aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #8218 from vespa-engine/bjorncs/tlsTor Brede Vekterli2019-01-2416-37/+80
|\ | | | | bjorncs/tls
| * Prefix names of jrt threads with 'jrt'Bjørn Christian Seime2019-01-244-4/+4
| |
| * Use 'prime256v1' curve for EC keysBjørn Christian Seime2019-01-234-14/+23
| | | | | | | | | | This allows the TLS test in jrt to use elliptic curves crypto in unit tests (fixes issue where JSSE cannot find matching cipher).
| * Allow configuration of accepted ciphersBjørn Christian Seime2019-01-239-13/+51
| |
| * Use Jetty's recommendations for ciphersBjørn Christian Seime2019-01-231-7/+0
| |
| * Add TLSv1.3 cipher suites to whitelistBjørn Christian Seime2019-01-231-1/+4
| |
* | Merge pull request #8224 from vespa-engine/bjorncs/config-loadtesterBjørn Christian Seime2019-01-241-2/+4
|\ \ | | | | | | Print JRT transport metrics as comment in output
| * | Print jrt transport metrics as comment in outputBjørn Christian Seime2019-01-241-2/+4
| | |
* | | Merge pull request #8215 from ↵Tor Brede Vekterli2019-01-249-17/+193
|\ \ \ | | | | | | | | | | | | | | | | vespa-engine/vekterli/add-cipher-suite-support-to-cpp Add support for default cipher suites and `accepted-ciphers` config in C++
| * | | More explicit constnessTor Brede Vekterli2019-01-241-1/+1
| | | |
| * | | Make naming more consistent and avoid const deductionTor Brede Vekterli2019-01-247-33/+33
| | | |
| * | | Erase private key data after useTor Brede Vekterli2019-01-243-3/+17
| | | |
| * | | Add support for default cipher suite and `accepted-ciphers` config in C++Tor Brede Vekterli2019-01-249-6/+168
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since the TLS config file uses IANA cipher names but OpenSSL uses its own cipher spec format internally, we explicitly remap the provided names. We only support a modern subset of ciphers. The default cipher suite contains ciphers that work across both TLSv1.2 and TLSv1.3.
* | | | Merge pull request #8214 from ↵Tor Brede Vekterli2019-01-243-78/+115
|\ \ \ \ | |_|/ / |/| | | | | | | | | | | vespa-engine/vekterli/return-http-400-on-bad-request-parameters Return HTTP 400 status code on bad request parameters
| * | | Further simplify some status code-checking unit testsTor Brede Vekterli2019-01-231-38/+31
| | | |
| * | | Return HTTP 400 instead of 403 on bad requestsTor Brede Vekterli2019-01-233-75/+119
| | | | | | | | | | | | | | | | | | | | Add explicit checking of HTTP response status codes to many REST API unit tests.
* | | | Merge pull request #8211 from ↵Tor Brede Vekterli2019-01-242-6/+9
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | vespa-engine/toregge/reduce-use-of-system-in-storage-unit-tests Reduce use of system() in storage unit tests. [recheck merge]
| * | | | Reduce use of system() in storage unit tests.Tor Egge2019-01-232-6/+9
| | | | |
* | | | | Merge pull request #8201 from ↵Tor Brede Vekterli2019-01-241-11/+37
|\ \ \ \ \ | |_|_|/ / |/| | | | | | | | | | | | | | vespa-engine/toregge/stop-ignoring-return-value-in-fsa-module Stop ignoring return value from ::read and ::write in fsa module. [recheck merge]
| * | | | Stop ignoring return value from ::read and ::write in fsa module.Tor Egge2019-01-211-11/+37
| |/ / / | | | | | | | | | | | | Propagate failure upwards.
* | | | Merge pull request #8223 from vespa-engine/arnej/repair-word-alternativesHenning Baldersheim2019-01-241-1/+1
|\ \ \ \ | | | | | | | | | | update arity calculation
| * | | | update arity calculationArne Juul2019-01-241-1/+1
| | | | |
* | | | | Merge pull request #8171 from vespa-engine/jvenstad/firmware-upgradesJon Marius Venstad2019-01-2414-42/+276
|\ \ \ \ \ | | | | | | | | | | | | Forward firmware check requests from controller to zones ಠ_ಠ
| * | | | | Support persistent output file for CommandLineJon Marius Venstad2019-01-245-13/+85
| | | | | |
| * | | | | Made firmware checks visible to host adminJon Marius Venstad2019-01-244-29/+89
| | | | | |
| * | | | | Forward firmware check requests from controller to zonesJon Marius Venstad2019-01-245-0/+102
| | | | | |
* | | | | | Merge pull request #8195 from ↵Tor Brede Vekterli2019-01-241-1/+2
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | vespa-engine/vekterli/relax-client-tls-connection-stats-test-due-to-tls-13 Allow a client connection to be considered established in test [recheck merge]
| * | | | | | Allow a client connection to be considered established in testTor Brede Vekterli2019-01-211-1/+2
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | TLSv1.3 completes in fewer roundtrips and may therefore seemingly not observe that a server has rejected it as part of the handshake itself.
* | | | | | Merge pull request #8191 from ↵Tor Brede Vekterli2019-01-241-4/+4
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | vespa-engine/vekterli/explicit-disable-tls-mixed-mode-enum-support-in-cpp Support explicitly disabling TLS mixed mode via environment in C++ [recheck merge]
| * | | | | | Support explicitly disabling TLS mixed mode via environment in C++Tor Brede Vekterli2019-01-181-4/+4
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | Specifying `tls_client_tls_server` has same effect as not specifying the environment variable at all. Mirrors behavior in Java implementation.
* | | | | | Merge pull request #8194 from ↵Tor Brede Vekterli2019-01-241-2/+2
|\ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | vespa-engine/toregge/less-const-in-openssl-tls-context-impl Use less `const`, to allow compilation when using openssl 1.1.0g or 1.1.0i
| * | | | | | Use less const, to allow compilation when using openssl 1.1.0g or 1.1.0i.Tor Egge2019-01-211-2/+2
| | | | | | |
* | | | | | | Merge pull request #8213 from ↵Harald Musum2019-01-242-37/+86
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | | | | | | | | | | | | | | | vespa-engine/hmusum/error-context-for-schema-validation-failures Output context when schema validation fails
| * | | | | | Output context when schema validation failsHarald Musum2019-01-242-37/+86
| | | | | | |
* | | | | | | Merge pull request #8187 from vespa-engine/bjorncs/jrt-transport-metricsBjørn Christian Seime2019-01-2441-294/+204
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | bjorncs/jrt transport metrics
| * | | | | | | Add calculation of metrics changes since previous snapshotBjørn Christian Seime2019-01-223-38/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Move metric diff calculation to TransportMetrics.Snapshot. - Remove TransportMetrics.reset() and use changesSince() instead in EchoTest. - Remove unnecessary volatile modifier on JrtMetrics.previousSnapshot. - Initialize JrtMetrics.previousSnapshot in constructor. - Use separate field declarations for fields in TransportMetrics.Snapshot.
| * | | | | | | Update copyright headerBjørn Christian Seime2019-01-221-1/+1
| | | | | | | |
| * | | | | | | Propagate jrt transport metrics to metrics frameworkBjørn Christian Seime2019-01-222-0/+47
| | | | | | | |
| * | | | | | | Make TransportMetrics a singletonBjørn Christian Seime2019-01-2211-45/+58
| | | | | | | |
| * | | | | | | Add method to create snapshot of transport metricsBjørn Christian Seime2019-01-221-0/+35
| | | | | | | |
| * | | | | | | Revert "Add tracking of jrt metrics"Bjørn Christian Seime2019-01-224-128/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 299d205912af1b3ebdb16a1fc037dd0770288be3.
| * | | | | | | Revert "Add DefaultJrtFactory as component to container clusters"Bjørn Christian Seime2019-01-221-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 8aeee26b882c6aa1e12383502cfa37bb18082b53.
| * | | | | | | Revert "Add jrt supervisor as constructor parameter"Bjørn Christian Seime2019-01-221-6/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 64c2d214d0122ba491f78c7298f0bf16ea3455bd.
| * | | | | | | Revert "Use JrtFactory to construct jrt supervisors in configserver"Bjørn Christian Seime2019-01-2222-113/+47
| | |_|_|_|/ / | |/| | | | | | | | | | | | | | | | | | | This reverts commit 87ca5c6c4159ae5a7e44417e6624bd2d0ecb073d.
* | | | | | | Merge pull request #8219 from vespa-engine/bjorncs/travisBjørn Christian Seime2019-01-241-1/+1
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Pass extra Maven arguments to bootstrap script
| * | | | | | | Pass extra Maven arguments to bootstrap scriptBjørn Christian Seime2019-01-231-1/+1
| | |_|_|_|_|/ | |/| | | | |
* | | | | | | Merge pull request #8185 from vespa-engine/mpolden/lb-aclMartin Polden2019-01-2415-114/+224
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Add load balancer networks to node ACLs
| * | | | | | | Move inactive filter to LoadBalancerListMartin Polden2019-01-172-13/+13
| | | | | | | |
| * | | | | | | Add load balancer networks to node ACLMartin Polden2019-01-173-25/+63
| | | | | | | |
| * | | | | | | SimplifyMartin Polden2019-01-171-5/+5
| | | | | | | |