ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

session: support of multiple extended configs

Browse Source 
This allow configuration for each transport protocol when combined,
e.g. HTTPS=HTTP+TLS.
Extended config of session endpoint config is now chunk of memory,
which allow seamless integration with VCL, and internal
representation is hidden behind APIs, which is better for
future improvements. By default chunk is allocated to 512B if the
app doesn't do so before.

Type: improvement
Change-Id: I323f19ec255eba31c58c06b8b83af45aab7f5bb1
Signed-off-by: Matus Fabian <matfabia@cisco.com>
This commit is contained in:
Matus Fabian
2024-10-16 15:29:36 +02:00
committed by Florin Coras
parent 75f4960d12
commit 10c016c055
15 changed files with 173 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/plugins/hs_apps/echo_client.c
View File

@ -946,15 +946,16 @@ ec_connect_rpc (void *args)
a->api_context = ci;
if (needs_crypto)
{
session_endpoint_alloc_ext_cfg (&a->sep_ext,
TRANSPORT_ENDPT_EXT_CFG_CRYPTO);
a->sep_ext.ext_cfg->crypto.ckpair_index = ecm->ckpair_index;
transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg (
&a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO,
sizeof (transport_endpt_crypto_cfg_t));
ext_cfg->crypto.ckpair_index = ecm->ckpair_index;
}
rv = vnet_connect (a);
if (needs_crypto)
clib_mem_free (a->sep_ext.ext_cfg);
session_endpoint_free_ext_cfgs (&a->sep_ext);
if (rv)
{

16
src/plugins/hs_apps/echo_server.c
View File

@ -591,6 +591,7 @@ echo_server_listen ()
i32 rv;
echo_server_main_t *esm = &echo_server_main;
vnet_listen_args_t _args = {}, *args = &_args;
int needs_crypto;
if ((rv = parse_uri (esm->server_uri, &args->sep_ext)))
{
@ -598,11 +599,14 @@ echo_server_listen ()
}
args->app_index = esm->app_index;
args->sep_ext.port = hs_make_data_port (args->sep_ext.port);
if (echo_client_transport_needs_crypto (args->sep_ext.transport_proto))
needs_crypto =
echo_client_transport_needs_crypto (args->sep_ext.transport_proto);
if (needs_crypto)
{
session_endpoint_alloc_ext_cfg (&args->sep_ext,
TRANSPORT_ENDPT_EXT_CFG_CRYPTO);
args->sep_ext.ext_cfg->crypto.ckpair_index = esm->ckpair_index;
transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg (
&args->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO,
sizeof (transport_endpt_crypto_cfg_t));
ext_cfg->crypto.ckpair_index = esm->ckpair_index;
}
if (args->sep_ext.transport_proto == TRANSPORT_PROTO_UDP)
@ -612,8 +616,8 @@ echo_server_listen ()
rv = vnet_listen (args);
esm->listener_handle = args->handle;
if (args->sep_ext.ext_cfg)
clib_mem_free (args->sep_ext.ext_cfg);
if (needs_crypto)
session_endpoint_free_ext_cfgs (&args->sep_ext);
return rv;
}

9
src/plugins/hs_apps/http_cli.c
View File

@ -660,9 +660,10 @@ hcs_listen ()
if (need_crypto)
{
session_endpoint_alloc_ext_cfg (&a->sep_ext,
TRANSPORT_ENDPT_EXT_CFG_CRYPTO);
a->sep_ext.ext_cfg->crypto.ckpair_index = hcm->ckpair_index;
transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg (
&a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO,
sizeof (transport_endpt_crypto_cfg_t));
ext_cfg->crypto.ckpair_index = hcm->ckpair_index;
}
rv = vnet_listen (a);
@ -676,7 +677,7 @@ hcs_listen ()
}
if (need_crypto)
clib_mem_free (a->sep_ext.ext_cfg);
session_endpoint_free_ext_cfgs (&a->sep_ext);
return rv;
}

9
src/plugins/hs_apps/http_tps.c
View File

@ -641,15 +641,16 @@ hts_start_listen (hts_main_t *htm, session_endpoint_cfg_t *sep, u8 *uri,
if (need_crypto)
{
session_endpoint_alloc_ext_cfg (&a->sep_ext,
TRANSPORT_ENDPT_EXT_CFG_CRYPTO);
a->sep_ext.ext_cfg->crypto.ckpair_index = htm->ckpair_index;
transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg (
&a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO,
sizeof (transport_endpt_crypto_cfg_t));
ext_cfg->crypto.ckpair_index = htm->ckpair_index;
}
rv = vnet_listen (a);
if (need_crypto)
clib_mem_free (a->sep_ext.ext_cfg);
session_endpoint_free_ext_cfgs (&a->sep_ext);
if (rv)
return rv;

26
src/plugins/hs_apps/proxy.c
View File

@ -54,8 +54,7 @@ proxy_do_connect (vnet_connect_args_t *a)
{
ASSERT (session_vlib_thread_is_cl_thread ());
vnet_connect (a);
if (a->sep_ext.ext_cfg)
clib_mem_free (a->sep_ext.ext_cfg);
session_endpoint_free_ext_cfgs (&a->sep_ext);
}
static void
@ -487,9 +486,10 @@ proxy_session_start_connect (proxy_session_side_ctx_t *sc, session_t *s)
if (proxy_transport_needs_crypto (a->sep.transport_proto))
{
session_endpoint_alloc_ext_cfg (&a->sep_ext,
TRANSPORT_ENDPT_EXT_CFG_CRYPTO);
a->sep_ext.ext_cfg->crypto.ckpair_index = pm->ckpair_index;
transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg (
&a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO,
sizeof (transport_endpt_crypto_cfg_t));
ext_cfg->crypto.ckpair_index = pm->ckpair_index;
}
proxy_program_connect (a);
@ -895,22 +895,24 @@ proxy_server_listen ()
{
proxy_main_t *pm = &proxy_main;
vnet_listen_args_t _a, *a = &_a;
int rv;
int rv, need_crypto;
clib_memset (a, 0, sizeof (*a));
a->app_index = pm->server_app_index;
clib_memcpy (&a->sep_ext, &pm->server_sep, sizeof (pm->server_sep));
if (proxy_transport_needs_crypto (a->sep.transport_proto))
need_crypto = proxy_transport_needs_crypto (a->sep.transport_proto);
if (need_crypto)
{
session_endpoint_alloc_ext_cfg (&a->sep_ext,
TRANSPORT_ENDPT_EXT_CFG_CRYPTO);
a->sep_ext.ext_cfg->crypto.ckpair_index = pm->ckpair_index;
transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg (
&a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO,
sizeof (transport_endpt_crypto_cfg_t));
ext_cfg->crypto.ckpair_index = pm->ckpair_index;
}
rv = vnet_listen (a);
if (a->sep_ext.ext_cfg)
clib_mem_free (a->sep_ext.ext_cfg);
if (need_crypto)
session_endpoint_free_ext_cfgs (&a->sep_ext);
return rv;
}

8
src/plugins/http/http.c
View File

@ -1876,11 +1876,12 @@ http_start_listen (u32 app_listener_index, transport_endpoint_cfg_t *tep)
http_main_t *hm = &http_main;
session_endpoint_cfg_t *sep;
app_worker_t *app_wrk;
transport_proto_t tp;
transport_proto_t tp = TRANSPORT_PROTO_TCP;
app_listener_t *al;
application_t *app;
http_conn_t *lhc;
u32 lhc_index;
transport_endpt_ext_cfg_t *ext_cfg;
sep = (session_endpoint_cfg_t *) tep;
@ -1890,7 +1891,10 @@ http_start_listen (u32 app_listener_index, transport_endpoint_cfg_t *tep)
args->app_index = hm->app_index;
args->sep_ext = *sep;
args->sep_ext.ns_index = app->ns_index;
tp = sep->ext_cfg ? TRANSPORT_PROTO_TLS : TRANSPORT_PROTO_TCP;
ext_cfg = session_endpoint_get_ext_cfg (sep, TRANSPORT_ENDPT_EXT_CFG_CRYPTO);
if (ext_cfg)
tp = TRANSPORT_PROTO_TLS;
args->sep_ext.transport_proto = tp;
if (vnet_listen (args))

9
src/plugins/http_static/static_server.c
View File

@ -822,15 +822,16 @@ hss_listen (void)
if (need_crypto)
{
session_endpoint_alloc_ext_cfg (&a->sep_ext,
TRANSPORT_ENDPT_EXT_CFG_CRYPTO);
a->sep_ext.ext_cfg->crypto.ckpair_index = hsm->ckpair_index;
transport_endpt_ext_cfg_t *ext_cfg = session_endpoint_add_ext_cfg (
&a->sep_ext, TRANSPORT_ENDPT_EXT_CFG_CRYPTO,
sizeof (transport_endpt_crypto_cfg_t));
ext_cfg->crypto.ckpair_index = hsm->ckpair_index;
}
rv = vnet_listen (a);
if (need_crypto)
clib_mem_free (a->sep_ext.ext_cfg);
session_endpoint_free_ext_cfgs (&a->sep_ext);
return rv;
}

12
src/plugins/quic/quic.c
View File

@ -1332,14 +1332,16 @@ quic_connect_connection (session_endpoint_cfg_t * sep)
quic_ctx_t *ctx;
app_worker_t *app_wrk;
application_t *app;
transport_endpt_ext_cfg_t *ext_cfg;
int error;
if (!sep->ext_cfg)
ext_cfg = session_endpoint_get_ext_cfg (sep, TRANSPORT_ENDPT_EXT_CFG_CRYPTO);
if (!ext_cfg)
return SESSION_E_NOEXTCFG;
/* Use pool on thread 1 if we have workers because of UDP */
thread_index = transport_cl_thread ();
ccfg = &sep->ext_cfg->crypto;
ccfg = &ext_cfg->crypto;
clib_memset (cargs, 0, sizeof (*cargs));
ctx_index = quic_ctx_alloc (thread_index);
@ -1475,13 +1477,15 @@ quic_start_listen (u32 quic_listen_session_index,
quic_ctx_t *lctx;
u32 lctx_index;
app_listener_t *app_listener;
transport_endpt_ext_cfg_t *ext_cfg;
int rv;
sep = (session_endpoint_cfg_t *) tep;
if (!sep->ext_cfg)
ext_cfg = session_endpoint_get_ext_cfg (sep, TRANSPORT_ENDPT_EXT_CFG_CRYPTO);
if (!ext_cfg)
return SESSION_E_NOEXTCFG;
ccfg = &sep->ext_cfg->crypto;
ccfg = &ext_cfg->crypto;
app_wrk = app_worker_get (sep->app_wrk_index);
app = application_get (app_wrk->app_index);
QUIC_DBG (2, "Called quic_start_listen for app %d", app_wrk->app_index);

12
src/plugins/srtp/srtp.c
View File

@ -641,10 +641,12 @@ srtp_connect (transport_endpoint_cfg_t *tep)
application_t *app;
srtp_tc_t *ctx;
u32 ctx_index;
transport_endpt_ext_cfg_t *ext_cfg;
int rv;
sep = (session_endpoint_cfg_t *) tep;
if (!sep->ext_cfg)
ext_cfg = session_endpoint_get_ext_cfg (sep, TRANSPORT_ENDPT_EXT_CFG_NONE);
if (!ext_cfg)
return SESSION_E_NOEXTCFG;
app_wrk = app_worker_get (sep->app_wrk_index);
@ -658,7 +660,7 @@ srtp_connect (transport_endpoint_cfg_t *tep)
ctx->srtp_ctx_handle = ctx_index;
ctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
srtp_init_policy (ctx, (transport_endpt_cfg_srtp_t *) sep->ext_cfg->data);
srtp_init_policy (ctx, (transport_endpt_cfg_srtp_t *) ext_cfg->data);
clib_memcpy_fast (&cargs->sep, sep, sizeof (session_endpoint_t));
cargs->sep.transport_proto = TRANSPORT_PROTO_UDP;
@ -723,9 +725,11 @@ srtp_start_listen (u32 app_listener_index, transport_endpoint_cfg_t *tep)
app_listener_t *al;
srtp_tc_t *lctx;
u32 lctx_index;
transport_endpt_ext_cfg_t *ext_cfg;
sep = (session_endpoint_cfg_t *) tep;
if (!sep->ext_cfg)
ext_cfg = session_endpoint_get_ext_cfg (sep, TRANSPORT_ENDPT_EXT_CFG_NONE);
if (!ext_cfg)
return SESSION_E_NOEXTCFG;
app_wrk = app_worker_get (sep->app_wrk_index);
@ -756,7 +760,7 @@ srtp_start_listen (u32 app_listener_index, transport_endpoint_cfg_t *tep)
lctx->c_s_index = app_listener_index;
lctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
srtp_init_policy (lctx, (transport_endpt_cfg_srtp_t *) sep->ext_cfg->data);
srtp_init_policy (lctx, (transport_endpt_cfg_srtp_t *) ext_cfg->data);
SRTP_DBG (1, "Started listening %d", lctx_index);
return lctx_index;