+      ctx->c_s_index = SESSION_INVALID_INDEX;
+      tls_disconnect_transport (ctx);
     }
-  else if ((app_session = session_get (tc->s_index, tc->thread_index)))
-    session_free (app_session);
-  tls_disconnect_transport (ctx);
 }
 
 int
@@ -658,11 +663,26 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep)
 u32
 tls_stop_listen (u32 lctx_index)
 {
+  session_endpoint_t sep = SESSION_ENDPOINT_NULL;
   crypto_engine_type_t engine_type;
+  transport_connection_t *lc;
   tls_ctx_t *lctx;
+  session_t *ls;
   int rv;
 
   lctx = tls_listener_ctx_get (lctx_index);
+
+  /* Cleanup listener from session lookup table */
+  ls = session_get_from_handle (lctx->tls_session_handle);
+  lc = session_get_transport (ls);
+
+  sep.fib_index = lc->fib_index;
+  sep.port = lc->lcl_port;
+  sep.is_ip4 = lc->is_ip4;
+  sep.transport_proto = TRANSPORT_PROTO_TLS;
+  clib_memcpy (&sep.ip, &lc->lcl_ip, sizeof (lc->lcl_ip));
+  session_lookup_del_session_endpoint2 (&sep);
+
   vnet_unlisten_args_t a = {
     .handle = lctx->tls_session_handle,
     .app_index = tls_main.app_index,