summaryrefslogtreecommitdiffstats
path: root/src/plugins/hs_apps/sapi/vpp_echo_bapi.c
diff options
context:
space:
mode:
authorFlorin Coras <fcoras@cisco.com>2021-04-21 09:05:56 -0700
committerFlorin Coras <florin.coras@gmail.com>2021-04-22 16:07:11 +0000
commita54b62d77794dee48510e7c128d3ab2fc90934b3 (patch)
tree019fb22c41ccf585c6a99bb778dc291f672abdc1 /src/plugins/hs_apps/sapi/vpp_echo_bapi.c
parentc7e7819ad5c152168a5f1a217c3b72043fd48797 (diff)
vcl session: refactor passing of crypto context
Pass tls/quic crypto context using extended config instead of bloating conect/listen messages. Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I0bc637ae310e6c31ef1e16847501dcb81453ee94
Diffstat (limited to 'src/plugins/hs_apps/sapi/vpp_echo_bapi.c')
-rw-r--r--src/plugins/hs_apps/sapi/vpp_echo_bapi.c61
1 files changed, 57 insertions, 4 deletions
diff --git a/src/plugins/hs_apps/sapi/vpp_echo_bapi.c b/src/plugins/hs_apps/sapi/vpp_echo_bapi.c
index 0a0168b070e..7cf15eb1486 100644
--- a/src/plugins/hs_apps/sapi/vpp_echo_bapi.c
+++ b/src/plugins/hs_apps/sapi/vpp_echo_bapi.c
@@ -100,6 +100,31 @@ echo_send_del_cert_key (echo_main_t * em)
vl_msg_api_send_shmem (em->vl_input_queue, (u8 *) & bmp);
}
+static u8
+echo_transport_needs_crypto (transport_proto_t proto)
+{
+ return proto == TRANSPORT_PROTO_TLS || proto == TRANSPORT_PROTO_DTLS ||
+ proto == TRANSPORT_PROTO_QUIC;
+}
+
+static void
+echo_msg_add_crypto_ext_config (echo_main_t *em, uword *offset)
+{
+ transport_endpt_ext_cfg_t cfg;
+ svm_fifo_chunk_t *c;
+
+ c = echo_segment_alloc_chunk (ECHO_MQ_SEG_HANDLE, 0, sizeof (cfg), offset);
+ if (!c)
+ return;
+
+ memset (&cfg, 0, sizeof (cfg));
+ cfg.type = TRANSPORT_ENDPT_EXT_CFG_CRYPTO;
+ cfg.len = sizeof (cfg);
+ cfg.crypto.ckpair_index = em->ckpair_index;
+ cfg.crypto.crypto_engine = em->crypto_engine;
+ clib_memcpy_fast (c->data, &cfg, cfg.len);
+}
+
void
echo_send_listen (echo_main_t * em, ip46_address_t * ip)
{
@@ -117,8 +142,8 @@ echo_send_listen (echo_main_t * em, ip46_address_t * ip)
clib_memcpy_fast (&mp->ip, ip, sizeof (mp->ip));
mp->port = em->uri_elts.port;
mp->proto = em->uri_elts.transport_proto;
- mp->ckpair_index = em->ckpair_index;
- mp->crypto_engine = em->crypto_engine;
+ if (echo_transport_needs_crypto (mp->proto))
+ echo_msg_add_crypto_ext_config (em, &mp->ext_config);
app_send_ctrl_evt_to_vpp (mq, app_evt);
}
@@ -163,8 +188,8 @@ echo_send_connect (echo_main_t * em, void *args)
mp->port = em->uri_elts.port;
mp->proto = em->uri_elts.transport_proto;
mp->parent_handle = a->parent_session_handle;
- mp->ckpair_index = em->ckpair_index;
- mp->crypto_engine = em->crypto_engine;
+ if (echo_transport_needs_crypto (mp->proto))
+ echo_msg_add_crypto_ext_config (em, &mp->ext_config);
mp->flags = em->connect_flag;
app_send_ctrl_evt_to_vpp (mq, app_evt);
}
@@ -332,6 +357,34 @@ echo_segment_attach_mq (uword segment_handle, uword mq_offset, u32 mq_index,
return 0;
}
+svm_fifo_chunk_t *
+echo_segment_alloc_chunk (uword segment_handle, u32 slice_index, u32 size,
+ uword *offset)
+{
+ echo_main_t *em = &echo_main;
+ svm_fifo_chunk_t *c;
+ fifo_segment_t *fs;
+ u32 fs_index;
+
+ fs_index = echo_segment_lookup (segment_handle);
+ if (fs_index == (u32) ~0)
+ {
+ ECHO_LOG (0, "ERROR: mq segment %lx for is not attached!",
+ segment_handle);
+ return 0;
+ }
+
+ clib_spinlock_lock (&em->segment_handles_lock);
+
+ fs = fifo_segment_get_segment (&em->segment_main, fs_index);
+ c = fifo_segment_alloc_chunk_w_slice (fs, slice_index, size);
+ *offset = fifo_segment_chunk_offset (fs, c);
+
+ clib_spinlock_unlock (&em->segment_handles_lock);
+
+ return c;
+}
+
/*
*
* Binary API callbacks