summaryrefslogtreecommitdiffstats
path: root/src/plugins/tlsopenssl/tls_openssl.h
AgeCommit message (Collapse)AuthorFilesLines
2023-10-11tls: Fix SSL_CTX leak on every client sessionBrian Morris1-1/+1
Type: fix Change-Id: I35b3920288269073cdd35f79c938396128d169c9 Signed-off-by: Brian Morris <bmorris2@cisco.com>
2021-02-09tls: dtls initial implementationFlorin Coras1-0/+10
Type: feature Basic dtls transport protocol implementation that relies on openssl wire protocol implementation. Retries/timeouts not yet supported. To test using vcl test apps, first ensure all arp entries are properly resolved and subsequently: server: vcl_server -p dtls 1234 client: vcl_client -p dtls <server-ip> 1234 -U -N 2000000 -T 1460 -X Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I04b4516a8fe9ce85ba230bcdd891f33a900046ed
2020-12-18tls: add custom openssl bioFlorin Coras1-0/+3
The bio interacts directly with the session so it avoids using an intermediary mem bio and, implicitly, higher memory consumption and an extra memcpy. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ifb675cfd12df86396a7a738a6cd4d0882c69ad2f
2020-02-19tls: handle disconect and reset in async modeYu Ping1-0/+1
Type: fix When async is enabled and request is inflight, delay close oepration Change-Id: I713078fe9832c1599e8860fc0a6bb98588f20943 Signed-off-by: Yu Ping <ping.yu@intel.com>
2020-02-03tls: refactor for tls async event handlingYu Ping1-12/+6
Type: refactor Make sure one tls ctx has one event availble Thus ctx has the same life time with event, which can simplify the management. Change-Id: I1f4240e7316025d81bb97644946ffa399c00cd76 Signed-off-by: Yu Ping <ping.yu@intel.com>
2019-08-20tls: Add C API for TLS openssl to set enginePing Yu1-0/+5
Type: feature Parameters of the engine can be set by C API. After this patch, it is easier to integrate TLS into CSIT test. Change-Id: I063cabf613aabbfad831727551579328705afb41 Signed-off-by: Ping Yu <ping.yu@intel.com>
2019-02-04session: cleanup part 1Florin Coras1-2/+1
Rename core data structures. This will break compatibility for out of tree builtin apps. - stream_session_t to session_t - server_rx/tx_fifo to rx/tx_fifo - stream_session.h to session_types.h - update copyright Change-Id: I414097c6e28bcbea866fbf13b8773c7db3f49325 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-07Change vpp code to align with openssl interface changePing Yu1-1/+2
PR in openssl community is almost done, and need to change some code in VPP to align with the openssl interface. Change-Id: Ic7da53e507b67b53958760d07738dd774b1c526d Signed-off-by: Ping Yu <ping.yu@intel.com>
2018-09-04add option to allow user to set ciphersPing Yu1-0/+1
Orignal code hard code TLS ciphers, and this patch allows user to set ciphers via CLI, so that user can perform the TLS testing without re-building the code. Change-Id: I0d497f6d906af25bc7a33cee5747f9a1d63e0683 Signed-off-by: Ping Yu <ping.yu@intel.com>
2018-08-17optimize init_server to reduce session overheadPing Yu1-1/+9
move un-necessary session based operation to listener split orignal openssl ctx to be session based ctx and listen ctx Change-Id: Id6c54f47b0e2171fd8924a45efcd5266ce5402d5 Signed-off-by: Ping Yu <ping.yu@intel.com>
2018-07-19Add a new communication channel between VPP and openssl enginePing Yu1-0/+2
Thus when engine buffer is full during a burst in performance tesing, this code will help VPP handle retry machansim. Change-Id: I0f9fc05d3dba8a54d34dca4c6137700d6c80f714 Signed-off-by: Ping Yu <ping.yu@intel.com>
2018-06-15TLS async supportPing Yu1-0/+68
Change-Id: I26194e00dfb85e5cd1c65ff4e6ffd665be2d719b Signed-off-by: Ping Yu <ping.yu@intel.com>