diff options
Diffstat (limited to 'src/vnet/session-apps')
-rw-r--r-- | src/vnet/session-apps/tls.c | 35 |
1 files changed, 28 insertions, 7 deletions
diff --git a/src/vnet/session-apps/tls.c b/src/vnet/session-apps/tls.c index 4e4453cb0d3..50c36361f2b 100644 --- a/src/vnet/session-apps/tls.c +++ b/src/vnet/session-apps/tls.c @@ -221,9 +221,9 @@ tls_listener_ctx_alloc (void) } void -tls_ctx_listener_free (tls_ctx_t * ctx) +tls_listener_ctx_free (tls_ctx_t * ctx) { - pool_put (tls_main.half_open_ctx_pool, ctx); + pool_put (tls_main.listener_ctx_pool, ctx); } tls_ctx_t * @@ -936,6 +936,13 @@ tls_disconnect (u32 ctx_index, u32 thread_index) app_session->server_tx_fifo); session_free (app_session); } + if (ctx->ssl.conf->endpoint == MBEDTLS_SSL_IS_SERVER) + { + mbedtls_x509_crt_free (&ctx->srvcert); + mbedtls_pk_free (&ctx->pkey); + } + mbedtls_ssl_free (&ctx->ssl); + mbedtls_ssl_config_free (&ctx->conf); tls_ctx_free (ctx); } @@ -974,13 +981,27 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep) } u32 -tls_stop_listen (u32 listener_index) +tls_stop_listen (u32 lctx_index) { - clib_warning ("TBD"); + tls_main_t *tm = &tls_main; + application_t *tls_app; + tls_ctx_t *lctx; + lctx = tls_listener_ctx_get (lctx_index); + tls_app = application_get (tm->app_index); + application_stop_listen (tls_app, lctx->tls_session_handle); + tls_listener_ctx_free (lctx); return 0; } transport_connection_t * +tls_connection_get (u32 ctx_index, u32 thread_index) +{ + tls_ctx_t *ctx; + ctx = tls_ctx_get_w_thread (ctx_index, thread_index); + return &ctx->connection; +} + +transport_connection_t * tls_listener_get (u32 listener_index) { tls_ctx_t *ctx; @@ -999,9 +1020,8 @@ format_tls_ctx (u8 * s, va_list * args) if (thread_index != child_ti) clib_warning ("app and tls sessions are on different threads!"); - s = - format (s, "[#%d][TLS] app %u child %u", child_ti, ctx->parent_app_index, - child_si); + s = format (s, "[#%d][TLS] app %u child %u", child_ti, + ctx->parent_app_index, child_si); return s; } @@ -1055,6 +1075,7 @@ const static transport_proto_vft_t tls_proto = { .open = tls_connect, .close = tls_disconnect, .bind = tls_start_listen, + .get_connection = tls_connection_get, .get_listener = tls_listener_get, .unbind = tls_stop_listen, .tx_type = TRANSPORT_TX_INTERNAL, |