diff options
author | Florin Coras <fcoras@cisco.com> | 2023-11-08 19:57:38 -0800 |
---|---|---|
committer | Dave Barach <vpp@barachs.net> | 2023-11-09 19:14:12 +0000 |
commit | 14bfd3d8b81f91caacd572ad426638e5375d2eb3 (patch) | |
tree | 21478615323dffbeb96f6a725f156aff01c86b94 /src/vnet/tls | |
parent | 115e31b43fcd5308601c624afbaf61211e48f56d (diff) |
tls: fix handling of client and server init errors
- notify app on failed connect
- avoid cleanup of ctx before transport cleanup to be able to handle
pending rx notifications.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1b70ad45109d4c942afa1990dfce4fc44a50a637
Diffstat (limited to 'src/vnet/tls')
-rw-r--r-- | src/vnet/tls/tls.c | 20 |
1 files changed, 9 insertions, 11 deletions
diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c index 0fe4bb2de3c..c2fe4d7e75b 100644 --- a/src/vnet/tls/tls.c +++ b/src/vnet/tls/tls.c @@ -466,7 +466,6 @@ tls_session_accept_callback (session_t * tls_session) session_t *tls_listener, *app_session; tls_ctx_t *lctx, *ctx; u32 ctx_handle; - int rv; tls_listener = listen_session_get_from_handle (tls_session->listener_handle); @@ -496,14 +495,15 @@ tls_session_accept_callback (session_t * tls_session) TLS_DBG (1, "Accept on listener %u new connection [%u]%x", tls_listener->opaque, vlib_get_thread_index (), ctx_handle); - rv = tls_ctx_init_server (ctx); - if (rv) + if (tls_ctx_init_server (ctx)) { + /* Do not free ctx yet, in case we have pending rx events */ session_free (app_session); - tls_ctx_free (ctx); + ctx->no_app_session = 1; + tls_disconnect_transport (ctx); } - return rv; + return 0; } int @@ -548,7 +548,6 @@ tls_session_connected_cb (u32 tls_app_index, u32 ho_ctx_index, tls_ctx_t *ho_ctx, *ctx; session_type_t st; u32 ctx_handle; - int rv; ho_ctx = tls_ctx_half_open_get (ho_ctx_index); @@ -578,14 +577,13 @@ tls_session_connected_cb (u32 tls_app_index, u32 ho_ctx_index, app_session->session_type = st; app_session->connection_index = ctx->tls_ctx_handle; - rv = tls_ctx_init_client (ctx); - if (rv) + if (tls_ctx_init_client (ctx)) { - session_free (app_session); - tls_ctx_free (ctx); + tls_notify_app_connected (ctx, SESSION_E_TLS_HANDSHAKE); + tls_disconnect_transport (ctx); } - return rv; + return 0; } int |