ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tls: fix disconnects for sessions with pending data

Browse Source 
TLS can enqueue events to itself when app session queue cannot be
entirely drained. If a pending disconnect is handled before any such
event, session layer may try to dequeue data on deallocated sessions.

Change-Id: I5bfc4d53ce95bc16b6a01e1b0e644aafa1ca311b
Signed-off-by: Florin Coras <fcoras@cisco.com>
This commit is contained in:
Florin Coras
2018-09-29 10:23:06 -07:00
committed by Marco Varlese
parent 5f5d50ee9b
commit ef91534e66
8 changed files with 93 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/plugins/tlsmbedtls/tls_mbedtls.c
View File

@ -169,7 +169,7 @@ tls_net_send (void *ctx_indexp, const unsigned char *buf, size_t len)
rv = svm_fifo_enqueue_nowait (tls_session->server_tx_fifo, len, buf);
if (rv < 0)
return MBEDTLS_ERR_SSL_WANT_WRITE;
tls_add_vpp_q_evt (tls_session->server_tx_fifo, FIFO_EVENT_APP_TX);
tls_add_vpp_q_tx_evt (tls_session);
return rv;
}
@ -448,7 +448,7 @@ mbedtls_ctx_write (tls_ctx_t * ctx, stream_session_t * app_session)
if (PREDICT_FALSE (enq_max == 0))
{
tls_add_vpp_q_evt (app_session->server_tx_fifo, FIFO_EVENT_APP_TX);
tls_add_vpp_q_builtin_tx_evt (app_session);
return 0;
}
@ -459,16 +459,16 @@ mbedtls_ctx_write (tls_ctx_t * ctx, stream_session_t * app_session)
wrote = mbedtls_ssl_write (&mc->ssl, mm->tx_bufs[thread_index], deq_now);
if (wrote <= 0)
{
tls_add_vpp_q_evt (app_session->server_tx_fifo, FIFO_EVENT_APP_TX);
tls_add_vpp_q_builtin_tx_evt (app_session);
return 0;
}
svm_fifo_dequeue_drop (app_session->server_tx_fifo, wrote);
vec_reset_length (mm->tx_bufs[thread_index]);
tls_add_vpp_q_evt (tls_session->server_tx_fifo, FIFO_EVENT_APP_TX);
tls_add_vpp_q_tx_evt (tls_session);
if (deq_now < deq_max)
tls_add_vpp_q_evt (app_session->server_tx_fifo, FIFO_EVENT_APP_TX);
tls_add_vpp_q_builtin_tx_evt (app_session);
return 0;
}
@ -499,7 +499,7 @@ mbedtls_ctx_read (tls_ctx_t * ctx, stream_session_t * tls_session)
if (PREDICT_FALSE (enq_now == 0))
{
tls_add_vpp_q_evt (tls_session->server_rx_fifo, FIFO_EVENT_BUILTIN_RX);
tls_add_vpp_q_builtin_rx_evt (tls_session);
return 0;
}
@ -507,7 +507,7 @@ mbedtls_ctx_read (tls_ctx_t * ctx, stream_session_t * tls_session)
read = mbedtls_ssl_read (&mc->ssl, mm->rx_bufs[thread_index], enq_now);
if (read <= 0)
{
tls_add_vpp_q_evt (tls_session->server_rx_fifo, FIFO_EVENT_BUILTIN_RX);
tls_add_vpp_q_builtin_rx_evt (tls_session);
return 0;
}
@ -517,7 +517,7 @@ mbedtls_ctx_read (tls_ctx_t * ctx, stream_session_t * tls_session)
vec_reset_length (mm->rx_bufs[thread_index]);
if (svm_fifo_max_dequeue (tls_session->server_rx_fifo))
tls_add_vpp_q_evt (tls_session->server_rx_fifo, FIFO_EVENT_BUILTIN_RX);
tls_add_vpp_q_builtin_rx_evt (tls_session);
if (enq > 0)
tls_notify_app_enqueue (ctx, app_session);