From e5f18337f1f5d8b8578b6305b7c11276cc5a18a0 Mon Sep 17 00:00:00 2001 From: Florin Coras Date: Thu, 22 Apr 2021 11:48:35 -0700 Subject: tls quic: improve error reporting Type: improvement Signed-off-by: Florin Coras Change-Id: I92f0c1f7c0f4696fa12071440a643aa703d6306f --- src/plugins/quic/quic.c | 12 ++++++------ src/vnet/session/session_types.h | 5 ++++- src/vnet/tls/tls.c | 13 +++++++------ 3 files changed, 17 insertions(+), 13 deletions(-) (limited to 'src') diff --git a/src/plugins/quic/quic.c b/src/plugins/quic/quic.c index cf697278cb7..929d745274f 100644 --- a/src/plugins/quic/quic.c +++ b/src/plugins/quic/quic.c @@ -345,7 +345,7 @@ quic_acquire_crypto_context (quic_ctx_t * ctx) { QUIC_DBG (1, "Quic does not support crypto engine %d", ctx->crypto_engine); - return VNET_API_ERROR_MISSING_CERT_KEY; + return SESSION_E_NOCRYPTOENG; } /* Check for exisiting crypto ctx */ @@ -377,7 +377,7 @@ quic_acquire_crypto_context (quic_ctx_t * ctx) error: quic_crypto_context_free_if_needed (crctx, ctx->c_thread_index); - return VNET_API_ERROR_MISSING_CERT_KEY; + return SESSION_E_NOCRYPTOCKP; } /* Helper functions */ @@ -1314,7 +1314,7 @@ quic_connect_connection (session_endpoint_cfg_t * sep) int error; if (!sep->ext_cfg) - return -1; + return SESSION_E_NOEXTCFG; ccfg = &sep->ext_cfg->crypto; @@ -1455,7 +1455,7 @@ quic_start_listen (u32 quic_listen_session_index, transport_endpoint_t * tep) sep = (session_endpoint_cfg_t *) tep; if (!sep->ext_cfg) - return -1; + return SESSION_E_NOEXTCFG; ccfg = &sep->ext_cfg->crypto; app_wrk = app_worker_get (sep->app_wrk_index); @@ -1496,8 +1496,8 @@ quic_start_listen (u32 quic_listen_session_index, transport_endpoint_t * tep) lctx->c_s_index = quic_listen_session_index; lctx->crypto_engine = ccfg->crypto_engine; lctx->ckpair_index = ccfg->ckpair_index; - if (quic_acquire_crypto_context (lctx)) - return -1; + if ((rv = quic_acquire_crypto_context (lctx))) + return rv; QUIC_DBG (2, "Listening UDP session 0x%lx", session_handle (udp_listen_session)); diff --git a/src/vnet/session/session_types.h b/src/vnet/session/session_types.h index 9211df9e46d..c8b1d2eb001 100644 --- a/src/vnet/session/session_types.h +++ b/src/vnet/session/session_types.h @@ -475,7 +475,10 @@ STATIC_ASSERT (sizeof (session_dgram_hdr_t) == (SESSION_CONN_ID_LEN + 8), _ (BAPI_NO_REG, "app bapi registration not found") \ _ (MQ_MSG_ALLOC, "failed to alloc mq msg") \ _ (TLS_HANDSHAKE, "failed tls handshake") \ - _ (EVENTFD_ALLOC, "failed to alloc eventfd") + _ (EVENTFD_ALLOC, "failed to alloc eventfd") \ + _ (NOEXTCFG, "no extended transport config") \ + _ (NOCRYPTOENG, "no crypto engine") \ + _ (NOCRYPTOCKP, "cert key pair not found ") typedef enum session_error_p_ { diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c index 808c151dac5..634d231494d 100644 --- a/src/vnet/tls/tls.c +++ b/src/vnet/tls/tls.c @@ -681,7 +681,7 @@ tls_connect (transport_endpoint_cfg_t * tep) sep = (session_endpoint_cfg_t *) tep; if (!sep->ext_cfg) - return -1; + return SESSION_E_NOEXTCFG; app_wrk = app_worker_get (sep->app_wrk_index); app = application_get (app_wrk->app_index); @@ -691,7 +691,7 @@ tls_connect (transport_endpoint_cfg_t * tep) if (engine_type == CRYPTO_ENGINE_NONE) { clib_warning ("No tls engine_type available"); - return -1; + return SESSION_E_NOCRYPTOENG; } ctx_index = tls_ctx_half_open_alloc (); @@ -750,10 +750,11 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep) app_listener_t *al; tls_ctx_t *lctx; u32 lctx_index; + int rv; sep = (session_endpoint_cfg_t *) tep; if (!sep->ext_cfg) - return -1; + return SESSION_E_NOEXTCFG; app_wrk = app_worker_get (sep->app_wrk_index); app = application_get (app_wrk->app_index); @@ -763,7 +764,7 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep) if (engine_type == CRYPTO_ENGINE_NONE) { clib_warning ("No tls engine_type available"); - return -1; + return SESSION_E_NOCRYPTOENG; } clib_memset (args, 0, sizeof (*args)); @@ -776,8 +777,8 @@ tls_start_listen (u32 app_listener_index, transport_endpoint_t * tep) args->sep_ext.transport_proto = TRANSPORT_PROTO_UDP; args->sep_ext.transport_flags = TRANSPORT_CFG_F_CONNECTED; } - if (vnet_listen (args)) - return -1; + if ((rv = vnet_listen (args))) + return rv; lctx_index = tls_listener_ctx_alloc (); tls_al_handle = args->handle; -- cgit 1.2.3-korg