diff options
author | Yu Ping <ping.yu@intel.com> | 2020-02-19 02:31:22 +0800 |
---|---|---|
committer | Florin Coras <florin.coras@gmail.com> | 2020-02-19 02:56:43 +0000 |
commit | 837826169fd51c1d2bb7703e479447f5d4ffa9a5 (patch) | |
tree | 031c125e49ec8816f1d9a9eed81967c13a924b49 /src/plugins/tlsopenssl/tls_openssl.c | |
parent | b9f1f1587504bc8c7db11ce637b20185588dbc16 (diff) |
tls: handle disconect and reset in async mode
Type: fix
When async is enabled and request is inflight, delay close oepration
Change-Id: I713078fe9832c1599e8860fc0a6bb98588f20943
Signed-off-by: Yu Ping <ping.yu@intel.com>
Diffstat (limited to 'src/plugins/tlsopenssl/tls_openssl.c')
-rw-r--r-- | src/plugins/tlsopenssl/tls_openssl.c | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/src/plugins/tlsopenssl/tls_openssl.c b/src/plugins/tlsopenssl/tls_openssl.c index 8e5e73a6cfb..288f0e1ae1e 100644 --- a/src/plugins/tlsopenssl/tls_openssl.c +++ b/src/plugins/tlsopenssl/tls_openssl.c @@ -204,15 +204,22 @@ openssl_check_async_status (tls_ctx_t * ctx, openssl_resume_handler * handler, static void openssl_handle_handshake_failure (tls_ctx_t * ctx) { + session_t *app_session; + if (SSL_is_server (((openssl_ctx_t *) ctx)->ssl)) { /* * Cleanup pre-allocated app session and close transport */ - session_free (session_get (ctx->c_s_index, ctx->c_thread_index)); - ctx->no_app_session = 1; - ctx->c_s_index = SESSION_INVALID_INDEX; - tls_disconnect_transport (ctx); + app_session = + session_get_if_valid (ctx->c_s_index, ctx->c_thread_index); + if (app_session) + { + session_free (app_session); + ctx->no_app_session = 1; + ctx->c_s_index = SESSION_INVALID_INDEX; + tls_disconnect_transport (ctx); + } } else { @@ -295,7 +302,11 @@ openssl_ctx_handshake_rx (tls_ctx_t * ctx, session_t * tls_session) } else { - tls_notify_app_accept (ctx); + /* Need to check transport status */ + if (ctx->is_passive_close) + openssl_handle_handshake_failure (ctx); + else + tls_notify_app_accept (ctx); } TLS_DBG (1, "Handshake for %u complete. TLS cipher is %s", @@ -752,6 +763,11 @@ openssl_handshake_is_over (tls_ctx_t * ctx) static int openssl_transport_close (tls_ctx_t * ctx) { +#ifdef HAVE_OPENSSL_ASYNC + if (vpp_openssl_is_inflight (ctx)) + return 0; +#endif + if (!openssl_handshake_is_over (ctx)) { openssl_handle_handshake_failure (ctx); |