{
openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
SSL_shutdown (oc->ssl);
- tls_disconnect_transport (ctx);
+ if (ctx->flags & TLS_CONN_F_SHUTDOWN_TRANSPORT)
+ tls_shutdown_transport (ctx);
+ else
+ tls_disconnect_transport (ctx);
session_transport_closed_notify (&ctx->connection);
}
clib_warning ("disconnect returned");
}
+void
+tls_shutdown_transport (tls_ctx_t *ctx)
+{
+ vnet_shutdown_args_t a = {
+ .handle = ctx->tls_session_handle,
+ .app_index = ctx->ts_app_index,
+ };
+
+ if (vnet_shutdown_session (&a))
+ clib_warning ("shutdown returned");
+}
+
crypto_engine_type_t
tls_get_available_engine (void)
{
return ctx_index;
}
+void
+tls_shutdown (u32 ctx_handle, clib_thread_index_t thread_index)
+{
+ tls_ctx_t *ctx;
+
+ TLS_DBG (1, "Disconnecting %x", ctx_handle);
+
+ ctx = tls_ctx_get (ctx_handle);
+ ctx->flags |= TLS_CONN_F_APP_CLOSED;
+ ctx->flags |= TLS_CONN_F_SHUTDOWN_TRANSPORT;
+ tls_ctx_app_close (ctx);
+}
+
void
tls_disconnect (u32 ctx_handle, clib_thread_index_t thread_index)
{
static const transport_proto_vft_t tls_proto = {
.enable = tls_enable,
.connect = tls_connect,
+ .half_close = tls_shutdown,
.close = tls_disconnect,
.start_listen = tls_start_listen,
.stop_listen = tls_stop_listen,
_ (NO_APP_SESSION, "no-app-session") \
_ (RESUME, "resume") \
_ (HS_DONE, "handshake-done") \
- _ (ASYNC_RD, "async-read")
+ _ (ASYNC_RD, "async-read") \
+ _ (SHUTDOWN_TRANSPORT, "shutdown-transport")
typedef enum tls_conn_flags_bit_
{
void tls_notify_app_enqueue (tls_ctx_t * ctx, session_t * app_session);
void tls_notify_app_io_error (tls_ctx_t *ctx);
void tls_disconnect_transport (tls_ctx_t * ctx);
+void tls_shutdown_transport (tls_ctx_t *ctx);
void tls_add_postponed_ho_cleanups (u32 ho_index);
void tls_flush_postponed_ho_cleanups ();
Code Review / vpp.git / commitdiff