From cd2fc207cfd052de2b57fe0bb32d6376829c0324 Mon Sep 17 00:00:00 2001 From: Ping Yu Date: Mon, 16 Jul 2018 05:44:48 -0400 Subject: Enable openssl TLS async support in client for HW accleration Change-Id: I003e41786c549c6451a1e9e178f5871d32c20e6e Signed-off-by: Ping Yu --- src/plugins/tlsopenssl/tls_openssl.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/src/plugins/tlsopenssl/tls_openssl.c b/src/plugins/tlsopenssl/tls_openssl.c index f5722917bcc..91c9de758b4 100644 --- a/src/plugins/tlsopenssl/tls_openssl.c +++ b/src/plugins/tlsopenssl/tls_openssl.c @@ -427,6 +427,9 @@ openssl_ctx_init_client (tls_ctx_t * ctx) stream_session_t *tls_session; const SSL_METHOD *method; int rv, err; +#ifdef HAVE_OPENSSL_ASYNC + openssl_resume_handler *handler; +#endif method = SSLv23_client_method (); if (method == NULL) @@ -444,6 +447,10 @@ openssl_ctx_init_client (tls_ctx_t * ctx) SSL_CTX_set_ecdh_auto (oc->ssl_ctx, 1); SSL_CTX_set_mode (oc->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE); +#ifdef HAVE_OPENSSL_ASYNC + if (om->async) + SSL_CTX_set_mode (oc->ssl_ctx, SSL_MODE_ASYNC); +#endif rv = SSL_CTX_set_cipher_list (oc->ssl_ctx, (const char *) ciphers); if (rv != 1) { @@ -489,6 +496,14 @@ openssl_ctx_init_client (tls_ctx_t * ctx) rv = SSL_do_handshake (oc->ssl); err = SSL_get_error (oc->ssl, rv); openssl_try_handshake_write (oc, tls_session); +#ifdef HAVE_OPENSSL_ASYNC + if (err == SSL_ERROR_WANT_ASYNC) + { + handler = (openssl_resume_handler *) openssl_ctx_handshake_rx; + vpp_ssl_async_process_event (ctx, handler); + break; + } +#endif if (err != SSL_ERROR_WANT_WRITE) break; } -- cgit 1.2.3-korg