diff options
| author |   Matus Fabian <matfabia@cisco.com> | 2024-10-16 15:29:36 +0200 |
|---|---|---|
| committer |   Florin Coras <florin.coras@gmail.com> | 2024-10-25 15:50:51 +0000 |
| commit | 10c016c055c3900bf5a52f30a67f3aff20a37492 (patch) | |
| tree | 194b8714c3e2b7b61d33d5ee6d9febc580069b40 /src/plugins | |
| parent | 75f4960d12a37d0b6ad2cd003e2a10ddb2527db6 (diff) | |
session: support of multiple extended configs
This allow configuration for each transport protocol when combined,
e.g. HTTPS=HTTP+TLS.
Extended config of session endpoint config is now chunk of memory,
which allow seamless integration with VCL, and internal
representation is hidden behind APIs, which is better for
future improvements. By default chunk is allocated to 512B if the
app doesn't do so before.
Type: improvement
Change-Id: I323f19ec255eba31c58c06b8b83af45aab7f5bb1
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Diffstat (limited to 'src/plugins')
| -rw-r--r-- | src/plugins/hs_apps/echo_client.c | 9 | ||||
| -rw-r--r-- | src/plugins/hs_apps/echo_server.c | 16 | ||||
| -rw-r--r-- | src/plugins/hs_apps/http_cli.c | 9 | ||||
| -rw-r--r-- | src/plugins/hs_apps/http_tps.c | 9 | ||||
| -rw-r--r-- | src/plugins/hs_apps/proxy.c | 26 | ||||
| -rw-r--r-- | src/plugins/http/http.c | 8 | ||||
| -rw-r--r-- | src/plugins/http_static/static_server.c | 9 | ||||
| -rw-r--r-- | src/plugins/quic/quic.c | 12 | ||||
| -rw-r--r-- | src/plugins/srtp/srtp.c | 12 |
9 files changed, 66 insertions, 44 deletions
diff --git a/src/plugins/hs_apps/echo_client.c b/src/plugins/hs_apps/echo_client.c index 8dec5d86824..d5edffbd02e 100644 --- a/src/plugins/hs_apps/echo_client.c +++ b/src/plugins/hs_apps/echo_client.c @@ -946,15 +946,16 @@ ec_connect_rpc (void *args) a->api_context = ci; if (needs_crypto) { - session_endpoint_alloc_ext_cfg (&a->sep_ext, - TRANSPORT_ENDPT_EXT_CFG_CRYPTO); - a->sep_ext.ext_cfg->crypto.ckpair_index = ecm->ckpair_index; + transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg ( + &a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO, + sizeof (transport_endpt_crypto_cfg_t)); + ext_cfg->crypto.ckpair_index = ecm->ckpair_index; } rv = vnet_connect (a); if (needs_crypto) - clib_mem_free (a->sep_ext.ext_cfg); + session_endpoint_free_ext_cfgs (&a->sep_ext); if (rv) { diff --git a/src/plugins/hs_apps/echo_server.c b/src/plugins/hs_apps/echo_server.c index 756a1cc3451..b981e775b57 100644 --- a/src/plugins/hs_apps/echo_server.c +++ b/src/plugins/hs_apps/echo_server.c @@ -591,6 +591,7 @@ echo_server_listen () i32 rv; echo_server_main_t *esm = &echo_server_main; vnet_listen_args_t _args = {}, *args = &_args; + int needs_crypto; if ((rv = parse_uri (esm->server_uri, &args->sep_ext))) { @@ -598,11 +599,14 @@ echo_server_listen () } args->app_index = esm->app_index; args->sep_ext.port = hs_make_data_port (args->sep_ext.port); - if (echo_client_transport_needs_crypto (args->sep_ext.transport_proto)) + needs_crypto = + echo_client_transport_needs_crypto (args->sep_ext.transport_proto); + if (needs_crypto) { - session_endpoint_alloc_ext_cfg (&args->sep_ext, - TRANSPORT_ENDPT_EXT_CFG_CRYPTO); - args->sep_ext.ext_cfg->crypto.ckpair_index = esm->ckpair_index; + transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg ( + &args->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO, + sizeof (transport_endpt_crypto_cfg_t)); + ext_cfg->crypto.ckpair_index = esm->ckpair_index; } if (args->sep_ext.transport_proto == TRANSPORT_PROTO_UDP) @@ -612,8 +616,8 @@ echo_server_listen () rv = vnet_listen (args); esm->listener_handle = args->handle; - if (args->sep_ext.ext_cfg) - clib_mem_free (args->sep_ext.ext_cfg); + if (needs_crypto) + session_endpoint_free_ext_cfgs (&args->sep_ext); return rv; } diff --git a/src/plugins/hs_apps/http_cli.c b/src/plugins/hs_apps/http_cli.c index 096c4553a8f..1000a2ddd18 100644 --- a/src/plugins/hs_apps/http_cli.c +++ b/src/plugins/hs_apps/http_cli.c @@ -660,9 +660,10 @@ hcs_listen () if (need_crypto) { - session_endpoint_alloc_ext_cfg (&a->sep_ext, - TRANSPORT_ENDPT_EXT_CFG_CRYPTO); - a->sep_ext.ext_cfg->crypto.ckpair_index = hcm->ckpair_index; + transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg ( + &a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO, + sizeof (transport_endpt_crypto_cfg_t)); + ext_cfg->crypto.ckpair_index = hcm->ckpair_index; } rv = vnet_listen (a); @@ -676,7 +677,7 @@ hcs_listen () } if (need_crypto) - clib_mem_free (a->sep_ext.ext_cfg); + session_endpoint_free_ext_cfgs (&a->sep_ext); return rv; } diff --git a/src/plugins/hs_apps/http_tps.c b/src/plugins/hs_apps/http_tps.c index cdeafa5d54a..a40a31caf63 100644 --- a/src/plugins/hs_apps/http_tps.c +++ b/src/plugins/hs_apps/http_tps.c @@ -641,15 +641,16 @@ hts_start_listen (hts_main_t *htm, session_endpoint_cfg_t *sep, u8 *uri, if (need_crypto) { - session_endpoint_alloc_ext_cfg (&a->sep_ext, - TRANSPORT_ENDPT_EXT_CFG_CRYPTO); - a->sep_ext.ext_cfg->crypto.ckpair_index = htm->ckpair_index; + transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg ( + &a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO, + sizeof (transport_endpt_crypto_cfg_t)); + ext_cfg->crypto.ckpair_index = htm->ckpair_index; } rv = vnet_listen (a); if (need_crypto) - clib_mem_free (a->sep_ext.ext_cfg); + session_endpoint_free_ext_cfgs (&a->sep_ext); if (rv) return rv; diff --git a/src/plugins/hs_apps/proxy.c b/src/plugins/hs_apps/proxy.c index a2776794c4a..48acaee0ac6 100644 --- a/src/plugins/hs_apps/proxy.c +++ b/src/plugins/hs_apps/proxy.c @@ -54,8 +54,7 @@ proxy_do_connect (vnet_connect_args_t *a) { ASSERT (session_vlib_thread_is_cl_thread ()); vnet_connect (a); - if (a->sep_ext.ext_cfg) - clib_mem_free (a->sep_ext.ext_cfg); + session_endpoint_free_ext_cfgs (&a->sep_ext); } static void @@ -487,9 +486,10 @@ proxy_session_start_connect (proxy_session_side_ctx_t *sc, session_t *s) if (proxy_transport_needs_crypto (a->sep.transport_proto)) { - session_endpoint_alloc_ext_cfg (&a->sep_ext, - TRANSPORT_ENDPT_EXT_CFG_CRYPTO); - a->sep_ext.ext_cfg->crypto.ckpair_index = pm->ckpair_index; + transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg ( + &a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO, + sizeof (transport_endpt_crypto_cfg_t)); + ext_cfg->crypto.ckpair_index = pm->ckpair_index; } proxy_program_connect (a); @@ -895,22 +895,24 @@ proxy_server_listen () { proxy_main_t *pm = &proxy_main; vnet_listen_args_t _a, *a = &_a; - int rv; + int rv, need_crypto; clib_memset (a, 0, sizeof (*a)); a->app_index = pm->server_app_index; clib_memcpy (&a->sep_ext, &pm->server_sep, sizeof (pm->server_sep)); - if (proxy_transport_needs_crypto (a->sep.transport_proto)) + need_crypto = proxy_transport_needs_crypto (a->sep.transport_proto); + if (need_crypto) { - session_endpoint_alloc_ext_cfg (&a->sep_ext, - TRANSPORT_ENDPT_EXT_CFG_CRYPTO); - a->sep_ext.ext_cfg->crypto.ckpair_index = pm->ckpair_index; + transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg ( + &a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO, + sizeof (transport_endpt_crypto_cfg_t)); + ext_cfg->crypto.ckpair_index = pm->ckpair_index; } rv = vnet_listen (a); - if (a->sep_ext.ext_cfg) - clib_mem_free (a->sep_ext.ext_cfg); + if (need_crypto) + session_endpoint_free_ext_cfgs (&a->sep_ext); return rv; } diff --git a/src/plugins/http/http.c b/src/plugins/http/http.c index cec441d7fcb..6afb80d11c4 100644 --- a/src/plugins/http/http.c +++ b/src/plugins/http/http.c @@ -1876,11 +1876,12 @@ http_start_listen (u32 app_listener_index, transport_endpoint_cfg_t *tep) http_main_t *hm = &http_main; session_endpoint_cfg_t *sep; app_worker_t *app_wrk; - transport_proto_t tp; + transport_proto_t tp = TRANSPORT_PROTO_TCP; app_listener_t *al; application_t *app; http_conn_t *lhc; u32 lhc_index; + transport_endpt_ext_cfg_t *ext_cfg; sep = (session_endpoint_cfg_t *) tep; @@ -1890,7 +1891,10 @@ http_start_listen (u32 app_listener_index, transport_endpoint_cfg_t *tep) args->app_index = hm->app_index; args->sep_ext = *sep; args->sep_ext.ns_index = app->ns_index; - tp = sep->ext_cfg ? TRANSPORT_PROTO_TLS : TRANSPORT_PROTO_TCP; + + ext_cfg = session_endpoint_get_ext_cfg (sep, TRANSPORT_ENDPT_EXT_CFG_CRYPTO); + if (ext_cfg) + tp = TRANSPORT_PROTO_TLS; args->sep_ext.transport_proto = tp; if (vnet_listen (args)) diff --git a/src/plugins/http_static/static_server.c b/src/plugins/http_static/static_server.c index 49d1630e843..0b02cc8e682 100644 --- a/src/plugins/http_static/static_server.c +++ b/src/plugins/http_static/static_server.c @@ -822,15 +822,16 @@ hss_listen (void) if (need_crypto) { - session_endpoint_alloc_ext_cfg (&a->sep_ext, - TRANSPORT_ENDPT_EXT_CFG_CRYPTO); - a->sep_ext.ext_cfg->crypto.ckpair_index = hsm->ckpair_index; + transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg ( + &a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO, + sizeof (transport_endpt_crypto_cfg_t)); + ext_cfg->crypto.ckpair_index = hsm->ckpair_index; } rv = vnet_listen (a); if (need_crypto) - clib_mem_free (a->sep_ext.ext_cfg); + session_endpoint_free_ext_cfgs (&a->sep_ext); return rv; } diff --git a/src/plugins/quic/quic.c b/src/plugins/quic/quic.c index 3f7a3426069..3797cd2b4ea 100644 --- a/src/plugins/quic/quic.c +++ b/src/plugins/quic/quic.c @@ -1332,14 +1332,16 @@ quic_connect_connection (session_endpoint_cfg_t * sep) quic_ctx_t *ctx; app_worker_t *app_wrk; application_t *app; + transport_endpt_ext_cfg_t *ext_cfg; int error; - if (!sep->ext_cfg) + ext_cfg = session_endpoint_get_ext_cfg (sep, TRANSPORT_ENDPT_EXT_CFG_CRYPTO); + if (!ext_cfg) return SESSION_E_NOEXTCFG; /* Use pool on thread 1 if we have workers because of UDP */ thread_index = transport_cl_thread (); - ccfg = &sep->ext_cfg->crypto; + ccfg = &ext_cfg->crypto; clib_memset (cargs, 0, sizeof (*cargs)); ctx_index = quic_ctx_alloc (thread_index); @@ -1475,13 +1477,15 @@ quic_start_listen (u32 quic_listen_session_index, quic_ctx_t *lctx; u32 lctx_index; app_listener_t *app_listener; + transport_endpt_ext_cfg_t *ext_cfg; int rv; sep = (session_endpoint_cfg_t *) tep; - if (!sep->ext_cfg) + ext_cfg = session_endpoint_get_ext_cfg (sep, TRANSPORT_ENDPT_EXT_CFG_CRYPTO); + if (!ext_cfg) return SESSION_E_NOEXTCFG; - ccfg = &sep->ext_cfg->crypto; + ccfg = &ext_cfg->crypto; app_wrk = app_worker_get (sep->app_wrk_index); app = application_get (app_wrk->app_index); QUIC_DBG (2, "Called quic_start_listen for app %d", app_wrk->app_index); diff --git a/src/plugins/srtp/srtp.c b/src/plugins/srtp/srtp.c index bb54e672918..6862301d2d2 100644 --- a/src/plugins/srtp/srtp.c +++ b/src/plugins/srtp/srtp.c @@ -641,10 +641,12 @@ srtp_connect (transport_endpoint_cfg_t *tep) application_t *app; srtp_tc_t *ctx; u32 ctx_index; + transport_endpt_ext_cfg_t *ext_cfg; int rv; sep = (session_endpoint_cfg_t *) tep; - if (!sep->ext_cfg) + ext_cfg = session_endpoint_get_ext_cfg (sep, TRANSPORT_ENDPT_EXT_CFG_NONE); + if (!ext_cfg) return SESSION_E_NOEXTCFG; app_wrk = app_worker_get (sep->app_wrk_index); @@ -658,7 +660,7 @@ srtp_connect (transport_endpoint_cfg_t *tep) ctx->srtp_ctx_handle = ctx_index; ctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP; - srtp_init_policy (ctx, (transport_endpt_cfg_srtp_t *) sep->ext_cfg->data); + srtp_init_policy (ctx, (transport_endpt_cfg_srtp_t *) ext_cfg->data); clib_memcpy_fast (&cargs->sep, sep, sizeof (session_endpoint_t)); cargs->sep.transport_proto = TRANSPORT_PROTO_UDP; @@ -723,9 +725,11 @@ srtp_start_listen (u32 app_listener_index, transport_endpoint_cfg_t *tep) app_listener_t *al; srtp_tc_t *lctx; u32 lctx_index; + transport_endpt_ext_cfg_t *ext_cfg; sep = (session_endpoint_cfg_t *) tep; - if (!sep->ext_cfg) + ext_cfg = session_endpoint_get_ext_cfg (sep, TRANSPORT_ENDPT_EXT_CFG_NONE); + if (!ext_cfg) return SESSION_E_NOEXTCFG; app_wrk = app_worker_get (sep->app_wrk_index); @@ -756,7 +760,7 @@ srtp_start_listen (u32 app_listener_index, transport_endpoint_cfg_t *tep) lctx->c_s_index = app_listener_index; lctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP; - srtp_init_policy (lctx, (transport_endpt_cfg_srtp_t *) sep->ext_cfg->data); + srtp_init_policy (lctx, (transport_endpt_cfg_srtp_t *) ext_cfg->data); SRTP_DBG (1, "Started listening %d", lctx_index); return lctx_index; |