diff options
| author |   Florin Coras <fcoras@cisco.com> | 2021-04-21 09:05:56 -0700 |
|---|---|---|
| committer |   Florin Coras <florin.coras@gmail.com> | 2021-04-22 16:07:11 +0000 |
| commit | a54b62d77794dee48510e7c128d3ab2fc90934b3 (patch) | |
| tree | 019fb22c41ccf585c6a99bb778dc291f672abdc1 /src/plugins/hs_apps/proxy.c | |
| parent | c7e7819ad5c152168a5f1a217c3b72043fd48797 (diff) | |
vcl session: refactor passing of crypto context
Pass tls/quic crypto context using extended config instead of bloating
conect/listen messages.
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0bc637ae310e6c31ef1e16847501dcb81453ee94
Diffstat (limited to 'src/plugins/hs_apps/proxy.c')
| -rw-r--r-- | src/plugins/hs_apps/proxy.c | 34 |
1 files changed, 31 insertions, 3 deletions
diff --git a/src/plugins/hs_apps/proxy.c b/src/plugins/hs_apps/proxy.c index 000815813ce..1a49a0f1f3a 100644 --- a/src/plugins/hs_apps/proxy.c +++ b/src/plugins/hs_apps/proxy.c @@ -42,6 +42,8 @@ proxy_cb_fn (void *data, u32 data_len) a.app_index = pa->app_index; clib_memcpy (&a.sep_ext, &pa->sep, sizeof (pa->sep)); vnet_connect (&a); + if (a.sep_ext.ext_cfg) + clib_mem_free (a.sep_ext.ext_cfg); } static void @@ -50,6 +52,8 @@ proxy_call_main_thread (vnet_connect_args_t * a) if (vlib_get_thread_index () == 0) { vnet_connect (a); + if (a->sep_ext.ext_cfg) + clib_mem_free (a->sep_ext.ext_cfg); } else { @@ -283,6 +287,12 @@ proxy_add_segment_callback (u32 client_index, u64 segment_handle) } static int +proxy_transport_needs_crypto (transport_proto_t proto) +{ + return proto == TRANSPORT_PROTO_TLS; +} + +static int proxy_rx_callback (session_t * s) { proxy_main_t *pm = &proxy_main; @@ -353,9 +363,16 @@ proxy_rx_callback (session_t * s) clib_spinlock_unlock_if_init (&pm->sessions_lock); clib_memcpy (&a->sep_ext, &pm->client_sep, sizeof (pm->client_sep)); - a->sep_ext.ckpair_index = pm->ckpair_index; a->api_context = proxy_index; a->app_index = pm->active_open_app_index; + + if (proxy_transport_needs_crypto (a->sep.transport_proto)) + { + session_endpoint_alloc_ext_cfg (&a->sep_ext, + TRANSPORT_ENDPT_EXT_CFG_CRYPTO); + a->sep_ext.ext_cfg->crypto.ckpair_index = pm->ckpair_index; + } + proxy_call_main_thread (a); } @@ -697,13 +714,24 @@ proxy_server_listen () { proxy_main_t *pm = &proxy_main; vnet_listen_args_t _a, *a = &_a; + int rv; + clib_memset (a, 0, sizeof (*a)); a->app_index = pm->server_app_index; clib_memcpy (&a->sep_ext, &pm->server_sep, sizeof (pm->server_sep)); - a->sep_ext.ckpair_index = pm->ckpair_index; + if (proxy_transport_needs_crypto (a->sep.transport_proto)) + { + session_endpoint_alloc_ext_cfg (&a->sep_ext, + TRANSPORT_ENDPT_EXT_CFG_CRYPTO); + a->sep_ext.ext_cfg->crypto.ckpair_index = pm->ckpair_index; + } + + rv = vnet_listen (a); + if (a->sep_ext.ext_cfg) + clib_mem_free (a->sep_ext.ext_cfg); - return vnet_listen (a); + return rv; } static void |