summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorin Coras <fcoras@cisco.com>2019-02-18 22:39:39 -0800
committerDamjan Marion <dmarion@me.com>2019-02-20 09:34:30 +0000
commit8a140616a5bab477817e7ed59afe6b01bd3d2f3a (patch)
treee2be74643d523312b896d2757d9e59b98c8f87c6
parent8c2dd1bf54af71e4b256bdf885efe2ac53fc6c86 (diff)
tls: add vcl test
Change-Id: If4c7efaf6506a827e7a95a56c2f6b6060df03fa1 Signed-off-by: Florin Coras <fcoras@cisco.com>
-rw-r--r--src/vcl/vcl_test_client.c2
-rw-r--r--src/vnet/session/application.c8
-rw-r--r--src/vnet/session/session_types.h1
-rw-r--r--src/vnet/tls/tls.c5
-rw-r--r--test/test_vcl.py36
5 files changed, 44 insertions, 8 deletions
diff --git a/src/vcl/vcl_test_client.c b/src/vcl/vcl_test_client.c
index 70fe75d9acd..06322a057f5 100644
--- a/src/vcl/vcl_test_client.c
+++ b/src/vcl/vcl_test_client.c
@@ -1007,13 +1007,13 @@ main (int argc, char **argv)
if (vcm->proto == VPPCOM_PROTO_TLS)
{
+ vtinf ("Adding tls certs ...");
vppcom_session_tls_add_cert (ctrl->fd, vcl_test_crt_rsa,
vcl_test_crt_rsa_len);
vppcom_session_tls_add_key (ctrl->fd, vcl_test_key_rsa,
vcl_test_key_rsa_len);
}
-
vtinf ("Connecting to server...");
rv = vppcom_session_connect (ctrl->fd, &vcm->server_endpt);
if (rv)
diff --git a/src/vnet/session/application.c b/src/vnet/session/application.c
index a782792f83f..e79851cab4c 100644
--- a/src/vnet/session/application.c
+++ b/src/vnet/session/application.c
@@ -955,14 +955,8 @@ session_endpoint_update_for_app (session_endpoint_cfg_t * sep,
/* App is a transport proto, so fetch the calling app's ns */
if (app->flags & APP_OPTIONS_FLAGS_IS_TRANSPORT_APP)
- {
- app_worker_t *owner_wrk;
- application_t *owner_app;
+ ns_index = sep->ns_index;
- owner_wrk = app_worker_get (sep->app_wrk_index);
- owner_app = application_get (owner_wrk->app_index);
- ns_index = owner_app->ns_index;
- }
app_ns = app_namespace_get (ns_index);
if (!app_ns)
return;
diff --git a/src/vnet/session/session_types.h b/src/vnet/session/session_types.h
index e10dceafa16..efa3dea950c 100644
--- a/src/vnet/session/session_types.h
+++ b/src/vnet/session/session_types.h
@@ -40,6 +40,7 @@ typedef struct _session_endpoint_cfg
#undef _
u32 app_wrk_index;
u32 opaque;
+ u32 ns_index;
u8 *hostname;
} session_endpoint_cfg_t;
diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index eda75ff4225..373da7b512c 100644
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@@ -203,6 +203,7 @@ tls_notify_app_accept (tls_ctx_t * ctx)
app_session->session_type = app_listener->session_type;
app_session->listener_index = app_listener->session_index;
app_session->t_app_index = tls_main.app_index;
+ app_session->session_state = SESSION_STATE_ACCEPTING;
if ((rv = app_worker_init_accepted (app_session)))
{
@@ -546,6 +547,7 @@ tls_connect (transport_endpoint_cfg_t * tep)
cargs->sep.transport_proto = TRANSPORT_PROTO_TCP;
cargs->app_index = tm->app_index;
cargs->api_context = ctx_index;
+ cargs->sep_ext.ns_index = app->ns_index;
if ((rv = vnet_connect (cargs)))
return rv;
@@ -596,6 +598,7 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep)
clib_memset (args, 0, sizeof (*args));
args->app_index = tm->app_index;
args->sep_ext = *sep;
+ args->sep_ext.ns_index = app->ns_index;
if (vnet_listen (args))
return -1;
@@ -704,6 +707,7 @@ u8 *
format_tls_listener (u8 * s, va_list * args)
{
u32 tc_index = va_arg (*args, u32);
+ u32 __clib_unused verbose = va_arg (*args, u32);
tls_ctx_t *ctx = tls_listener_ctx_get (tc_index);
u32 listener_index, thread_index;
@@ -767,6 +771,7 @@ tls_init (vlib_main_t * vm)
a->options = options;
a->name = format (0, "tls");
a->options[APP_OPTIONS_SEGMENT_SIZE] = segment_size;
+ a->options[APP_OPTIONS_ADD_SEGMENT_SIZE] = segment_size;
a->options[APP_OPTIONS_RX_FIFO_SIZE] = fifo_size;
a->options[APP_OPTIONS_TX_FIFO_SIZE] = fifo_size;
a->options[APP_OPTIONS_FLAGS] = APP_OPTIONS_FLAGS_IS_BUILTIN;
diff --git a/test/test_vcl.py b/test/test_vcl.py
index bd7eb76f07e..d88d94454dd 100644
--- a/test/test_vcl.py
+++ b/test/test_vcl.py
@@ -422,6 +422,42 @@ class VCLThruHostStackEcho(VCLTestCase):
super(VCLThruHostStackEcho, self).tearDown()
+class VCLThruHostStackTLS(VCLTestCase):
+ """ VCL Thru Host Stack TLS """
+
+ @classmethod
+ def setUpClass(cls):
+ super(VCLThruHostStackTLS, cls).setUpClass()
+
+ @classmethod
+ def tearDownClass(cls):
+ super(VCLThruHostStackTLS, cls).tearDownClass()
+
+ def setUp(self):
+ super(VCLThruHostStackTLS, self).setUp()
+
+ self.thru_host_stack_setup()
+ self.client_uni_dir_tls_timeout = 20
+ self.server_tls_args = ["-S", self.server_port]
+ self.client_uni_dir_tls_test_args = ["-N", "1000", "-U", "-X", "-S",
+ self.loop0.local_ip4,
+ self.server_port]
+
+ def test_vcl_thru_host_stack_tls_uni_dir(self):
+ """ run VCL thru host stack uni-directional TLS test """
+
+ self.timeout = self.client_uni_dir_tls_timeout
+ self.thru_host_stack_test("vcl_test_server", self.server_tls_args,
+ "vcl_test_client",
+ self.client_uni_dir_tls_test_args)
+
+ def tearDown(self):
+ self.logger.debug(self.vapi.cli("show app server"))
+ self.logger.debug(self.vapi.cli("show session verbose"))
+ self.thru_host_stack_tear_down()
+ super(VCLThruHostStackTLS, self).tearDown()
+
+
class VCLThruHostStackBidirNsock(VCLTestCase):
""" VCL Thru Host Stack Bidir Nsock """