diff options
Diffstat (limited to 'src/plugins/tlsmbedtls/tls_mbedtls.c')
-rw-r--r-- | src/plugins/tlsmbedtls/tls_mbedtls.c | 35 |
1 files changed, 28 insertions, 7 deletions
diff --git a/src/plugins/tlsmbedtls/tls_mbedtls.c b/src/plugins/tlsmbedtls/tls_mbedtls.c index 3fccba2ec5a..af04f1adeb0 100644 --- a/src/plugins/tlsmbedtls/tls_mbedtls.c +++ b/src/plugins/tlsmbedtls/tls_mbedtls.c @@ -74,7 +74,8 @@ mbedtls_ctx_alloc (void) mbedtls_main_t *tm = &mbedtls_main; mbedtls_ctx_t **ctx; - pool_get (tm->ctx_pool[thread_index], ctx); + pool_get_aligned_safe (tm->ctx_pool[thread_index], ctx, + CLIB_CACHE_LINE_BYTES); if (!(*ctx)) *ctx = clib_mem_alloc (sizeof (mbedtls_ctx_t)); @@ -90,7 +91,8 @@ mbedtls_ctx_free (tls_ctx_t * ctx) { mbedtls_ctx_t *mc = (mbedtls_ctx_t *) ctx; - if (mc->ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER && !ctx->is_passive_close) + if (mc->ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER && + !(ctx->flags & TLS_CONN_F_PASSIVE_CLOSE)) mbedtls_ssl_close_notify (&mc->ssl); if (mc->ssl.conf->endpoint == MBEDTLS_SSL_IS_SERVER) { @@ -550,11 +552,32 @@ mbedtls_transport_close (tls_ctx_t * ctx) } static int +mbedtls_transport_reset (tls_ctx_t *ctx) +{ + if (!mbedtls_handshake_is_over (ctx)) + { + session_close (session_get_from_handle (ctx->tls_session_handle)); + return 0; + } + + session_transport_reset_notify (&ctx->connection); + session_transport_closed_notify (&ctx->connection); + tls_disconnect_transport (ctx); + return 0; +} + +static int mbedtls_app_close (tls_ctx_t * ctx) { tls_disconnect_transport (ctx); session_transport_delete_notify (&ctx->connection); - mbedtls_ctx_free (ctx); + return 0; +} + +static int +mbedtls_reinit_ca_chain (void) +{ + /* Not supported Yet */ return 0; } @@ -571,7 +594,9 @@ const static tls_engine_vft_t mbedtls_engine = { .ctx_start_listen = mbedtls_start_listen, .ctx_stop_listen = mbedtls_stop_listen, .ctx_transport_close = mbedtls_transport_close, + .ctx_transport_reset = mbedtls_transport_reset, .ctx_app_close = mbedtls_app_close, + .ctx_reinit_cachain = mbedtls_reinit_ca_chain, }; int @@ -663,19 +688,15 @@ tls_mbedtls_init (vlib_main_t * vm) return 0; } -/* *INDENT-OFF* */ VLIB_INIT_FUNCTION (tls_mbedtls_init) = { .runs_after = VLIB_INITS("tls_init"), }; -/* *INDENT-ON* */ -/* *INDENT-OFF* */ VLIB_PLUGIN_REGISTER () = { .version = VPP_BUILD_VER, .description = "Transport Layer Security (TLS) Engine, Mbedtls Based", }; -/* *INDENT-ON* */ /* * fd.io coding-style-patch-verification: ON |