From ea158d64a0aa0673807c74ce00fc854519ba589c Mon Sep 17 00:00:00 2001
From: Florin Coras <fcoras@cisco.com>
Date: Mon, 26 Feb 2024 18:11:43 -0800
Subject: tls: pass reset ntf to engines

Type: improvement

Change-Id: Ie042605e50656229874b7a93638f0f04c894410f
Signed-off-by: Florin Coras <fcoras@cisco.com>
---
 src/vnet/tls/tls.c | 31 +++++++++----------------------
 src/vnet/tls/tls.h |  1 +
 2 files changed, 10 insertions(+), 22 deletions(-)

(limited to 'src/vnet/tls')

diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index 60a819571cf..3c06498e6e0 100644
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@@ -405,6 +405,12 @@ tls_ctx_transport_close (tls_ctx_t * ctx)
   return tls_vfts[ctx->tls_ctx_engine].ctx_transport_close (ctx);
 }
 
+static inline int
+tls_ctx_transport_reset (tls_ctx_t *ctx)
+{
+  return tls_vfts[ctx->tls_ctx_engine].ctx_transport_reset (ctx);
+}
+
 static inline int
 tls_ctx_app_close (tls_ctx_t * ctx)
 {
@@ -440,32 +446,13 @@ tls_notify_app_io_error (tls_ctx_t *ctx)
 }
 
 void
-tls_session_reset_callback (session_t * s)
+tls_session_reset_callback (session_t *ts)
 {
   tls_ctx_t *ctx;
-  transport_connection_t *tc;
-  session_t *app_session;
 
-  ctx = tls_ctx_get (s->opaque);
+  ctx = tls_ctx_get_w_thread (ts->opaque, ts->thread_index);
   ctx->flags |= TLS_CONN_F_PASSIVE_CLOSE;
-  tc = &ctx->connection;
-  if (tls_ctx_handshake_is_over (ctx))
-    {
-      session_transport_reset_notify (tc);
-      session_transport_closed_notify (tc);
-      tls_disconnect_transport (ctx);
-    }
-  else
-    {
-      app_session = session_get_if_valid (ctx->c_s_index, ctx->c_thread_index);
-      if (app_session)
-	{
-	  session_free (app_session);
-	  ctx->c_s_index = SESSION_INVALID_INDEX;
-	  ctx->flags |= TLS_CONN_F_NO_APP_SESSION;
-	  tls_disconnect_transport (ctx);
-	}
-    }
+  tls_ctx_transport_reset (ctx);
 }
 
 static void
diff --git a/src/vnet/tls/tls.h b/src/vnet/tls/tls.h
index f678867e664..f7a3ad02e30 100644
--- a/src/vnet/tls/tls.h
+++ b/src/vnet/tls/tls.h
@@ -144,6 +144,7 @@ typedef struct tls_engine_vft_
   int (*ctx_start_listen) (tls_ctx_t * ctx);
   int (*ctx_stop_listen) (tls_ctx_t * ctx);
   int (*ctx_transport_close) (tls_ctx_t * ctx);
+  int (*ctx_transport_reset) (tls_ctx_t *ctx);
   int (*ctx_app_close) (tls_ctx_t * ctx);
   int (*ctx_reinit_cachain) (void);
 } tls_engine_vft_t;
-- 
cgit 1.2.3-korg