From aab0604c47f9d6e3fadb894b3f081085833f62b3 Mon Sep 17 00:00:00 2001
From: Florin Coras <fcoras@cisco.com>
Date: Wed, 26 Feb 2020 02:56:14 +0000
Subject: [PATCH] tls session: fix unlisten

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie3bc31fc3df662e087f7931de6c274eb3608a2d8
---
 src/plugins/tlsopenssl/tls_openssl.c |  4 ----
 src/svm/svm_fifo.c                   |  1 -
 src/vnet/session/session_lookup.c    | 26 ++++++++++++++++++++++++++
 src/vnet/session/session_lookup.h    |  1 +
 src/vnet/tls/tls.c                   | 15 +++++++++++++++
 5 files changed, 42 insertions(+), 5 deletions(-)

diff --git a/src/plugins/tlsopenssl/tls_openssl.c b/src/plugins/tlsopenssl/tls_openssl.c
index 078dd2f5b77..f897b64800b 100644
--- a/src/plugins/tlsopenssl/tls_openssl.c
+++ b/src/plugins/tlsopenssl/tls_openssl.c
@@ -200,8 +200,6 @@ openssl_write_from_fifo_into_bio (svm_fifo_t * f, BIO * bio, u32 len)
   int wrote, rv;
   u32 deq_now;
 
-  svm_fifo_fill_chunk_list (f);
-
   deq_now = clib_min (svm_fifo_max_read_chunk (f), len);
   wrote = BIO_write (bio, svm_fifo_head (f), deq_now);
   if (wrote <= 0)
@@ -234,8 +232,6 @@ openssl_write_from_fifo_into_ssl (svm_fifo_t * f, SSL * ssl, u32 len)
   int wrote = 0, rv;
   u32 deq_now;
 
-  svm_fifo_fill_chunk_list (f);
-
   deq_now = clib_min (svm_fifo_max_read_chunk (f), len);
   wrote = SSL_write (ssl, svm_fifo_head (f), deq_now);
   if (wrote <= 0)
diff --git a/src/svm/svm_fifo.c b/src/svm/svm_fifo.c
index 81750b65391..1723cb4fa95 100644
--- a/src/svm/svm_fifo.c
+++ b/src/svm/svm_fifo.c
@@ -801,7 +801,6 @@ f_try_chunk_alloc (svm_fifo_t * f, u32 head, u32 tail, u32 len)
   u32 alloc_size, free_alloced;
 
   free_alloced = f_chunk_end (f->end_chunk) - tail;
-  ASSERT (free_alloced < len);
 
   alloc_size = clib_min (f->min_alloc, f->size - (tail - head));
   alloc_size = clib_max (alloc_size, len - free_alloced);
diff --git a/src/vnet/session/session_lookup.c b/src/vnet/session/session_lookup.c
index abaad5019fa..986832346fc 100644
--- a/src/vnet/session/session_lookup.c
+++ b/src/vnet/session/session_lookup.c
@@ -300,6 +300,32 @@ session_lookup_del_session_endpoint (u32 table_index,
     }
 }
 
+int
+session_lookup_del_session_endpoint2 (session_endpoint_t * sep)
+{
+  fib_protocol_t fib_proto;
+  session_table_t *st;
+  session_kv4_t kv4;
+  session_kv6_t kv6;
+
+  fib_proto = sep->is_ip4 ? FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6;
+  st = session_table_get_for_fib_index (fib_proto, sep->fib_index);
+  if (!st)
+    return -1;
+  if (sep->is_ip4)
+    {
+      make_v4_listener_kv (&kv4, &sep->ip.ip4, sep->port,
+			   sep->transport_proto);
+      return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4, 0);
+    }
+  else
+    {
+      make_v6_listener_kv (&kv6, &sep->ip.ip6, sep->port,
+			   sep->transport_proto);
+      return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6, 0);
+    }
+}
+
 /**
  * Delete transport connection from session table
  *
diff --git a/src/vnet/session/session_lookup.h b/src/vnet/session/session_lookup.h
index c2e644654fb..8224219c4e2 100644
--- a/src/vnet/session/session_lookup.h
+++ b/src/vnet/session/session_lookup.h
@@ -80,6 +80,7 @@ int session_lookup_add_session_endpoint (u32 table_index,
 					 session_endpoint_t * sep, u64 value);
 int session_lookup_del_session_endpoint (u32 table_index,
 					 session_endpoint_t * sep);
+int session_lookup_del_session_endpoint2 (session_endpoint_t * sep);
 int session_lookup_del_session (session_t * s);
 int session_lookup_del_half_open (transport_connection_t * tc);
 int session_lookup_add_half_open (transport_connection_t * tc, u64 value);
diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index 257f48cd9ba..73a54c86282 100644
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@@ -663,11 +663,26 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep)
 u32
 tls_stop_listen (u32 lctx_index)
 {
+  session_endpoint_t sep = SESSION_ENDPOINT_NULL;
   crypto_engine_type_t engine_type;
+  transport_connection_t *lc;
   tls_ctx_t *lctx;
+  session_t *ls;
   int rv;
 
   lctx = tls_listener_ctx_get (lctx_index);
+
+  /* Cleanup listener from session lookup table */
+  ls = session_get_from_handle (lctx->tls_session_handle);
+  lc = session_get_transport (ls);
+
+  sep.fib_index = lc->fib_index;
+  sep.port = lc->lcl_port;
+  sep.is_ip4 = lc->is_ip4;
+  sep.transport_proto = TRANSPORT_PROTO_TLS;
+  clib_memcpy (&sep.ip, &lc->lcl_ip, sizeof (lc->lcl_ip));
+  session_lookup_del_session_endpoint2 (&sep);
+
   vnet_unlisten_args_t a = {
     .handle = lctx->tls_session_handle,
     .app_index = tls_main.app_index,
-- 
2.16.6