aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorin Coras <fcoras@cisco.com>2021-04-22 11:48:35 -0700
committerDave Barach <openvpp@barachs.net>2021-04-23 14:59:48 +0000
commite5f18337f1f5d8b8578b6305b7c11276cc5a18a0 (patch)
tree9858c8d7bd7273a685abd646997afd2956e1f913
parent5724aecd20e8f5e50aba418d2a021ef02275d589 (diff)
tls quic: improve error reporting
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I92f0c1f7c0f4696fa12071440a643aa703d6306f
-rw-r--r--src/plugins/quic/quic.c12
-rw-r--r--src/vnet/session/session_types.h5
-rw-r--r--src/vnet/tls/tls.c13
3 files changed, 17 insertions, 13 deletions
diff --git a/src/plugins/quic/quic.c b/src/plugins/quic/quic.c
index cf697278cb7..929d745274f 100644
--- a/src/plugins/quic/quic.c
+++ b/src/plugins/quic/quic.c
@@ -345,7 +345,7 @@ quic_acquire_crypto_context (quic_ctx_t * ctx)
{
QUIC_DBG (1, "Quic does not support crypto engine %d",
ctx->crypto_engine);
- return VNET_API_ERROR_MISSING_CERT_KEY;
+ return SESSION_E_NOCRYPTOENG;
}
/* Check for exisiting crypto ctx */
@@ -377,7 +377,7 @@ quic_acquire_crypto_context (quic_ctx_t * ctx)
error:
quic_crypto_context_free_if_needed (crctx, ctx->c_thread_index);
- return VNET_API_ERROR_MISSING_CERT_KEY;
+ return SESSION_E_NOCRYPTOCKP;
}
/* Helper functions */
@@ -1314,7 +1314,7 @@ quic_connect_connection (session_endpoint_cfg_t * sep)
int error;
if (!sep->ext_cfg)
- return -1;
+ return SESSION_E_NOEXTCFG;
ccfg = &sep->ext_cfg->crypto;
@@ -1455,7 +1455,7 @@ quic_start_listen (u32 quic_listen_session_index, transport_endpoint_t * tep)
sep = (session_endpoint_cfg_t *) tep;
if (!sep->ext_cfg)
- return -1;
+ return SESSION_E_NOEXTCFG;
ccfg = &sep->ext_cfg->crypto;
app_wrk = app_worker_get (sep->app_wrk_index);
@@ -1496,8 +1496,8 @@ quic_start_listen (u32 quic_listen_session_index, transport_endpoint_t * tep)
lctx->c_s_index = quic_listen_session_index;
lctx->crypto_engine = ccfg->crypto_engine;
lctx->ckpair_index = ccfg->ckpair_index;
- if (quic_acquire_crypto_context (lctx))
- return -1;
+ if ((rv = quic_acquire_crypto_context (lctx)))
+ return rv;
QUIC_DBG (2, "Listening UDP session 0x%lx",
session_handle (udp_listen_session));
diff --git a/src/vnet/session/session_types.h b/src/vnet/session/session_types.h
index 9211df9e46d..c8b1d2eb001 100644
--- a/src/vnet/session/session_types.h
+++ b/src/vnet/session/session_types.h
@@ -475,7 +475,10 @@ STATIC_ASSERT (sizeof (session_dgram_hdr_t) == (SESSION_CONN_ID_LEN + 8),
_ (BAPI_NO_REG, "app bapi registration not found") \
_ (MQ_MSG_ALLOC, "failed to alloc mq msg") \
_ (TLS_HANDSHAKE, "failed tls handshake") \
- _ (EVENTFD_ALLOC, "failed to alloc eventfd")
+ _ (EVENTFD_ALLOC, "failed to alloc eventfd") \
+ _ (NOEXTCFG, "no extended transport config") \
+ _ (NOCRYPTOENG, "no crypto engine") \
+ _ (NOCRYPTOCKP, "cert key pair not found ")
typedef enum session_error_p_
{
diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index 808c151dac5..634d231494d 100644
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@@ -681,7 +681,7 @@ tls_connect (transport_endpoint_cfg_t * tep)
sep = (session_endpoint_cfg_t *) tep;
if (!sep->ext_cfg)
- return -1;
+ return SESSION_E_NOEXTCFG;
app_wrk = app_worker_get (sep->app_wrk_index);
app = application_get (app_wrk->app_index);
@@ -691,7 +691,7 @@ tls_connect (transport_endpoint_cfg_t * tep)
if (engine_type == CRYPTO_ENGINE_NONE)
{
clib_warning ("No tls engine_type available");
- return -1;
+ return SESSION_E_NOCRYPTOENG;
}
ctx_index = tls_ctx_half_open_alloc ();
@@ -750,10 +750,11 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep)
app_listener_t *al;
tls_ctx_t *lctx;
u32 lctx_index;
+ int rv;
sep = (session_endpoint_cfg_t *) tep;
if (!sep->ext_cfg)
- return -1;
+ return SESSION_E_NOEXTCFG;
app_wrk = app_worker_get (sep->app_wrk_index);
app = application_get (app_wrk->app_index);
@@ -763,7 +764,7 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep)
if (engine_type == CRYPTO_ENGINE_NONE)
{
clib_warning ("No tls engine_type available");
- return -1;
+ return SESSION_E_NOCRYPTOENG;
}
clib_memset (args, 0, sizeof (*args));
@@ -776,8 +777,8 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep)
args->sep_ext.transport_proto = TRANSPORT_PROTO_UDP;
args->sep_ext.transport_flags = TRANSPORT_CFG_F_CONNECTED;
}
- if (vnet_listen (args))
- return -1;
+ if ((rv = vnet_listen (args)))
+ return rv;
lctx_index = tls_listener_ctx_alloc ();
tls_al_handle = args->handle;