diff options
author | Florin Coras <fcoras@cisco.com> | 2021-04-21 09:05:56 -0700 |
---|---|---|
committer | Florin Coras <florin.coras@gmail.com> | 2021-04-22 16:07:11 +0000 |
commit | a54b62d77794dee48510e7c128d3ab2fc90934b3 (patch) | |
tree | 019fb22c41ccf585c6a99bb778dc291f672abdc1 /src/plugins/hs_apps/sapi/vpp_echo_bapi.c | |
parent | c7e7819ad5c152168a5f1a217c3b72043fd48797 (diff) |
vcl session: refactor passing of crypto context
Pass tls/quic crypto context using extended config instead of bloating
conect/listen messages.
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0bc637ae310e6c31ef1e16847501dcb81453ee94
Diffstat (limited to 'src/plugins/hs_apps/sapi/vpp_echo_bapi.c')
-rw-r--r-- | src/plugins/hs_apps/sapi/vpp_echo_bapi.c | 61 |
1 files changed, 57 insertions, 4 deletions
diff --git a/src/plugins/hs_apps/sapi/vpp_echo_bapi.c b/src/plugins/hs_apps/sapi/vpp_echo_bapi.c index 0a0168b070e..7cf15eb1486 100644 --- a/src/plugins/hs_apps/sapi/vpp_echo_bapi.c +++ b/src/plugins/hs_apps/sapi/vpp_echo_bapi.c @@ -100,6 +100,31 @@ echo_send_del_cert_key (echo_main_t * em) vl_msg_api_send_shmem (em->vl_input_queue, (u8 *) & bmp); } +static u8 +echo_transport_needs_crypto (transport_proto_t proto) +{ + return proto == TRANSPORT_PROTO_TLS || proto == TRANSPORT_PROTO_DTLS || + proto == TRANSPORT_PROTO_QUIC; +} + +static void +echo_msg_add_crypto_ext_config (echo_main_t *em, uword *offset) +{ + transport_endpt_ext_cfg_t cfg; + svm_fifo_chunk_t *c; + + c = echo_segment_alloc_chunk (ECHO_MQ_SEG_HANDLE, 0, sizeof (cfg), offset); + if (!c) + return; + + memset (&cfg, 0, sizeof (cfg)); + cfg.type = TRANSPORT_ENDPT_EXT_CFG_CRYPTO; + cfg.len = sizeof (cfg); + cfg.crypto.ckpair_index = em->ckpair_index; + cfg.crypto.crypto_engine = em->crypto_engine; + clib_memcpy_fast (c->data, &cfg, cfg.len); +} + void echo_send_listen (echo_main_t * em, ip46_address_t * ip) { @@ -117,8 +142,8 @@ echo_send_listen (echo_main_t * em, ip46_address_t * ip) clib_memcpy_fast (&mp->ip, ip, sizeof (mp->ip)); mp->port = em->uri_elts.port; mp->proto = em->uri_elts.transport_proto; - mp->ckpair_index = em->ckpair_index; - mp->crypto_engine = em->crypto_engine; + if (echo_transport_needs_crypto (mp->proto)) + echo_msg_add_crypto_ext_config (em, &mp->ext_config); app_send_ctrl_evt_to_vpp (mq, app_evt); } @@ -163,8 +188,8 @@ echo_send_connect (echo_main_t * em, void *args) mp->port = em->uri_elts.port; mp->proto = em->uri_elts.transport_proto; mp->parent_handle = a->parent_session_handle; - mp->ckpair_index = em->ckpair_index; - mp->crypto_engine = em->crypto_engine; + if (echo_transport_needs_crypto (mp->proto)) + echo_msg_add_crypto_ext_config (em, &mp->ext_config); mp->flags = em->connect_flag; app_send_ctrl_evt_to_vpp (mq, app_evt); } @@ -332,6 +357,34 @@ echo_segment_attach_mq (uword segment_handle, uword mq_offset, u32 mq_index, return 0; } +svm_fifo_chunk_t * +echo_segment_alloc_chunk (uword segment_handle, u32 slice_index, u32 size, + uword *offset) +{ + echo_main_t *em = &echo_main; + svm_fifo_chunk_t *c; + fifo_segment_t *fs; + u32 fs_index; + + fs_index = echo_segment_lookup (segment_handle); + if (fs_index == (u32) ~0) + { + ECHO_LOG (0, "ERROR: mq segment %lx for is not attached!", + segment_handle); + return 0; + } + + clib_spinlock_lock (&em->segment_handles_lock); + + fs = fifo_segment_get_segment (&em->segment_main, fs_index); + c = fifo_segment_alloc_chunk_w_slice (fs, slice_index, size); + *offset = fifo_segment_chunk_offset (fs, c); + + clib_spinlock_unlock (&em->segment_handles_lock); + + return c; +} + /* * * Binary API callbacks |