summaryrefslogtreecommitdiffstats
path: root/src/plugins/tlsopenssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/plugins/tlsopenssl')
-rw-r--r--src/plugins/tlsopenssl/tls_async.c34
-rw-r--r--src/plugins/tlsopenssl/tls_openssl.c26
-rw-r--r--src/plugins/tlsopenssl/tls_openssl.h3
3 files changed, 27 insertions, 36 deletions
diff --git a/src/plugins/tlsopenssl/tls_async.c b/src/plugins/tlsopenssl/tls_async.c
index 50124a63678..facb94ec253 100644
--- a/src/plugins/tlsopenssl/tls_async.c
+++ b/src/plugins/tlsopenssl/tls_async.c
@@ -142,6 +142,7 @@ openssl_engine_register (char *engine_name, char *algorithm)
}
if (registered < 0)
{
+ clib_error ("engine %s is not regisered in VPP", engine_name);
return 0;
}
@@ -151,6 +152,7 @@ openssl_engine_register (char *engine_name, char *algorithm)
if (engine == NULL)
{
+ clib_warning ("Failed to find engine ENGINE_by_id %s", engine_name);
return 0;
}
@@ -245,7 +247,7 @@ openssl_evt_alloc (void)
}
int
-openssl_async_run (void *evt)
+tls_async_openssl_callback (SSL * s, void *evt)
{
openssl_evt_t *event, *event_tail;
openssl_async_t *om = &openssl_async_main;
@@ -299,7 +301,7 @@ vpp_add_async_pending_event (tls_ctx_t * ctx,
event->handler = handler;
event->cb_args.event_index = eidx;
event->cb_args.thread_index = thread_id;
- event->engine_callback.callback = openssl_async_run;
+ event->engine_callback.callback = tls_async_openssl_callback;
event->engine_callback.arg = &event->cb_args;
/* add to pending list */
@@ -326,11 +328,11 @@ vpp_add_async_run_event (tls_ctx_t * ctx, openssl_resume_handler * handler)
event->handler = handler;
event->cb_args.event_index = eidx;
event->cb_args.thread_index = thread_id;
- event->engine_callback.callback = openssl_async_run;
+ event->engine_callback.callback = tls_async_openssl_callback;
event->engine_callback.arg = &event->cb_args;
/* This is a retry event, and need to put to ring to make it run again */
- return openssl_async_run (&event->cb_args);
+ return tls_async_openssl_callback (NULL, &event->cb_args);
}
@@ -365,26 +367,10 @@ event_handler (void *tls_async)
void
dasync_polling ()
{
- openssl_async_t *om = &openssl_async_main;
- openssl_evt_t *event;
- int *evt_pending;
- openssl_tls_callback_t *engine_cb;
- u8 thread_index = vlib_get_thread_index ();
-
- /* POC code here to simulate the engine to call callback */
- evt_pending = &om->status[thread_index].evt_pending_head;
- while (*evt_pending >= 0)
- {
- TLS_DBG (2, "polling... current head = %d\n", *evt_pending);
- event = openssl_evt_get_w_thread (*evt_pending, thread_index);
- *evt_pending = event->next;
- if (event->status == SSL_ASYNC_PENDING)
- {
- engine_cb = &event->engine_callback;
- (*engine_cb->callback) (engine_cb->arg);
- }
- }
-
+/* dasync is a fake async device, and could not be polled.
+ * We have added code in the dasync engine to triggered the callback already,
+ * so nothing can be done here
+ */
}
void
diff --git a/src/plugins/tlsopenssl/tls_openssl.c b/src/plugins/tlsopenssl/tls_openssl.c
index 7994cc5d981..d07e0f89838 100644
--- a/src/plugins/tlsopenssl/tls_openssl.c
+++ b/src/plugins/tlsopenssl/tls_openssl.c
@@ -185,8 +185,7 @@ vpp_ssl_async_process_event (tls_ctx_t * ctx,
engine_cb = vpp_add_async_pending_event (ctx, handler);
if (engine_cb)
{
- SSL_set_async_callback (oc->ssl, (void *) engine_cb->callback,
- (void *) engine_cb->arg);
+ SSL_set_async_callback_arg (oc->ssl, (void *) engine_cb->arg);
TLS_DBG (2, "set callback to engine %p\n", engine_cb->callback);
}
return 0;
@@ -201,7 +200,7 @@ vpp_ssl_async_retry_func (tls_ctx_t * ctx, openssl_resume_handler * handler)
if (vpp_add_async_run_event (ctx, handler))
{
- SSL_set_async_estatus (oc->ssl, 0);
+ SSL_clear_async_status (oc->ssl);
}
return 0;
@@ -230,19 +229,23 @@ openssl_ctx_handshake_rx (tls_ctx_t * ctx, stream_session_t * tls_session)
break;
}
+#ifdef HAVE_OPENSSL_ASYNC
+ myself = openssl_ctx_handshake_rx;
+ vpp_ssl_async_process_event (ctx, myself);
+#endif
+
rv = SSL_do_handshake (oc->ssl);
err = SSL_get_error (oc->ssl, rv);
openssl_try_handshake_write (oc, tls_session);
#ifdef HAVE_OPENSSL_ASYNC
- myself = openssl_ctx_handshake_rx;
- if (SSL_get_async_estatus (oc->ssl, &estatus)
- && (estatus == ENGINE_STATUS_RETRY))
- {
- vpp_ssl_async_retry_func (ctx, myself);
- }
- else if (err == SSL_ERROR_WANT_ASYNC)
+ if (err == SSL_ERROR_WANT_ASYNC)
{
- vpp_ssl_async_process_event (ctx, myself);
+ SSL_get_async_status (oc->ssl, &estatus);
+
+ if (estatus == ASYNC_STATUS_EAGAIN)
+ {
+ vpp_ssl_async_retry_func (ctx, myself);
+ }
}
#endif
@@ -587,6 +590,7 @@ openssl_start_listen (tls_ctx_t * lctx)
#ifdef HAVE_OPENSSL_ASYNC
if (om->async)
SSL_CTX_set_mode (ssl_ctx, SSL_MODE_ASYNC);
+ SSL_CTX_set_async_callback (ssl_ctx, tls_async_openssl_callback);
#endif
SSL_CTX_set_options (ssl_ctx, flags);
SSL_CTX_set_ecdh_auto (ssl_ctx, 1);
diff --git a/src/plugins/tlsopenssl/tls_openssl.h b/src/plugins/tlsopenssl/tls_openssl.h
index e802f4523ea..712b4cac628 100644
--- a/src/plugins/tlsopenssl/tls_openssl.h
+++ b/src/plugins/tlsopenssl/tls_openssl.h
@@ -53,7 +53,7 @@ typedef struct openssl_main_
typedef struct openssl_tls_callback_
{
- int (*callback) (void *arg);
+ int (*callback) (SSL * ssl, void *arg);
void *arg;
} openssl_tls_callback_t;
@@ -66,6 +66,7 @@ openssl_tls_callback_t *vpp_add_async_pending_event (tls_ctx_t * ctx,
handler);
int vpp_add_async_run_event (tls_ctx_t * ctx, openssl_resume_handler *
handler);
+int tls_async_openssl_callback (SSL * s, void *evt);
void openssl_polling_start (ENGINE * engine);
int openssl_engine_register (char *engine, char *alg);
void openssl_async_node_enable_disable (u8 is_en);