diff options
author | Florin Coras <fcoras@cisco.com> | 2018-02-21 12:07:41 -0800 |
---|---|---|
committer | Dave Barach <openvpp@barachs.net> | 2018-03-02 12:54:31 +0000 |
commit | 371ca50a74a9c4f1b74c4c1b65c6fdec610fcfc3 (patch) | |
tree | 947e800faa7846223bdf8fb73429c657ddaf5805 /src/vnet/session/application.c | |
parent | 9e6356962a0cbb84f7ea9056b954d65aaa231a61 (diff) |
session: first approximation implementation of tls
It consists of two main parts. First, add an application transport type
whereby applications can offer transport to other applications. For
instance, a tls app can offer transport services to other applications.
And second, a tls transport app that leverages the mbedtls library for
tls protocol implementation.
Change-Id: I616996c6e6539a9e2368fab8a1ac874d7c5d9838
Signed-off-by: Florin Coras <fcoras@cisco.com>
Diffstat (limited to 'src/vnet/session/application.c')
-rw-r--r-- | src/vnet/session/application.c | 45 |
1 files changed, 40 insertions, 5 deletions
diff --git a/src/vnet/session/application.c b/src/vnet/session/application.c index b80aa3391a6..12f816bfe3b 100644 --- a/src/vnet/session/application.c +++ b/src/vnet/session/application.c @@ -209,6 +209,9 @@ application_del (application_t * app) */ application_local_sessions_del (app); + vec_free (app->tls_cert); + vec_free (app->tls_key); + application_table_del (app); pool_put (app_pool, app); } @@ -473,10 +476,22 @@ int application_open_session (application_t * app, session_endpoint_t * sep, u32 api_context) { - segment_manager_t *sm; int rv; /* Make sure we have a segment manager for connects */ + application_alloc_connects_segment_manager (app); + + if ((rv = session_open (app->index, sep, api_context))) + return rv; + + return 0; +} + +int +application_alloc_connects_segment_manager (application_t * app) +{ + segment_manager_t *sm; + if (app->connects_seg_manager == APP_INVALID_SEGMENT_MANAGER_INDEX) { sm = application_alloc_segment_manager (app); @@ -484,10 +499,6 @@ application_open_session (application_t * app, session_endpoint_t * sep, return -1; app->connects_seg_manager = segment_manager_index (sm); } - - if ((rv = session_open (app->index, sep, api_context))) - return rv; - return 0; } @@ -1156,6 +1167,30 @@ application_local_sessions_del (application_t * app) segment_manager_del (sm); } +clib_error_t * +vnet_app_add_tls_cert (vnet_app_add_tls_cert_args_t * a) +{ + application_t *app; + app = application_get (a->app_index); + if (!app) + return clib_error_return_code (0, VNET_API_ERROR_APPLICATION_NOT_ATTACHED, + 0, "app %u doesn't exist", a->app_index); + app->tls_cert = vec_dup (a->cert); + return 0; +} + +clib_error_t * +vnet_app_add_tls_key (vnet_app_add_tls_key_args_t * a) +{ + application_t *app; + app = application_get (a->app_index); + if (!app) + return clib_error_return_code (0, VNET_API_ERROR_APPLICATION_NOT_ATTACHED, + 0, "app %u doesn't exist", a->app_index); + app->tls_key = vec_dup (a->key); + return 0; +} + u8 * format_application_listener (u8 * s, va_list * args) { |