diff options
author | Florin Coras <fcoras@cisco.com> | 2019-08-08 17:38:26 -0700 |
---|---|---|
committer | Florin Coras <florin.coras@gmail.com> | 2019-08-09 19:19:31 +0000 |
commit | 28d86217bfee01f02b3d21751add572e6bdcc040 (patch) | |
tree | ffd02d62c22587b9abbdc1276c255a6b8e3490c8 /src/plugins/tlsopenssl/tls_openssl.c | |
parent | a932a34a22991277123163c819cada87553dc478 (diff) |
tls: mark as no lookup transport
Type:fix
Also fix transport close while handshake is ongoing.
Change-Id: I004c56d2297d0847c2cb77202f8fba3edaacad29
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit d09236d17d86a5d50166b2017f8f30a560c6e1b8)
Diffstat (limited to 'src/plugins/tlsopenssl/tls_openssl.c')
-rw-r--r-- | src/plugins/tlsopenssl/tls_openssl.c | 38 |
1 files changed, 24 insertions, 14 deletions
diff --git a/src/plugins/tlsopenssl/tls_openssl.c b/src/plugins/tlsopenssl/tls_openssl.c index ee6b0e3172e..8d0fd36a04f 100644 --- a/src/plugins/tlsopenssl/tls_openssl.c +++ b/src/plugins/tlsopenssl/tls_openssl.c @@ -205,6 +205,28 @@ vpp_ssl_async_retry_func (tls_ctx_t * ctx, openssl_resume_handler * handler) #endif +static void +openssl_handle_handshake_failure (tls_ctx_t * ctx) +{ + if (SSL_is_server (((openssl_ctx_t *) ctx)->ssl)) + { + /* + * Cleanup pre-allocated app session and close transport + */ + session_free (session_get (ctx->c_s_index, ctx->c_thread_index)); + ctx->no_app_session = 1; + ctx->c_s_index = SESSION_INVALID_INDEX; + tls_disconnect_transport (ctx); + } + else + { + /* + * Also handles cleanup of the pre-allocated session + */ + tls_notify_app_connected (ctx, /* is failed */ 1); + } +} + int openssl_ctx_handshake_rx (tls_ctx_t * ctx, session_t * tls_session) { @@ -240,19 +262,7 @@ openssl_ctx_handshake_rx (tls_ctx_t * ctx, session_t * tls_session) ERR_error_string (ERR_get_error (), buf); clib_warning ("Err: %s", buf); - /* - * Cleanup pre-allocated app session and close transport - */ - if (SSL_is_server (oc->ssl)) - { - session_free (session_get (ctx->c_s_index, - ctx->c_thread_index)); - ctx->no_app_session = 1; - ctx->c_s_index = SESSION_INVALID_INDEX; - tls_disconnect_transport (ctx); - } - else - tls_notify_app_connected (ctx, /* is failed */ 1); + openssl_handle_handshake_failure (ctx); return -1; } @@ -758,7 +768,7 @@ openssl_transport_close (tls_ctx_t * ctx) { if (!openssl_handshake_is_over (ctx)) { - session_close (session_get_from_handle (ctx->tls_session_handle)); + openssl_handle_handshake_failure (ctx); return 0; } session_transport_closing_notify (&ctx->connection); |