From 8a140616a5bab477817e7ed59afe6b01bd3d2f3a Mon Sep 17 00:00:00 2001 From: Florin Coras Date: Mon, 18 Feb 2019 22:39:39 -0800 Subject: [PATCH] tls: add vcl test Change-Id: If4c7efaf6506a827e7a95a56c2f6b6060df03fa1 Signed-off-by: Florin Coras --- src/vcl/vcl_test_client.c | 2 +- src/vnet/session/application.c | 8 +------- src/vnet/session/session_types.h | 1 + src/vnet/tls/tls.c | 5 +++++ test/test_vcl.py | 36 ++++++++++++++++++++++++++++++++++++ 5 files changed, 44 insertions(+), 8 deletions(-) diff --git a/src/vcl/vcl_test_client.c b/src/vcl/vcl_test_client.c index 70fe75d9acd..06322a057f5 100644 --- a/src/vcl/vcl_test_client.c +++ b/src/vcl/vcl_test_client.c @@ -1007,13 +1007,13 @@ main (int argc, char **argv) if (vcm->proto == VPPCOM_PROTO_TLS) { + vtinf ("Adding tls certs ..."); vppcom_session_tls_add_cert (ctrl->fd, vcl_test_crt_rsa, vcl_test_crt_rsa_len); vppcom_session_tls_add_key (ctrl->fd, vcl_test_key_rsa, vcl_test_key_rsa_len); } - vtinf ("Connecting to server..."); rv = vppcom_session_connect (ctrl->fd, &vcm->server_endpt); if (rv) diff --git a/src/vnet/session/application.c b/src/vnet/session/application.c index a782792f83f..e79851cab4c 100644 --- a/src/vnet/session/application.c +++ b/src/vnet/session/application.c @@ -955,14 +955,8 @@ session_endpoint_update_for_app (session_endpoint_cfg_t * sep, /* App is a transport proto, so fetch the calling app's ns */ if (app->flags & APP_OPTIONS_FLAGS_IS_TRANSPORT_APP) - { - app_worker_t *owner_wrk; - application_t *owner_app; + ns_index = sep->ns_index; - owner_wrk = app_worker_get (sep->app_wrk_index); - owner_app = application_get (owner_wrk->app_index); - ns_index = owner_app->ns_index; - } app_ns = app_namespace_get (ns_index); if (!app_ns) return; diff --git a/src/vnet/session/session_types.h b/src/vnet/session/session_types.h index e10dceafa16..efa3dea950c 100644 --- a/src/vnet/session/session_types.h +++ b/src/vnet/session/session_types.h @@ -40,6 +40,7 @@ typedef struct _session_endpoint_cfg #undef _ u32 app_wrk_index; u32 opaque; + u32 ns_index; u8 *hostname; } session_endpoint_cfg_t; diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c index eda75ff4225..373da7b512c 100644 --- a/src/vnet/tls/tls.c +++ b/src/vnet/tls/tls.c @@ -203,6 +203,7 @@ tls_notify_app_accept (tls_ctx_t * ctx) app_session->session_type = app_listener->session_type; app_session->listener_index = app_listener->session_index; app_session->t_app_index = tls_main.app_index; + app_session->session_state = SESSION_STATE_ACCEPTING; if ((rv = app_worker_init_accepted (app_session))) { @@ -546,6 +547,7 @@ tls_connect (transport_endpoint_cfg_t * tep) cargs->sep.transport_proto = TRANSPORT_PROTO_TCP; cargs->app_index = tm->app_index; cargs->api_context = ctx_index; + cargs->sep_ext.ns_index = app->ns_index; if ((rv = vnet_connect (cargs))) return rv; @@ -596,6 +598,7 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep) clib_memset (args, 0, sizeof (*args)); args->app_index = tm->app_index; args->sep_ext = *sep; + args->sep_ext.ns_index = app->ns_index; if (vnet_listen (args)) return -1; @@ -704,6 +707,7 @@ u8 * format_tls_listener (u8 * s, va_list * args) { u32 tc_index = va_arg (*args, u32); + u32 __clib_unused verbose = va_arg (*args, u32); tls_ctx_t *ctx = tls_listener_ctx_get (tc_index); u32 listener_index, thread_index; @@ -767,6 +771,7 @@ tls_init (vlib_main_t * vm) a->options = options; a->name = format (0, "tls"); a->options[APP_OPTIONS_SEGMENT_SIZE] = segment_size; + a->options[APP_OPTIONS_ADD_SEGMENT_SIZE] = segment_size; a->options[APP_OPTIONS_RX_FIFO_SIZE] = fifo_size; a->options[APP_OPTIONS_TX_FIFO_SIZE] = fifo_size; a->options[APP_OPTIONS_FLAGS] = APP_OPTIONS_FLAGS_IS_BUILTIN; diff --git a/test/test_vcl.py b/test/test_vcl.py index bd7eb76f07e..d88d94454dd 100644 --- a/test/test_vcl.py +++ b/test/test_vcl.py @@ -422,6 +422,42 @@ class VCLThruHostStackEcho(VCLTestCase): super(VCLThruHostStackEcho, self).tearDown() +class VCLThruHostStackTLS(VCLTestCase): + """ VCL Thru Host Stack TLS """ + + @classmethod + def setUpClass(cls): + super(VCLThruHostStackTLS, cls).setUpClass() + + @classmethod + def tearDownClass(cls): + super(VCLThruHostStackTLS, cls).tearDownClass() + + def setUp(self): + super(VCLThruHostStackTLS, self).setUp() + + self.thru_host_stack_setup() + self.client_uni_dir_tls_timeout = 20 + self.server_tls_args = ["-S", self.server_port] + self.client_uni_dir_tls_test_args = ["-N", "1000", "-U", "-X", "-S", + self.loop0.local_ip4, + self.server_port] + + def test_vcl_thru_host_stack_tls_uni_dir(self): + """ run VCL thru host stack uni-directional TLS test """ + + self.timeout = self.client_uni_dir_tls_timeout + self.thru_host_stack_test("vcl_test_server", self.server_tls_args, + "vcl_test_client", + self.client_uni_dir_tls_test_args) + + def tearDown(self): + self.logger.debug(self.vapi.cli("show app server")) + self.logger.debug(self.vapi.cli("show session verbose")) + self.thru_host_stack_tear_down() + super(VCLThruHostStackTLS, self).tearDown() + + class VCLThruHostStackBidirNsock(VCLTestCase): """ VCL Thru Host Stack Bidir Nsock """ -- 2.16.6