diff options
| author |   Varun Rapelly <vrapelly@marvell.com> | 2024-08-17 16:19:29 +0000 |
|---|---|---|
| committer |   Florin Coras <florin.coras@gmail.com> | 2024-12-07 21:18:54 +0000 |
| commit | b8af24b26d3e1cd2240a9c2ee11340ba9b696f6c (patch) | |
| tree | f9c7f031fd56b593efdc9fbf0a59dd5342a326af /src/plugins/tlsopenssl/tls_openssl.h | |
| parent | 0ec906694d9675f6e2319fb8d8422bc59349b418 (diff) | |
tls: add async processing support
Adds support for tls async processing using OpenSSL.
Adds new CLI command to configure OpenSSL TLS configurations used by
OpenSSL context and session. New CLI format is:
tls openssl set-tls [record-size <size>]
[record-split-size <size>]
[max-pipelines <size>]
Sets default values to below TLS configuration parameters:
- first_seg_size: 32MB
- add_seg_size: 256MB
Type: feature
Signed-off-by: Varun Rapelly <vrapelly@marvell.com>
Change-Id: I990be31fced9e258fdb036f5751cd67594b0bce7
Diffstat (limited to 'src/plugins/tlsopenssl/tls_openssl.h')
| -rw-r--r-- | src/plugins/tlsopenssl/tls_openssl.h | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/src/plugins/tlsopenssl/tls_openssl.h b/src/plugins/tlsopenssl/tls_openssl.h index 1600cd77aba..8f6c6652a52 100644 --- a/src/plugins/tlsopenssl/tls_openssl.h +++ b/src/plugins/tlsopenssl/tls_openssl.h @@ -29,12 +29,18 @@ #define DTLSO_MAX_DGRAM 2000 +#define ossl_check_err_is_fatal(_ssl, _rv) \ + if (PREDICT_FALSE (_rv < 0 && SSL_get_error (_ssl, _rv) == SSL_ERROR_SSL)) \ + return -1; + typedef struct tls_ctx_openssl_ { tls_ctx_t ctx; /**< First */ u32 openssl_ctx_index; SSL_CTX *client_ssl_ctx; SSL *ssl; + u32 evt_index[SSL_ASYNC_EVT_MAX]; + u32 total_async_write; BIO *rbio; BIO *wbio; } openssl_ctx_t; @@ -63,15 +69,20 @@ typedef struct openssl_main_ u8 *ciphers; int engine_init; int async; + u32 record_size; + u32 record_split_size; + u32 max_pipelines; } openssl_main_t; typedef int openssl_resume_handler (tls_ctx_t * ctx, session_t * tls_session); tls_ctx_t *openssl_ctx_get_w_thread (u32 ctx_index, u8 thread_index); -int vpp_tls_async_init_event (tls_ctx_t * ctx, - openssl_resume_handler * handler, - session_t * session); -int vpp_tls_async_update_event (tls_ctx_t * ctx, int eagain); +int vpp_tls_async_init_events (tls_ctx_t *ctx, openssl_resume_handler *handler, + session_t *session); +int vpp_tls_async_update_event (tls_ctx_t *ctx, int eagain, + ssl_async_evt_type_t type); +int vpp_tls_async_enqueue_event (openssl_ctx_t *ctx, int evt_type, + transport_send_params_t *sp, int size); int tls_async_openssl_callback (SSL * s, void *evt); int openssl_evt_free (int event_idx, u8 thread_index); void openssl_polling_start (ENGINE * engine); @@ -80,6 +91,10 @@ void openssl_async_node_enable_disable (u8 is_en); clib_error_t *tls_openssl_api_init (vlib_main_t * vm); int tls_openssl_set_ciphers (char *ciphers); int vpp_openssl_is_inflight (tls_ctx_t * ctx); +int openssl_read_from_ssl_into_fifo (svm_fifo_t *f, tls_ctx_t *ctx, + u32 max_len); +void openssl_handle_handshake_failure (tls_ctx_t *ctx); +void openssl_confirm_app_close (tls_ctx_t *ctx); #endif /* SRC_PLUGINS_TLSOPENSSL_TLS_OPENSSL_H_ */ |