#include <vnet/tls/tls_test.h>
#include <svm/fifo_segment.h>
+typedef struct certificate_
+{
+ u32 *app_interests; /* vec of application index asking for deletion cb */
+ u32 cert_key_index; /* index in cert & key pool */
+ u8 *key;
+ u8 *cert;
+} app_cert_key_pair_t;
+
typedef struct _stream_session_cb_vft
{
/** Notify server of new segment */
/** Direct TX callback for built-in application */
int (*builtin_app_tx_callback) (session_t * session);
+ /** Cert and key pair delete notification */
+ int (*app_cert_key_pair_delete_callback) (app_cert_key_pair_t * ckpair);
+
} session_cb_vft_t;
#define foreach_app_init_args \
TLS_ENGINE_NONE,
TLS_ENGINE_MBEDTLS,
TLS_ENGINE_OPENSSL,
+ CRYPTO_ENGINE_VPP,
+ CRYPTO_ENGINE_PICOTLS,
TLS_N_ENGINES
} tls_engine_type_t;
+typedef struct _vnet_app_add_cert_key_pair_args_
+{
+ u8 *cert;
+ u8 *key;
+ u32 index;
+} vnet_app_add_cert_key_pair_args_t;
+
/* Application attach options */
typedef enum
{
clib_error_t *vnet_app_add_tls_cert (vnet_app_add_tls_cert_args_t * a);
clib_error_t *vnet_app_add_tls_key (vnet_app_add_tls_key_args_t * a);
+int vnet_app_add_cert_key_pair (vnet_app_add_cert_key_pair_args_t * a);
+int vnet_app_del_cert_key_pair (u32 index);
+int vent_app_add_cert_key_interest (u32 index, u32 app_index); /* Ask for app cb on pair deletion */
typedef struct app_session_transport_
{
u8 proto;
u8 is_ip4;
ip46_address_t ip;
+ u32 ckpair_index;
} __clib_packed session_listen_msg_t;
typedef struct session_listen_uri_msg_
u8 hostname_len;
u8 hostname[16];
u64 parent_handle;
+ u32 ckpair_index;
} __clib_packed session_connect_msg_t;
typedef struct session_connect_uri_msg_
return -2;
}
msg = svm_msg_q_alloc_msg_w_ring (mq, SESSION_MQ_IO_EVT_RING);
- if (PREDICT_FALSE (svm_msg_q_msg_is_invalid (&msg)))
- {
- svm_msg_q_unlock (mq);
- return -2;
- }
evt = (session_event_t *) svm_msg_q_msg_data (mq, &msg);
evt->session_index = session_index;
evt->event_type = evt_type;
else
{
svm_msg_q_lock (mq);
- while (svm_msg_q_ring_is_full (mq, SESSION_MQ_IO_EVT_RING))
+ while (svm_msg_q_ring_is_full (mq, SESSION_MQ_IO_EVT_RING)
+ || svm_msg_q_is_full (mq))
svm_msg_q_wait (mq);
msg = svm_msg_q_alloc_msg_w_ring (mq, SESSION_MQ_IO_EVT_RING);
evt = (session_event_t *) svm_msg_q_msg_data (mq, &msg);
evt->session_index = session_index;
evt->event_type = evt_type;
- if (svm_msg_q_is_full (mq))
- svm_msg_q_wait (mq);
svm_msg_q_add_and_unlock (mq, &msg);
return 0;
}