Change vpp code to align with openssl interface change

PR in openssl community is almost done, and need to change some code in VPP to align with the openssl interface. Change-Id: Ic7da53e507b67b53958760d07738dd774b1c526d Signed-off-by: Ping Yu <ping.yu@intel.com>
2019-01-07 16:03:07 -05:00
parent 3a63fc5470
commit ceebc1e715
3 changed files with 27 additions and 36 deletions
--- a/src/plugins/tlsopenssl/tls_async.c
+++ b/src/plugins/tlsopenssl/tls_async.c
@ -142,6 +142,7 @@ openssl_engine_register (char *engine_name, char *algorithm)
    }
  if (registered < 0)
    {
+      clib_error ("engine %s is not regisered in VPP", engine_name);
      return 0;
    }

@ -151,6 +152,7 @@ openssl_engine_register (char *engine_name, char *algorithm)

  if (engine == NULL)
    {
+      clib_warning ("Failed to find engine ENGINE_by_id %s", engine_name);
      return 0;
    }

@ -245,7 +247,7 @@ openssl_evt_alloc (void)
 }

 int
-openssl_async_run (void *evt)
+tls_async_openssl_callback (SSL * s, void *evt)
 {
  openssl_evt_t *event, *event_tail;
  openssl_async_t *om = &openssl_async_main;
@ -299,7 +301,7 @@ vpp_add_async_pending_event (tls_ctx_t * ctx,
  event->handler = handler;
  event->cb_args.event_index = eidx;
  event->cb_args.thread_index = thread_id;
-  event->engine_callback.callback = openssl_async_run;
+  event->engine_callback.callback = tls_async_openssl_callback;
  event->engine_callback.arg = &event->cb_args;

  /* add to pending list */
@ -326,11 +328,11 @@ vpp_add_async_run_event (tls_ctx_t * ctx, openssl_resume_handler * handler)
  event->handler = handler;
  event->cb_args.event_index = eidx;
  event->cb_args.thread_index = thread_id;
-  event->engine_callback.callback = openssl_async_run;
+  event->engine_callback.callback = tls_async_openssl_callback;
  event->engine_callback.arg = &event->cb_args;

  /* This is a retry event, and need to put to ring to make it run again */
-  return openssl_async_run (&event->cb_args);
+  return tls_async_openssl_callback (NULL, &event->cb_args);

 }

@ -365,26 +367,10 @@ event_handler (void *tls_async)
 void
 dasync_polling ()
 {
-  openssl_async_t *om = &openssl_async_main;
-  openssl_evt_t *event;
-  int *evt_pending;
-  openssl_tls_callback_t *engine_cb;
-  u8 thread_index = vlib_get_thread_index ();
-
-  /* POC code here to simulate the engine to call callback */
-  evt_pending = &om->status[thread_index].evt_pending_head;
-  while (*evt_pending >= 0)
-    {
-      TLS_DBG (2, "polling... current head = %d\n", *evt_pending);
-      event = openssl_evt_get_w_thread (*evt_pending, thread_index);
-      *evt_pending = event->next;
-      if (event->status == SSL_ASYNC_PENDING)
-	{
-	  engine_cb = &event->engine_callback;
-	  (*engine_cb->callback) (engine_cb->arg);
-	}
-    }
-
+/* dasync is a fake async device, and could not be polled.
+ * We have added code in the dasync engine to triggered the callback already,
+ * so nothing can be done here
+ */
 }

 void
--- a/src/plugins/tlsopenssl/tls_openssl.c
+++ b/src/plugins/tlsopenssl/tls_openssl.c
@ -185,8 +185,7 @@ vpp_ssl_async_process_event (tls_ctx_t * ctx,
  engine_cb = vpp_add_async_pending_event (ctx, handler);
  if (engine_cb)
    {
-      SSL_set_async_callback (oc->ssl, (void *) engine_cb->callback,
-			      (void *) engine_cb->arg);
+      SSL_set_async_callback_arg (oc->ssl, (void *) engine_cb->arg);
      TLS_DBG (2, "set callback to engine %p\n", engine_cb->callback);
    }
  return 0;
@ -201,7 +200,7 @@ vpp_ssl_async_retry_func (tls_ctx_t * ctx, openssl_resume_handler * handler)

  if (vpp_add_async_run_event (ctx, handler))
    {
-      SSL_set_async_estatus (oc->ssl, 0);
+      SSL_clear_async_status (oc->ssl);
    }
  return 0;

@ -230,19 +229,23 @@ openssl_ctx_handshake_rx (tls_ctx_t * ctx, stream_session_t * tls_session)
 	  break;
 	}

+#ifdef HAVE_OPENSSL_ASYNC
+      myself = openssl_ctx_handshake_rx;
+      vpp_ssl_async_process_event (ctx, myself);
+#endif
+
      rv = SSL_do_handshake (oc->ssl);
      err = SSL_get_error (oc->ssl, rv);
      openssl_try_handshake_write (oc, tls_session);
 #ifdef HAVE_OPENSSL_ASYNC
-      myself = openssl_ctx_handshake_rx;
-      if (SSL_get_async_estatus (oc->ssl, &estatus)
-	  && (estatus == ENGINE_STATUS_RETRY))
+      if (err == SSL_ERROR_WANT_ASYNC)
 	{
-	  vpp_ssl_async_retry_func (ctx, myself);
-	}
-      else if (err == SSL_ERROR_WANT_ASYNC)
-	{
-	  vpp_ssl_async_process_event (ctx, myself);
+	  SSL_get_async_status (oc->ssl, &estatus);
+
+	  if (estatus == ASYNC_STATUS_EAGAIN)
+	    {
+	      vpp_ssl_async_retry_func (ctx, myself);
+	    }
 	}
 #endif

@ -587,6 +590,7 @@ openssl_start_listen (tls_ctx_t * lctx)
 #ifdef HAVE_OPENSSL_ASYNC
  if (om->async)
    SSL_CTX_set_mode (ssl_ctx, SSL_MODE_ASYNC);
+  SSL_CTX_set_async_callback (ssl_ctx, tls_async_openssl_callback);
 #endif
  SSL_CTX_set_options (ssl_ctx, flags);
  SSL_CTX_set_ecdh_auto (ssl_ctx, 1);
--- a/src/plugins/tlsopenssl/tls_openssl.h
+++ b/src/plugins/tlsopenssl/tls_openssl.h
@ -53,7 +53,7 @@ typedef struct openssl_main_

 typedef struct openssl_tls_callback_
 {
-  int (*callback) (void *arg);
+  int (*callback) (SSL * ssl, void *arg);
  void *arg;
 } openssl_tls_callback_t;

@ -66,6 +66,7 @@ openssl_tls_callback_t *vpp_add_async_pending_event (tls_ctx_t * ctx,
 						     handler);
 int vpp_add_async_run_event (tls_ctx_t * ctx, openssl_resume_handler *
 			     handler);
+int tls_async_openssl_callback (SSL * s, void *evt);
 void openssl_polling_start (ENGINE * engine);
 int openssl_engine_register (char *engine, char *alg);
 void openssl_async_node_enable_disable (u8 is_en);