diff options
| author |   Florin Coras <fcoras@cisco.com> | 2020-02-26 02:56:14 +0000 |
|---|---|---|
| committer |   Damjan Marion <dmarion@me.com> | 2020-02-26 12:02:42 +0000 |
| commit | aab0604c47f9d6e3fadb894b3f081085833f62b3 (patch) | |
| tree | 0b57993c8b18494392895b851cf55a665ca4dc89 | |
| parent | 31b9a59cbfdd86d15194449ac195d258191532bb (diff) | |
tls session: fix unlisten
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie3bc31fc3df662e087f7931de6c274eb3608a2d8
| -rw-r--r-- | src/plugins/tlsopenssl/tls_openssl.c | 4 | ||||
| -rw-r--r-- | src/svm/svm_fifo.c | 1 | ||||
| -rw-r--r-- | src/vnet/session/session_lookup.c | 26 | ||||
| -rw-r--r-- | src/vnet/session/session_lookup.h | 1 | ||||
| -rw-r--r-- | src/vnet/tls/tls.c | 15 |
5 files changed, 42 insertions, 5 deletions
diff --git a/src/plugins/tlsopenssl/tls_openssl.c b/src/plugins/tlsopenssl/tls_openssl.c index 078dd2f5b77..f897b64800b 100644 --- a/src/plugins/tlsopenssl/tls_openssl.c +++ b/src/plugins/tlsopenssl/tls_openssl.c @@ -200,8 +200,6 @@ openssl_write_from_fifo_into_bio (svm_fifo_t * f, BIO * bio, u32 len) int wrote, rv; u32 deq_now; - svm_fifo_fill_chunk_list (f); - deq_now = clib_min (svm_fifo_max_read_chunk (f), len); wrote = BIO_write (bio, svm_fifo_head (f), deq_now); if (wrote <= 0) @@ -234,8 +232,6 @@ openssl_write_from_fifo_into_ssl (svm_fifo_t * f, SSL * ssl, u32 len) int wrote = 0, rv; u32 deq_now; - svm_fifo_fill_chunk_list (f); - deq_now = clib_min (svm_fifo_max_read_chunk (f), len); wrote = SSL_write (ssl, svm_fifo_head (f), deq_now); if (wrote <= 0) diff --git a/src/svm/svm_fifo.c b/src/svm/svm_fifo.c index 81750b65391..1723cb4fa95 100644 --- a/src/svm/svm_fifo.c +++ b/src/svm/svm_fifo.c @@ -801,7 +801,6 @@ f_try_chunk_alloc (svm_fifo_t * f, u32 head, u32 tail, u32 len) u32 alloc_size, free_alloced; free_alloced = f_chunk_end (f->end_chunk) - tail; - ASSERT (free_alloced < len); alloc_size = clib_min (f->min_alloc, f->size - (tail - head)); alloc_size = clib_max (alloc_size, len - free_alloced); diff --git a/src/vnet/session/session_lookup.c b/src/vnet/session/session_lookup.c index abaad5019fa..986832346fc 100644 --- a/src/vnet/session/session_lookup.c +++ b/src/vnet/session/session_lookup.c @@ -300,6 +300,32 @@ session_lookup_del_session_endpoint (u32 table_index, } } +int +session_lookup_del_session_endpoint2 (session_endpoint_t * sep) +{ + fib_protocol_t fib_proto; + session_table_t *st; + session_kv4_t kv4; + session_kv6_t kv6; + + fib_proto = sep->is_ip4 ? FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6; + st = session_table_get_for_fib_index (fib_proto, sep->fib_index); + if (!st) + return -1; + if (sep->is_ip4) + { + make_v4_listener_kv (&kv4, &sep->ip.ip4, sep->port, + sep->transport_proto); + return clib_bihash_add_del_16_8 (&st->v4_session_hash, &kv4, 0); + } + else + { + make_v6_listener_kv (&kv6, &sep->ip.ip6, sep->port, + sep->transport_proto); + return clib_bihash_add_del_48_8 (&st->v6_session_hash, &kv6, 0); + } +} + /** * Delete transport connection from session table * diff --git a/src/vnet/session/session_lookup.h b/src/vnet/session/session_lookup.h index c2e644654fb..8224219c4e2 100644 --- a/src/vnet/session/session_lookup.h +++ b/src/vnet/session/session_lookup.h @@ -80,6 +80,7 @@ int session_lookup_add_session_endpoint (u32 table_index, session_endpoint_t * sep, u64 value); int session_lookup_del_session_endpoint (u32 table_index, session_endpoint_t * sep); +int session_lookup_del_session_endpoint2 (session_endpoint_t * sep); int session_lookup_del_session (session_t * s); int session_lookup_del_half_open (transport_connection_t * tc); int session_lookup_add_half_open (transport_connection_t * tc, u64 value); diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c index 257f48cd9ba..73a54c86282 100644 --- a/src/vnet/tls/tls.c +++ b/src/vnet/tls/tls.c @@ -663,11 +663,26 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep) u32 tls_stop_listen (u32 lctx_index) { + session_endpoint_t sep = SESSION_ENDPOINT_NULL; crypto_engine_type_t engine_type; + transport_connection_t *lc; tls_ctx_t *lctx; + session_t *ls; int rv; lctx = tls_listener_ctx_get (lctx_index); + + /* Cleanup listener from session lookup table */ + ls = session_get_from_handle (lctx->tls_session_handle); + lc = session_get_transport (ls); + + sep.fib_index = lc->fib_index; + sep.port = lc->lcl_port; + sep.is_ip4 = lc->is_ip4; + sep.transport_proto = TRANSPORT_PROTO_TLS; + clib_memcpy (&sep.ip, &lc->lcl_ip, sizeof (lc->lcl_ip)); + session_lookup_del_session_endpoint2 (&sep); + vnet_unlisten_args_t a = { .handle = lctx->tls_session_handle, .app_index = tls_main.app_index, |