summaryrefslogtreecommitdiffstats
path: root/src/plugins/tlsopenssl/dtls_bio.c
diff options
context:
space:
mode:
authorFlorin Coras <fcoras@cisco.com>2020-11-19 13:38:26 -0800
committerDave Barach <openvpp@barachs.net>2021-02-09 21:33:19 +0000
commit4b47ee26cba610b26bbfc088736846541bee7be3 (patch)
treecb6aedb8a7ba69140bda4709dbff084d91ffff90 /src/plugins/tlsopenssl/dtls_bio.c
parentda2305fb874a7cf6573267adb87166564e328396 (diff)
tls: dtls initial implementation
Type: feature Basic dtls transport protocol implementation that relies on openssl wire protocol implementation. Retries/timeouts not yet supported. To test using vcl test apps, first ensure all arp entries are properly resolved and subsequently: server: vcl_server -p dtls 1234 client: vcl_client -p dtls <server-ip> 1234 -U -N 2000000 -T 1460 -X Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I04b4516a8fe9ce85ba230bcdd891f33a900046ed
Diffstat (limited to 'src/plugins/tlsopenssl/dtls_bio.c')
-rw-r--r--src/plugins/tlsopenssl/dtls_bio.c225
1 files changed, 225 insertions, 0 deletions
diff --git a/src/plugins/tlsopenssl/dtls_bio.c b/src/plugins/tlsopenssl/dtls_bio.c
new file mode 100644
index 00000000000..7cd2abd42e2
--- /dev/null
+++ b/src/plugins/tlsopenssl/dtls_bio.c
@@ -0,0 +1,225 @@
+/*
+ * Copyright (c) 2021 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <openssl/bio.h>
+#include <openssl/err.h>
+
+#include <vnet/session/session.h>
+#include <vnet/session/application_interface.h>
+
+static inline session_t *
+bio_session (BIO *bio)
+{
+ return session_get_from_handle (pointer_to_uword (BIO_get_data (bio)));
+}
+
+static int
+bio_dtls_alloc (BIO *bio)
+{
+ BIO_set_init (bio, 0);
+ BIO_set_data (bio, 0);
+ BIO_set_flags (bio, 0);
+ BIO_set_shutdown (bio, 0);
+ return 1;
+}
+
+static int
+bio_dtls_free (BIO *bio)
+{
+ if (!bio)
+ return 0;
+
+ if (BIO_get_shutdown (bio))
+ {
+ if (BIO_get_init (bio))
+ session_close (bio_session (bio));
+ BIO_set_init (bio, 0);
+ BIO_set_flags (bio, 0);
+ }
+ return 1;
+}
+
+static int
+bio_dtls_read (BIO *b, char *out, int outl)
+{
+ app_session_transport_t at;
+ session_t *s;
+ int rv;
+
+ if (PREDICT_FALSE (!out))
+ return 0;
+
+ s = bio_session (b);
+ if (!s)
+ {
+ clib_warning ("no session");
+ errno = EBADFD;
+ return -1;
+ }
+
+ rv = app_recv_dgram_raw (s->rx_fifo, (u8 *) out, outl, &at,
+ 0 /* clear evt */, 0 /* peek */);
+
+ if (rv < 0)
+ {
+ BIO_set_retry_read (b);
+ errno = EAGAIN;
+ return -1;
+ }
+
+ if (svm_fifo_is_empty_cons (s->rx_fifo))
+ svm_fifo_unset_event (s->rx_fifo);
+
+ BIO_clear_retry_flags (b);
+
+ return rv;
+}
+
+static int
+bio_dtls_write (BIO *b, const char *in, int inl)
+{
+ app_session_transport_t at = { 0 };
+ svm_msg_q_t *mq;
+ session_t *s;
+ int rv;
+
+ if (PREDICT_FALSE (!in))
+ return 0;
+
+ s = bio_session (b);
+ if (!s)
+ {
+ clib_warning ("no session");
+ errno = EBADFD;
+ return -1;
+ }
+
+ mq = session_main_get_vpp_event_queue (s->thread_index);
+ rv = app_send_dgram_raw (s->tx_fifo, &at, mq, (u8 *) in, inl,
+ SESSION_IO_EVT_TX, 1 /* do_evt */, 0 /* noblock */);
+
+ if (rv < 0)
+ {
+ BIO_set_retry_read (b);
+ errno = EAGAIN;
+ return -1;
+ }
+
+ BIO_clear_retry_flags (b);
+
+ return rv;
+}
+
+static int
+dtls_dgram_overhead (BIO *b)
+{
+ session_t *s = bio_session (b);
+ if (session_type_is_ip4 (s->session_type))
+ /* 20B ip 8B udp */
+ return 28;
+ else
+ /* 40B ip 8B udp */
+ return 48;
+}
+
+static u16
+dtls_dgram_mss (BIO *b)
+{
+ session_t *s = bio_session (b);
+ transport_send_params_t sp;
+
+ transport_connection_snd_params (session_get_transport (s), &sp);
+
+ return sp.snd_mss;
+}
+
+long
+bio_dtls_ctrl (BIO *b, int cmd, long larg, void *parg)
+{
+ long ret = 1;
+
+ switch (cmd)
+ {
+ case BIO_C_SET_FD:
+ os_panic ();
+ break;
+ case BIO_C_GET_FD:
+ os_panic ();
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret = BIO_get_shutdown (b);
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ BIO_set_shutdown (b, (int) larg);
+ break;
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ ret = 0;
+ break;
+ case BIO_CTRL_DUP:
+ case BIO_CTRL_FLUSH:
+ ret = 1;
+ break;
+ case BIO_CTRL_DGRAM_QUERY_MTU:
+ ret = dtls_dgram_mss (b);
+ break;
+ case BIO_CTRL_DGRAM_SET_MTU:
+ ret = 0;
+ break;
+ case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+ ret = 0;
+ break;
+ case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
+ ret = dtls_dgram_overhead (b);
+ break;
+ default:
+ ret = 0;
+ break;
+ }
+ return ret;
+}
+
+BIO *
+BIO_new_dtls (session_handle_t sh)
+{
+ static BIO_METHOD *dtls_bio_method;
+ BIO *b;
+
+ if (!dtls_bio_method)
+ {
+ dtls_bio_method = BIO_meth_new (BIO_TYPE_SOCKET, "dtls_bio");
+ BIO_meth_set_write (dtls_bio_method, bio_dtls_write);
+ BIO_meth_set_read (dtls_bio_method, bio_dtls_read);
+ BIO_meth_set_create (dtls_bio_method, bio_dtls_alloc);
+ BIO_meth_set_destroy (dtls_bio_method, bio_dtls_free);
+ BIO_meth_set_ctrl (dtls_bio_method, bio_dtls_ctrl);
+ }
+
+ b = BIO_new (dtls_bio_method);
+
+ /* Initialize the BIO */
+ BIO_set_data (b, uword_to_pointer (sh, void *));
+ BIO_set_init (b, 1);
+
+ return b;
+}
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */