summaryrefslogtreecommitdiffstats
path: root/src/plugins/tlsopenssl/tls_openssl.c
diff options
context:
space:
mode:
authorPing Yu <ping.yu@intel.com>2018-07-19 10:51:09 -0400
committerFlorin Coras <florin.coras@gmail.com>2018-07-19 18:32:54 +0000
commit970a0b87bb7d7d9c16acbe9ea207a7d4c81bfaee (patch)
treef35fa49873cf9f3687efdc7ae6b00c55cf9035a7 /src/plugins/tlsopenssl/tls_openssl.c
parent4d56e059f78b991cb19ec4e5cf4a07a5607a0642 (diff)
Add a new communication channel between VPP and openssl engine
Thus when engine buffer is full during a burst in performance tesing, this code will help VPP handle retry machansim. Change-Id: I0f9fc05d3dba8a54d34dca4c6137700d6c80f714 Signed-off-by: Ping Yu <ping.yu@intel.com>
Diffstat (limited to 'src/plugins/tlsopenssl/tls_openssl.c')
-rw-r--r--src/plugins/tlsopenssl/tls_openssl.c27
1 files changed, 23 insertions, 4 deletions
diff --git a/src/plugins/tlsopenssl/tls_openssl.c b/src/plugins/tlsopenssl/tls_openssl.c
index 91c9de758b4..b675d795cd8 100644
--- a/src/plugins/tlsopenssl/tls_openssl.c
+++ b/src/plugins/tlsopenssl/tls_openssl.c
@@ -167,13 +167,26 @@ vpp_ssl_async_process_event (tls_ctx_t * ctx,
{
SSL_set_async_callback (oc->ssl, (void *) engine_cb->callback,
(void *) engine_cb->arg);
- TLS_DBG ("set callback to engine %p\n", engine_cb->callback);
+ TLS_DBG (2, "set callback to engine %p\n", engine_cb->callback);
}
- /* associated fd with context for return */
- TLS_DBG ("completed assoicated fd with tls session\n");
return 0;
}
+
+/* Due to engine busy stat, VPP need to retry later */
+static int
+vpp_ssl_async_retry_func (tls_ctx_t * ctx, openssl_resume_handler * handler)
+{
+ openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
+
+ if (vpp_add_async_run_event (ctx, handler))
+ {
+ SSL_set_async_estatus (oc->ssl, 0);
+ }
+ return 0;
+
+}
+
#endif
int
@@ -182,6 +195,7 @@ openssl_ctx_handshake_rx (tls_ctx_t * ctx, stream_session_t * tls_session)
openssl_ctx_t *oc = (openssl_ctx_t *) ctx;
int rv = 0, err;
#ifdef HAVE_OPENSSL_ASYNC
+ int estatus;
openssl_resume_handler *myself;
#endif
@@ -200,9 +214,14 @@ openssl_ctx_handshake_rx (tls_ctx_t * ctx, stream_session_t * tls_session)
err = SSL_get_error (oc->ssl, rv);
openssl_try_handshake_write (oc, tls_session);
#ifdef HAVE_OPENSSL_ASYNC
+ myself = openssl_ctx_handshake_rx;
+ if (SSL_get_async_estatus (oc->ssl, &estatus)
+ && (estatus == ENGINE_STATUS_RETRY))
+ {
+ vpp_ssl_async_retry_func (ctx, myself);
+ }
if (err == SSL_ERROR_WANT_ASYNC)
{
- myself = openssl_ctx_handshake_rx;
vpp_ssl_async_process_event (ctx, myself);
}
#endif