Gitiles
Code Review Sign In
gerrit.nordix.org / fdio / vpp / e5f18337f1f5d8b8578b6305b7c11276cc5a18a0^! / .
commite5f18337f1f5d8b8578b6305b7c11276cc5a18a0[log] [tgz]
authorFlorin Coras <fcoras@cisco.com>Thu Apr 22 11:48:35 2021 -0700
committerDave Barach <openvpp@barachs.net>Fri Apr 23 14:59:48 2021 +0000
tree9858c8d7bd7273a685abd646997afd2956e1f913
parent5724aecd20e8f5e50aba418d2a021ef02275d589 [diff]
tls quic: improve error reporting

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I92f0c1f7c0f4696fa12071440a643aa703d6306f

diff --git a/src/plugins/quic/quic.c b/src/plugins/quic/quic.c
index cf69727..929d745 100644
--- a/src/plugins/quic/quic.c
+++ b/src/plugins/quic/quic.c

@@ -345,7 +345,7 @@
     {
       QUIC_DBG (1, "Quic does not support crypto engine %d",
 		ctx->crypto_engine);
-      return VNET_API_ERROR_MISSING_CERT_KEY;
+      return SESSION_E_NOCRYPTOENG;
     }
 
   /* Check for exisiting crypto ctx */
@@ -377,7 +377,7 @@
 
 error:
   quic_crypto_context_free_if_needed (crctx, ctx->c_thread_index);
-  return VNET_API_ERROR_MISSING_CERT_KEY;
+  return SESSION_E_NOCRYPTOCKP;
 }
 
 /*  Helper functions */
@@ -1314,7 +1314,7 @@
   int error;
 
   if (!sep->ext_cfg)
-    return -1;
+    return SESSION_E_NOEXTCFG;
 
   ccfg = &sep->ext_cfg->crypto;
 
@@ -1455,7 +1455,7 @@
 
   sep = (session_endpoint_cfg_t *) tep;
   if (!sep->ext_cfg)
-    return -1;
+    return SESSION_E_NOEXTCFG;
 
   ccfg = &sep->ext_cfg->crypto;
   app_wrk = app_worker_get (sep->app_wrk_index);
@@ -1496,8 +1496,8 @@
   lctx->c_s_index = quic_listen_session_index;
   lctx->crypto_engine = ccfg->crypto_engine;
   lctx->ckpair_index = ccfg->ckpair_index;
-  if (quic_acquire_crypto_context (lctx))
-    return -1;
+  if ((rv = quic_acquire_crypto_context (lctx)))
+    return rv;
 
   QUIC_DBG (2, "Listening UDP session 0x%lx",
 	    session_handle (udp_listen_session));

diff --git a/src/vnet/session/session_types.h b/src/vnet/session/session_types.h
index 9211df9..c8b1d2e 100644
--- a/src/vnet/session/session_types.h
+++ b/src/vnet/session/session_types.h

@@ -475,7 +475,10 @@
   _ (BAPI_NO_REG, "app bapi registration not found")                          \
   _ (MQ_MSG_ALLOC, "failed to alloc mq msg")                                  \
   _ (TLS_HANDSHAKE, "failed tls handshake")                                   \
-  _ (EVENTFD_ALLOC, "failed to alloc eventfd")
+  _ (EVENTFD_ALLOC, "failed to alloc eventfd")                                \
+  _ (NOEXTCFG, "no extended transport config")                                \
+  _ (NOCRYPTOENG, "no crypto engine")                                         \
+  _ (NOCRYPTOCKP, "cert key pair not found ")
 
 typedef enum session_error_p_
 {

diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index 808c151..634d231 100644
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c

@@ -681,7 +681,7 @@
 
   sep = (session_endpoint_cfg_t *) tep;
   if (!sep->ext_cfg)
-    return -1;
+    return SESSION_E_NOEXTCFG;
 
   app_wrk = app_worker_get (sep->app_wrk_index);
   app = application_get (app_wrk->app_index);
@@ -691,7 +691,7 @@
   if (engine_type == CRYPTO_ENGINE_NONE)
     {
       clib_warning ("No tls engine_type available");
-      return -1;
+      return SESSION_E_NOCRYPTOENG;
     }
 
   ctx_index = tls_ctx_half_open_alloc ();
@@ -750,10 +750,11 @@
   app_listener_t *al;
   tls_ctx_t *lctx;
   u32 lctx_index;
+  int rv;
 
   sep = (session_endpoint_cfg_t *) tep;
   if (!sep->ext_cfg)
-    return -1;
+    return SESSION_E_NOEXTCFG;
 
   app_wrk = app_worker_get (sep->app_wrk_index);
   app = application_get (app_wrk->app_index);
@@ -763,7 +764,7 @@
   if (engine_type == CRYPTO_ENGINE_NONE)
     {
       clib_warning ("No tls engine_type available");
-      return -1;
+      return SESSION_E_NOCRYPTOENG;
     }
 
   clib_memset (args, 0, sizeof (*args));
@@ -776,8 +777,8 @@
       args->sep_ext.transport_proto = TRANSPORT_PROTO_UDP;
       args->sep_ext.transport_flags = TRANSPORT_CFG_F_CONNECTED;
     }
-  if (vnet_listen (args))
-    return -1;
+  if ((rv = vnet_listen (args)))
+    return rv;
 
   lctx_index = tls_listener_ctx_alloc ();
   tls_al_handle = args->handle;