session vcl: cert key add/del with socket api

Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I70791285cbf427479d2dcbf70ffdce2253add2fb
author: Florin Coras <fcoras@cisco.com> 2021-08-11 14:55:49 -0700
committer: Dave Barach <openvpp@barachs.net> 2021-08-12 14:47:31 +0000
commit: e191d76d248ebbb022533d518b447b7df4efd371 (patch)
tree: d4953f922582e078aadf7148f7e4300e40d85001 /src/vcl
parent: 8c7f5c809fecec80cdfdcae6cab1592defddc931 (diff)
3 files changed, 117 insertions, 10 deletions
diff --git a/src/vcl/vcl_private.h b/src/vcl/vcl_private.h
index 3233aeca4b2..c9db03cbc2f 100644
--- a/src/vcl/vcl_private.h
+++ b/src/vcl/vcl_private.h
@@ -753,6 +753,8 @@ int vcl_sapi_app_worker_add (void);
 void vcl_sapi_app_worker_del (vcl_worker_t * wrk);
 void vcl_sapi_detach (vcl_worker_t * wrk);
 int vcl_sapi_recv_fds (vcl_worker_t * wrk, int *fds, int n_fds);
+int vcl_sapi_add_cert_key_pair (vppcom_cert_key_pair_t *ckpair);
+int vcl_sapi_del_cert_key_pair (u32 ckpair_index);
 
 #endif /* SRC_VCL_VCL_PRIVATE_H_ */
 
diff --git a/src/vcl/vcl_sapi.c b/src/vcl/vcl_sapi.c
index 84d56af576b..981257ede8d 100644
--- a/src/vcl/vcl_sapi.c
+++ b/src/vcl/vcl_sapi.c
@@ -356,6 +356,115 @@ vcl_sapi_recv_fds (vcl_worker_t * wrk, int *fds, int n_fds)
   return 0;
 }
 
+int
+vcl_sapi_add_cert_key_pair (vppcom_cert_key_pair_t *ckpair)
+{
+  u32 cert_len = ckpair->cert_len, key_len = ckpair->key_len, certkey_len;
+  vcl_worker_t *wrk = vcl_worker_get_current ();
+  app_sapi_msg_t _msg = { 0 }, *msg = &_msg;
+  app_sapi_cert_key_add_del_msg_t *mp;
+  app_sapi_msg_t _rmp, *rmp = &_rmp;
+  clib_error_t *err;
+  clib_socket_t *cs;
+  u8 *certkey = 0;
+  int rv = -1;
+
+  msg->type = APP_SAPI_MSG_TYPE_ADD_DEL_CERT_KEY;
+  mp = &msg->cert_key_add_del;
+  mp->context = wrk->wrk_index;
+  mp->cert_len = cert_len;
+  mp->certkey_len = cert_len + key_len;
+  mp->is_add = 1;
+
+  certkey_len = cert_len + key_len;
+  vec_validate (certkey, certkey_len - 1);
+  clib_memcpy_fast (certkey, ckpair->cert, cert_len);
+  clib_memcpy_fast (certkey + cert_len, ckpair->key, key_len);
+
+  cs = &wrk->app_api_sock;
+  err = clib_socket_sendmsg (cs, msg, sizeof (*msg), 0, 0);
+  if (err)
+    {
+      clib_error_report (err);
+      goto done;
+    }
+
+  err = clib_socket_sendmsg (cs, certkey, certkey_len, 0, 0);
+  if (err)
+    {
+      clib_error_report (err);
+      goto done;
+    }
+
+  /*
+   * Wait for reply and process it
+   */
+  err = clib_socket_recvmsg (cs, rmp, sizeof (*rmp), 0, 0);
+  if (err)
+    {
+      clib_error_report (err);
+      goto done;
+    }
+
+  if (rmp->type != APP_SAPI_MSG_TYPE_ADD_DEL_CERT_KEY_REPLY)
+    {
+      clib_warning ("unexpected reply type %u", rmp->type);
+      goto done;
+    }
+
+  if (!rmp->cert_key_add_del_reply.retval)
+    rv = rmp->cert_key_add_del_reply.index;
+
+done:
+
+  return rv;
+}
+
+int
+vcl_sapi_del_cert_key_pair (u32 ckpair_index)
+{
+  vcl_worker_t *wrk = vcl_worker_get_current ();
+  app_sapi_msg_t _msg = { 0 }, *msg = &_msg;
+  app_sapi_cert_key_add_del_msg_t *mp;
+  app_sapi_msg_t _rmp, *rmp = &_rmp;
+  clib_error_t *err;
+  clib_socket_t *cs;
+
+  msg->type = APP_SAPI_MSG_TYPE_ADD_DEL_CERT_KEY;
+  mp = &msg->cert_key_add_del;
+  mp->context = wrk->wrk_index;
+  mp->index = ckpair_index;
+
+  cs = &wrk->app_api_sock;
+  err = clib_socket_sendmsg (cs, &msg, sizeof (msg), 0, 0);
+  if (err)
+    {
+      clib_error_report (err);
+      return -1;
+    }
+
+  /*
+   * Wait for reply and process it
+   */
+  err = clib_socket_recvmsg (cs, rmp, sizeof (*rmp), 0, 0);
+  if (err)
+    {
+      clib_error_report (err);
+      return -1;
+    }
+
+  if (rmp->type != APP_SAPI_MSG_TYPE_ADD_DEL_CERT_KEY_REPLY)
+    {
+      clib_warning ("unexpected reply type %u", rmp->type);
+      return -1;
+    }
+
+  if (rmp->cert_key_add_del_reply.retval)
+    return -1;
+
+  return 0;
+}
+
 /*
  * fd.io coding-style-patch-verification: ON
  *
diff --git a/src/vcl/vppcom.c b/src/vcl/vppcom.c
index 62aeff636b8..c718c2fcc97 100644
--- a/src/vcl/vppcom.c
+++ b/src/vcl/vppcom.c
@@ -4388,22 +4388,18 @@ int
 vppcom_add_cert_key_pair (vppcom_cert_key_pair_t *ckpair)
 {
   if (vcm->cfg.vpp_app_socket_api)
-    {
-      clib_warning ("not supported");
-      return VPPCOM_EINVAL;
-    }
-  return vcl_bapi_add_cert_key_pair (ckpair);
+    return vcl_sapi_add_cert_key_pair (ckpair);
+  else
+    return vcl_bapi_add_cert_key_pair (ckpair);
 }
 
 int
 vppcom_del_cert_key_pair (uint32_t ckpair_index)
 {
   if (vcm->cfg.vpp_app_socket_api)
-    {
-      clib_warning ("not supported");
-      return VPPCOM_EINVAL;
-    }
-  return vcl_bapi_del_cert_key_pair (ckpair_index);
+    return vcl_sapi_del_cert_key_pair (ckpair_index);
+  else
+    return vcl_bapi_del_cert_key_pair (ckpair_index);
 }
 
 /*
author	Florin Coras <fcoras@cisco.com>	2021-08-11 14:55:49 -0700
committer	Dave Barach <openvpp@barachs.net>	2021-08-12 14:47:31 +0000
commit	e191d76d248ebbb022533d518b447b7df4efd371 (patch)
tree	d4953f922582e078aadf7148f7e4300e40d85001 /src/vcl
parent	8c7f5c809fecec80cdfdcae6cab1592defddc931 (diff)