summaryrefslogtreecommitdiffstats
path: root/src/vnet/session/application.c
diff options
context:
space:
mode:
authorFlorin Coras <fcoras@cisco.com>2018-02-21 12:07:41 -0800
committerDave Barach <openvpp@barachs.net>2018-03-02 12:54:31 +0000
commit371ca50a74a9c4f1b74c4c1b65c6fdec610fcfc3 (patch)
tree947e800faa7846223bdf8fb73429c657ddaf5805 /src/vnet/session/application.c
parent9e6356962a0cbb84f7ea9056b954d65aaa231a61 (diff)
session: first approximation implementation of tls
It consists of two main parts. First, add an application transport type whereby applications can offer transport to other applications. For instance, a tls app can offer transport services to other applications. And second, a tls transport app that leverages the mbedtls library for tls protocol implementation. Change-Id: I616996c6e6539a9e2368fab8a1ac874d7c5d9838 Signed-off-by: Florin Coras <fcoras@cisco.com>
Diffstat (limited to 'src/vnet/session/application.c')
-rw-r--r--src/vnet/session/application.c45
1 files changed, 40 insertions, 5 deletions
diff --git a/src/vnet/session/application.c b/src/vnet/session/application.c
index b80aa3391a6..12f816bfe3b 100644
--- a/src/vnet/session/application.c
+++ b/src/vnet/session/application.c
@@ -209,6 +209,9 @@ application_del (application_t * app)
*/
application_local_sessions_del (app);
+ vec_free (app->tls_cert);
+ vec_free (app->tls_key);
+
application_table_del (app);
pool_put (app_pool, app);
}
@@ -473,10 +476,22 @@ int
application_open_session (application_t * app, session_endpoint_t * sep,
u32 api_context)
{
- segment_manager_t *sm;
int rv;
/* Make sure we have a segment manager for connects */
+ application_alloc_connects_segment_manager (app);
+
+ if ((rv = session_open (app->index, sep, api_context)))
+ return rv;
+
+ return 0;
+}
+
+int
+application_alloc_connects_segment_manager (application_t * app)
+{
+ segment_manager_t *sm;
+
if (app->connects_seg_manager == APP_INVALID_SEGMENT_MANAGER_INDEX)
{
sm = application_alloc_segment_manager (app);
@@ -484,10 +499,6 @@ application_open_session (application_t * app, session_endpoint_t * sep,
return -1;
app->connects_seg_manager = segment_manager_index (sm);
}
-
- if ((rv = session_open (app->index, sep, api_context)))
- return rv;
-
return 0;
}
@@ -1156,6 +1167,30 @@ application_local_sessions_del (application_t * app)
segment_manager_del (sm);
}
+clib_error_t *
+vnet_app_add_tls_cert (vnet_app_add_tls_cert_args_t * a)
+{
+ application_t *app;
+ app = application_get (a->app_index);
+ if (!app)
+ return clib_error_return_code (0, VNET_API_ERROR_APPLICATION_NOT_ATTACHED,
+ 0, "app %u doesn't exist", a->app_index);
+ app->tls_cert = vec_dup (a->cert);
+ return 0;
+}
+
+clib_error_t *
+vnet_app_add_tls_key (vnet_app_add_tls_key_args_t * a)
+{
+ application_t *app;
+ app = application_get (a->app_index);
+ if (!app)
+ return clib_error_return_code (0, VNET_API_ERROR_APPLICATION_NOT_ATTACHED,
+ 0, "app %u doesn't exist", a->app_index);
+ app->tls_key = vec_dup (a->key);
+ return 0;
+}
+
u8 *
format_application_listener (u8 * s, va_list * args)
{