summaryrefslogtreecommitdiffstats
path: root/src/vnet/tls
diff options
context:
space:
mode:
authorFlorin Coras <fcoras@cisco.com>2023-11-08 19:57:38 -0800
committerDave Barach <vpp@barachs.net>2023-11-09 19:14:12 +0000
commit14bfd3d8b81f91caacd572ad426638e5375d2eb3 (patch)
tree21478615323dffbeb96f6a725f156aff01c86b94 /src/vnet/tls
parent115e31b43fcd5308601c624afbaf61211e48f56d (diff)
tls: fix handling of client and server init errors
- notify app on failed connect - avoid cleanup of ctx before transport cleanup to be able to handle pending rx notifications. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1b70ad45109d4c942afa1990dfce4fc44a50a637
Diffstat (limited to 'src/vnet/tls')
-rw-r--r--src/vnet/tls/tls.c20
1 files changed, 9 insertions, 11 deletions
diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index 0fe4bb2de3c..c2fe4d7e75b 100644
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@@ -466,7 +466,6 @@ tls_session_accept_callback (session_t * tls_session)
session_t *tls_listener, *app_session;
tls_ctx_t *lctx, *ctx;
u32 ctx_handle;
- int rv;
tls_listener =
listen_session_get_from_handle (tls_session->listener_handle);
@@ -496,14 +495,15 @@ tls_session_accept_callback (session_t * tls_session)
TLS_DBG (1, "Accept on listener %u new connection [%u]%x",
tls_listener->opaque, vlib_get_thread_index (), ctx_handle);
- rv = tls_ctx_init_server (ctx);
- if (rv)
+ if (tls_ctx_init_server (ctx))
{
+ /* Do not free ctx yet, in case we have pending rx events */
session_free (app_session);
- tls_ctx_free (ctx);
+ ctx->no_app_session = 1;
+ tls_disconnect_transport (ctx);
}
- return rv;
+ return 0;
}
int
@@ -548,7 +548,6 @@ tls_session_connected_cb (u32 tls_app_index, u32 ho_ctx_index,
tls_ctx_t *ho_ctx, *ctx;
session_type_t st;
u32 ctx_handle;
- int rv;
ho_ctx = tls_ctx_half_open_get (ho_ctx_index);
@@ -578,14 +577,13 @@ tls_session_connected_cb (u32 tls_app_index, u32 ho_ctx_index,
app_session->session_type = st;
app_session->connection_index = ctx->tls_ctx_handle;
- rv = tls_ctx_init_client (ctx);
- if (rv)
+ if (tls_ctx_init_client (ctx))
{
- session_free (app_session);
- tls_ctx_free (ctx);
+ tls_notify_app_connected (ctx, SESSION_E_TLS_HANDSHAKE);
+ tls_disconnect_transport (ctx);
}
- return rv;
+ return 0;
}
int