tls: small refactor for Picotls engine ctx_write function

[vpp.git] / src / plugins / tlspicotls / tls_picotls.c

diff --git a/src/plugins/tlspicotls/tls_picotls.c b/src/plugins/tlspicotls/tls_picotls.c
index 054f01a..4c500d1 100644 (file)
--- a/src/plugins/tlspicotls/tls_picotls.c
+++ b/src/plugins/tlspicotls/tls_picotls.c
@@ -2,6 +2,7 @@
 
 #include "certs.h"
 #include "tls_picotls.h"
+#include "pico_vpp_crypto.h"
 
 picotls_main_t picotls_main;
 
@@ -130,7 +131,7 @@ picotls_start_listen (tls_ctx_t * lctx)
   if (!ckpair || !ckpair->cert || !ckpair->key)
     {
       TLS_DBG (1, "tls cert and/or key not configured %d",
-              ctx->parent_app_wrk_index);
+              lctx->parent_app_wrk_index);
       return -1;
     }
 
@@ -151,7 +152,7 @@ picotls_start_listen (tls_ctx_t * lctx)
   /* setup protocol related functions */
   ptls_ctx->key_exchanges = key_exchange;
   ptls_ctx->random_bytes = ptls_openssl_random_bytes;
-  ptls_ctx->cipher_suites = ptls_openssl_cipher_suites;
+  ptls_ctx->cipher_suites = ptls_vpp_crypto_cipher_suites;
   ptls_ctx->get_time = &ptls_get_time;
 
   lctx->tls_ssl_ctx = ptls_lctx_idx;
@@ -385,17 +386,17 @@ final:
 }
 
 static inline int
-picotls_content_process (ptls_t * tls, svm_fifo_t * src_fifo,
+picotls_content_process (picotls_ctx_t * ptls_ctx, svm_fifo_t * src_fifo,
                         svm_fifo_t * dst_fifo, int content_len,
                         int total_record_overhead, int is_no_copy)
 {
-  ptls_buffer_t _buf, *buf = &_buf;
+  ptls_buffer_t *buf = &ptls_ctx->write_buffer;
   int total_length = content_len + total_record_overhead;
   int to_dst_len;
   if (is_no_copy)
     {
       ptls_buffer_init (buf, svm_fifo_tail (dst_fifo), total_length);
-      ptls_send (tls, buf, svm_fifo_head (src_fifo), content_len);
+      ptls_send (ptls_ctx->tls, buf, svm_fifo_head (src_fifo), content_len);
 
       assert (!buf->is_allocated);
       assert (buf->base == svm_fifo_tail (dst_fifo));
@@ -406,19 +407,16 @@ picotls_content_process (ptls_t * tls, svm_fifo_t * src_fifo,
     }
   else
     {
-      uint8_t *buf_content = malloc (total_length);
-      ptls_buffer_init (buf, buf_content, total_length);
+      assert (!TLS_WRITE_IS_LEFT (ptls_ctx));
+      vec_validate (ptls_ctx->write_content, total_length);
+      ptls_buffer_init (buf, ptls_ctx->write_content, total_length);
 
-      ptls_send (tls, buf, svm_fifo_head (src_fifo), content_len);
+      ptls_send (ptls_ctx->tls, buf, svm_fifo_head (src_fifo), content_len);
       svm_fifo_dequeue_drop (src_fifo, content_len);
 
       to_dst_len = svm_fifo_enqueue (dst_fifo, buf->off, buf->base);
-      if (to_dst_len < buf->off)
-       to_dst_len +=
-         svm_fifo_enqueue (dst_fifo, buf->off - to_dst_len,
-                           buf->base + to_dst_len);
-      ptls_buffer_dispose (buf);
     }
+  ptls_ctx->write_buffer_offset += to_dst_len;
   return to_dst_len;
 }
 
@@ -439,15 +437,42 @@ picotls_ctx_write (tls_ctx_t * ctx, session_t * app_session)
   tls_tx_fifo = tls_session->tx_fifo;
   app_tx_fifo = app_session->tx_fifo;
 
+  if (PREDICT_FALSE (TLS_WRITE_IS_LEFT (ptls_ctx)))
+    {
+      enq_max = svm_fifo_max_enqueue_prod (tls_tx_fifo);
+      int to_write = clib_min (enq_max,
+                              ptls_ctx->write_buffer.off -
+                              ptls_ctx->write_buffer_offset);
+      to_tls_len =
+       svm_fifo_enqueue (tls_tx_fifo, to_write, TLS_WRITE_OFFSET (ptls_ctx));
+      if (to_tls_len < 0)
+       {
+         tls_add_vpp_q_builtin_tx_evt (app_session);
+         return 0;
+       }
+      ptls_ctx->write_buffer_offset += to_tls_len;
+
+      if (TLS_WRITE_IS_LEFT (ptls_ctx))
+       {
+         tls_add_vpp_q_builtin_tx_evt (app_session);
+         return to_tls_len;
+       }
+      else
+       {
+         ptls_buffer_init (&ptls_ctx->write_buffer, "", 0);
+         ptls_ctx->write_buffer_offset = 0;
+       }
+
+    }
+
   deq_max = svm_fifo_max_dequeue_cons (app_tx_fifo);
   if (!deq_max)
     return deq_max;
   deq_now = clib_min (deq_max, svm_fifo_max_read_chunk (app_tx_fifo));
 
   enq_max = svm_fifo_max_enqueue_prod (tls_tx_fifo);
-
     /** There is no engough enqueue space for one record **/
-  if (enq_max < record_overhead)
+  if (enq_max <= record_overhead)
     {
       tls_add_vpp_q_builtin_tx_evt (app_session);
       return 0;
@@ -465,8 +490,6 @@ picotls_ctx_write (tls_ctx_t * ctx, session_t * app_session)
       total_overhead = num_records * record_overhead;
       if (from_app_len + total_overhead > enq_now)
        from_app_len = enq_now - total_overhead;
-
-
     }
   else
     {
@@ -476,12 +499,16 @@ picotls_ctx_write (tls_ctx_t * ctx, session_t * app_session)
       total_overhead = num_records * record_overhead;
       if (from_app_len + total_overhead > enq_max)
        from_app_len = enq_max - total_overhead;
-
     }
 
   to_tls_len =
-    picotls_content_process (ptls_ctx->tls, app_tx_fifo, tls_tx_fifo,
+    picotls_content_process (ptls_ctx, app_tx_fifo, tls_tx_fifo,
                             from_app_len, total_overhead, is_nocopy);
+  if (!TLS_WRITE_IS_LEFT (ptls_ctx))
+    {
+      ptls_ctx->write_buffer_offset = 0;
+      ptls_buffer_init (&ptls_ctx->write_buffer, "", 0);
+    }
 
   if (svm_fifo_needs_deq_ntf (app_tx_fifo, from_app_len))
     session_dequeue_notify (app_session);
@@ -489,7 +516,7 @@ picotls_ctx_write (tls_ctx_t * ctx, session_t * app_session)
   if (to_tls_len)
     tls_add_vpp_q_tx_evt (tls_session);
 
-  if (from_app_len < deq_max)
+  if (from_app_len < deq_max || TLS_WRITE_IS_LEFT (ptls_ctx))
     tls_add_vpp_q_builtin_tx_evt (app_session);
 
   if (ctx->app_closed)
@@ -518,6 +545,7 @@ picotls_ctx_init_server (tls_ctx_t * ctx)
 
   ptls_ctx->rx_content = malloc (MAX_QUEUE);
 
+  ptls_ctx->write_buffer_offset = 0;
   return 0;
 }