aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/tlsmbedtls/tls_mbedtls.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/tlsmbedtls/tls_mbedtls.c')
-rw-r--r--src/plugins/tlsmbedtls/tls_mbedtls.c35
1 files changed, 28 insertions, 7 deletions
diff --git a/src/plugins/tlsmbedtls/tls_mbedtls.c b/src/plugins/tlsmbedtls/tls_mbedtls.c
index 3fccba2ec5a..af04f1adeb0 100644
--- a/src/plugins/tlsmbedtls/tls_mbedtls.c
+++ b/src/plugins/tlsmbedtls/tls_mbedtls.c
@@ -74,7 +74,8 @@ mbedtls_ctx_alloc (void)
mbedtls_main_t *tm = &mbedtls_main;
mbedtls_ctx_t **ctx;
- pool_get (tm->ctx_pool[thread_index], ctx);
+ pool_get_aligned_safe (tm->ctx_pool[thread_index], ctx,
+ CLIB_CACHE_LINE_BYTES);
if (!(*ctx))
*ctx = clib_mem_alloc (sizeof (mbedtls_ctx_t));
@@ -90,7 +91,8 @@ mbedtls_ctx_free (tls_ctx_t * ctx)
{
mbedtls_ctx_t *mc = (mbedtls_ctx_t *) ctx;
- if (mc->ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER && !ctx->is_passive_close)
+ if (mc->ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER &&
+ !(ctx->flags & TLS_CONN_F_PASSIVE_CLOSE))
mbedtls_ssl_close_notify (&mc->ssl);
if (mc->ssl.conf->endpoint == MBEDTLS_SSL_IS_SERVER)
{
@@ -550,11 +552,32 @@ mbedtls_transport_close (tls_ctx_t * ctx)
}
static int
+mbedtls_transport_reset (tls_ctx_t *ctx)
+{
+ if (!mbedtls_handshake_is_over (ctx))
+ {
+ session_close (session_get_from_handle (ctx->tls_session_handle));
+ return 0;
+ }
+
+ session_transport_reset_notify (&ctx->connection);
+ session_transport_closed_notify (&ctx->connection);
+ tls_disconnect_transport (ctx);
+ return 0;
+}
+
+static int
mbedtls_app_close (tls_ctx_t * ctx)
{
tls_disconnect_transport (ctx);
session_transport_delete_notify (&ctx->connection);
- mbedtls_ctx_free (ctx);
+ return 0;
+}
+
+static int
+mbedtls_reinit_ca_chain (void)
+{
+ /* Not supported Yet */
return 0;
}
@@ -571,7 +594,9 @@ const static tls_engine_vft_t mbedtls_engine = {
.ctx_start_listen = mbedtls_start_listen,
.ctx_stop_listen = mbedtls_stop_listen,
.ctx_transport_close = mbedtls_transport_close,
+ .ctx_transport_reset = mbedtls_transport_reset,
.ctx_app_close = mbedtls_app_close,
+ .ctx_reinit_cachain = mbedtls_reinit_ca_chain,
};
int
@@ -663,19 +688,15 @@ tls_mbedtls_init (vlib_main_t * vm)
return 0;
}
-/* *INDENT-OFF* */
VLIB_INIT_FUNCTION (tls_mbedtls_init) =
{
.runs_after = VLIB_INITS("tls_init"),
};
-/* *INDENT-ON* */
-/* *INDENT-OFF* */
VLIB_PLUGIN_REGISTER () = {
.version = VPP_BUILD_VER,
.description = "Transport Layer Security (TLS) Engine, Mbedtls Based",
};
-/* *INDENT-ON* */
/*
* fd.io coding-style-patch-verification: ON