From decda5b466843b3164ba13f248f9e0bb93111782 Mon Sep 17 00:00:00 2001
From: Ping Yu <ping.yu@intel.com>
Date: Mon, 13 Aug 2018 06:20:00 -0400
Subject: optimize init_server to reduce session overhead

move un-necessary session based operation to listener
split orignal openssl ctx to be session based ctx and listen ctx

Change-Id: Id6c54f47b0e2171fd8924a45efcd5266ce5402d5
Signed-off-by: Ping Yu <ping.yu@intel.com>
---
 src/vnet/tls/tls.c | 8 ++++++++
 src/vnet/tls/tls.h | 4 ++++
 2 files changed, 12 insertions(+)

(limited to 'src/vnet')

diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index 88b4548c3aa..4b12248a051 100644
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@@ -541,6 +541,8 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep)
   lctx->tcp_is_ip4 = sep->is_ip4;
   lctx->tls_ctx_engine = engine_type;
 
+  tls_vfts[engine_type].ctx_start_listen (lctx);
+
   TLS_DBG (1, "Started listening %d, engine type %d", lctx_index,
 	   engine_type);
   return lctx_index;
@@ -552,9 +554,15 @@ tls_stop_listen (u32 lctx_index)
   tls_main_t *tm = &tls_main;
   application_t *tls_app;
   tls_ctx_t *lctx;
+  tls_engine_type_t engine_type;
+
   lctx = tls_listener_ctx_get (lctx_index);
   tls_app = application_get (tm->app_index);
   application_stop_listen (tls_app, lctx->tls_session_handle);
+
+  engine_type = lctx->tls_ctx_engine;
+  tls_vfts[engine_type].ctx_stop_listen (lctx);
+
   tls_listener_ctx_free (lctx);
   return 0;
 }
diff --git a/src/vnet/tls/tls.h b/src/vnet/tls/tls.h
index f67f307550b..5515cb25b8a 100644
--- a/src/vnet/tls/tls.h
+++ b/src/vnet/tls/tls.h
@@ -41,6 +41,7 @@ typedef CLIB_PACKED (struct tls_cxt_id_
   u32 parent_app_index;
   session_handle_t app_session_handle;
   session_handle_t tls_session_handle;
+  u32 ssl_ctx;
   u32 listener_ctx_index;
   u8 tcp_is_ip4;
   u8 tls_engine_id;
@@ -62,6 +63,7 @@ typedef struct tls_ctx_
 #define listener_ctx_index c_tls_ctx_id.listener_ctx_index
 #define tcp_is_ip4 c_tls_ctx_id.tcp_is_ip4
 #define tls_ctx_engine c_tls_ctx_id.tls_engine_id
+#define tls_ssl_ctx c_tls_ctx_id.ssl_ctx
 #define tls_ctx_handle c_c_index
   /* Temporary storage for session open opaque. Overwritten once
    * underlying tcp connection is established */
@@ -99,6 +101,8 @@ typedef struct tls_engine_vft_
   int (*ctx_read) (tls_ctx_t * ctx, stream_session_t * tls_session);
   int (*ctx_write) (tls_ctx_t * ctx, stream_session_t * app_session);
     u8 (*ctx_handshake_is_over) (tls_ctx_t * ctx);
+  int (*ctx_start_listen) (tls_ctx_t * ctx);
+  int (*ctx_stop_listen) (tls_ctx_t * ctx);
 } tls_engine_vft_t;
 
 typedef enum tls_engine_type_
-- 
cgit 1.2.3-korg