vcl: fix ldp recv return on error

[vpp.git] / src / vcl / ldp.c

diff --git a/src/vcl/ldp.c b/src/vcl/ldp.c
index 6dc44ec..0dbc6a5 100644 (file)
--- a/src/vcl/ldp.c
+++ b/src/vcl/ldp.c
@@ -99,6 +99,7 @@ typedef struct
   u32 vlsh_bit_val;
   u32 vlsh_bit_mask;
   u32 debug;
+  u8 transparent_tls;
 
   /** vcl needs next epoll_create to go to libc_epoll */
   u8 vcl_needs_real_epoll;
@@ -108,12 +109,17 @@ typedef struct
 
 #define LDBG(_lvl, _fmt, _args...)                                     \
   if (ldp->debug > _lvl)                                               \
-    clib_warning ("ldp<%d>: " _fmt, getpid(), ##_args)
+    {                                                                  \
+      int errno_saved = errno;                                         \
+      clib_warning ("ldp<%d>: " _fmt, getpid(), ##_args);              \
+      errno = errno_saved;                                             \
+    }
 
 static ldp_main_t ldp_main = {
   .vlsh_bit_val = (1 << LDP_SID_BIT_MIN),
   .vlsh_bit_mask = (1 << LDP_SID_BIT_MIN) - 1,
   .debug = LDP_DEBUG_INIT,
+  .transparent_tls = 0,
 };
 
 static ldp_main_t *ldp = &ldp_main;
@@ -130,11 +136,8 @@ ldp_worker_get_current (void)
 static inline void
 ldp_set_app_name (char *app_name)
 {
-  int rv = snprintf (ldp->app_name, LDP_APP_NAME_MAX,
-                    "ldp-%d-%s", getpid (), app_name);
-
-  if (rv >= LDP_APP_NAME_MAX)
-    app_name[LDP_APP_NAME_MAX - 1] = 0;
+  snprintf (ldp->app_name, LDP_APP_NAME_MAX,
+           "ldp-%d-%s", getpid (), app_name);
 }
 
 static inline char *
@@ -268,6 +271,11 @@ ldp_init (void)
          return -1;
        }
     }
+  env_var_str = getenv (LDP_ENV_TLS_TRANS);
+  if (env_var_str)
+    {
+      ldp->transparent_tls = 1;
+    }
 
   /* *INDENT-OFF* */
   pool_foreach (ldpw, ldp->workers, ({
@@ -372,24 +380,19 @@ readv (int fd, const struct iovec * iov, int iovcnt)
   vlsh = ldp_fd_to_vlsh (fd);
   if (vlsh != VLS_INVALID_HANDLE)
     {
-      do
+      for (i = 0; i < iovcnt; ++i)
        {
-         for (i = 0; i < iovcnt; ++i)
+         rv = vls_read (vlsh, iov[i].iov_base, iov[i].iov_len);
+         if (rv <= 0)
+           break;
+         else
            {
-             rv = vls_read (vlsh, iov[i].iov_base, iov[i].iov_len);
-             if (rv < 0)
+             total += rv;
+             if (rv < iov[i].iov_len)
                break;
-             else
-               {
-                 total += rv;
-                 if (rv < iov[i].iov_len)
-                   break;
-               }
            }
        }
-      while ((rv >= 0) && (total == 0));
-
-      if (rv < 0)
+      if (rv < 0 && total == 0)
        {
          errno = -rv;
          size = -1;
@@ -445,24 +448,20 @@ writev (int fd, const struct iovec * iov, int iovcnt)
   vlsh = ldp_fd_to_vlsh (fd);
   if (vlsh != VLS_INVALID_HANDLE)
     {
-      do
+      for (i = 0; i < iovcnt; ++i)
        {
-         for (i = 0; i < iovcnt; ++i)
+         rv = vls_write_msg (vlsh, iov[i].iov_base, iov[i].iov_len);
+         if (rv < 0)
+           break;
+         else
            {
-             rv = vls_write_msg (vlsh, iov[i].iov_base, iov[i].iov_len);
-             if (rv < 0)
+             total += rv;
+             if (rv < iov[i].iov_len)
                break;
-             else
-               {
-                 total += rv;
-                 if (rv < iov[i].iov_len)
-                   break;
-               }
            }
        }
-      while ((rv >= 0) && (total == 0));
 
-      if (rv < 0)
+      if (rv < 0 && total == 0)
        {
          errno = -rv;
          size = -1;
@@ -478,8 +477,13 @@ writev (int fd, const struct iovec * iov, int iovcnt)
   return size;
 }
 
+#ifdef HAVE_FCNTL64
+int
+fcntl64 (int fd, int cmd, ...)
+#else
 int
 fcntl (int fd, int cmd, ...)
+#endif
 {
   vls_handle_t vlsh;
   int rv = 0;
@@ -527,7 +531,11 @@ fcntl (int fd, int cmd, ...)
     }
   else
     {
+#ifdef HAVE_FCNTL64
+      rv = libc_vfcntl64 (fd, cmd, ap);
+#else
       rv = libc_vfcntl (fd, cmd, ap);
+#endif
     }
 
   va_end (ap);
@@ -636,6 +644,7 @@ ldp_select_vcl_map_to_libc (clib_bitmap_t * vclb, fd_set * __restrict libcb)
   /* *INDENT-OFF* */
   clib_bitmap_foreach (si, vclb, ({
     vlsh = vls_session_index_to_vlsh (si);
+    ASSERT (vlsh != VLS_INVALID_HANDLE);
     fd = ldp_vlsh_to_fd (vlsh);
     if (PREDICT_FALSE (fd < 0))
       {
@@ -870,6 +879,71 @@ pselect (int nfds, fd_set * __restrict readfds,
 }
 #endif
 
+/* If transparent TLS mode is turned on, then ldp will load key and cert.
+ */
+static int
+load_tls_cert (vls_handle_t vlsh)
+{
+  char *env_var_str = getenv (LDP_ENV_TLS_CERT);
+  char inbuf[4096];
+  char *tls_cert;
+  int cert_size;
+  FILE *fp;
+
+  if (env_var_str)
+    {
+      fp = fopen (env_var_str, "r");
+      if (fp == NULL)
+       {
+         LDBG (0, "ERROR: failed to open cert file %s \n", env_var_str);
+         return -1;
+       }
+      cert_size = fread (inbuf, sizeof (char), sizeof (inbuf), fp);
+      tls_cert = inbuf;
+      vppcom_session_tls_add_cert (vlsh_to_session_index (vlsh), tls_cert,
+                                  cert_size);
+      fclose (fp);
+    }
+  else
+    {
+      LDBG (0, "ERROR: failed to read LDP environment %s\n",
+           LDP_ENV_TLS_CERT);
+      return -1;
+    }
+  return 0;
+}
+
+static int
+load_tls_key (vls_handle_t vlsh)
+{
+  char *env_var_str = getenv (LDP_ENV_TLS_KEY);
+  char inbuf[4096];
+  char *tls_key;
+  int key_size;
+  FILE *fp;
+
+  if (env_var_str)
+    {
+      fp = fopen (env_var_str, "r");
+      if (fp == NULL)
+       {
+         LDBG (0, "ERROR: failed to open key file %s \n", env_var_str);
+         return -1;
+       }
+      key_size = fread (inbuf, sizeof (char), sizeof (inbuf), fp);
+      tls_key = inbuf;
+      vppcom_session_tls_add_key (vlsh_to_session_index (vlsh), tls_key,
+                                 key_size);
+      fclose (fp);
+    }
+  else
+    {
+      LDBG (0, "ERROR: failed to read LDP environment %s\n", LDP_ENV_TLS_KEY);
+      return -1;
+    }
+  return 0;
+}
+
 int
 socket (int domain, int type, int protocol)
 {
@@ -883,8 +957,14 @@ socket (int domain, int type, int protocol)
   if (((domain == AF_INET) || (domain == AF_INET6)) &&
       ((sock_type == SOCK_STREAM) || (sock_type == SOCK_DGRAM)))
     {
-      u8 proto = ((sock_type == SOCK_DGRAM) ?
-                 VPPCOM_PROTO_UDP : VPPCOM_PROTO_TCP);
+      u8 proto;
+      if (ldp->transparent_tls)
+       {
+         proto = VPPCOM_PROTO_TLS;
+       }
+      else
+       proto = ((sock_type == SOCK_DGRAM) ?
+                VPPCOM_PROTO_UDP : VPPCOM_PROTO_TCP);
 
       LDBG (0, "calling vls_create: proto %u (%s), is_nonblocking %u",
            proto, vppcom_proto_str (proto), is_nonblocking);
@@ -897,6 +977,13 @@ socket (int domain, int type, int protocol)
        }
       else
        {
+         if (ldp->transparent_tls)
+           {
+             if (load_tls_cert (vlsh) < 0 || load_tls_key (vlsh) < 0)
+               {
+                 return -1;
+               }
+           }
          rv = ldp_vlsh_to_fd (vlsh);
        }
     }
@@ -1415,7 +1502,10 @@ recv (int fd, void *buf, size_t n, int flags)
     {
       size = vls_recvfrom (vlsh, buf, n, flags, NULL);
       if (size < 0)
-       errno = -size;
+       {
+         errno = -size;
+         size = -1;
+       }
     }
   else
     {