Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge pull request #23529 from akolhun/fix-number-range-parsingv8.22.20 | Jon Bratseth | 2022-07-22 | 2 | -0/+10 |
|\ | | | | | Skip number ranges with empty rangeStart and non-numeric rangeEnd | ||||
| * | skip number ranges with empty rangeStart and non-numeric rangeEnd | anton kolhun | 2022-07-21 | 2 | -0/+10 |
| | | |||||
* | | Merge pull request #23533 from vespa-engine/bjorncs/capabilities-feature-flag | Bjørn Christian Seime | 2022-07-21 | 1 | -0/+8 |
|\ \ | | | | | | | Add feature flag for capability enforcement mode | ||||
| * | | Add feature flag for capability enforcement mode | Bjørn Christian Seime | 2022-07-21 | 1 | -0/+8 |
|/ / | |||||
* | | Merge pull request #23532 from vespa-engine/bjorncs/capabilities | Bjørn Christian Seime | 2022-07-21 | 13 | -89/+225 |
|\ \ | | | | | | | Bjorncs/capabilities | ||||
| * | | Force caller to handle failed capability verification check | Bjørn Christian Seime | 2022-07-21 | 4 | -20/+43 |
| | | | |||||
| * | | Improve error message | Bjørn Christian Seime | 2022-07-21 | 2 | -2/+2 |
| | | | |||||
| * | | Move logic for capability checking/logging to ConnectionAuthContext | Bjørn Christian Seime | 2022-07-21 | 6 | -38/+126 |
| | | | |||||
| * | | Use getSubjectCommonName() | Bjørn Christian Seime | 2022-07-21 | 3 | -12/+3 |
| | | | |||||
| * | | Get ConnectionAuthContext from SSL session after handshake is complete | Bjørn Christian Seime | 2022-07-21 | 4 | -40/+74 |
| |/ | | | | | | | | | Bound key-value pairs from SSL handshake session are now copied to the final SSL session object. This simplifies the dataflow - not need to retrieve the instance right after our custom trust manager is invoked. | ||||
* | | Merge pull request #23530 from ↵ | Tor Brede Vekterli | 2022-07-21 | 2 | -315/+0 |
|\ \ | |/ |/| | | | | | vespa-engine/vekterli/remove-ancient-vespamalloc-output-parse-script Remove ancient vespamalloc output parsing script | ||||
| * | Remove ancient vespamalloc output parsing script | Tor Brede Vekterli | 2022-07-21 | 2 | -315/+0 |
|/ | | | | Most of the symbols that the script knows about are long, long gone. | ||||
* | Merge pull request #23528 from vespa-engine/bjorncs/capabilities | Bjørn Christian Seime | 2022-07-20 | 81 | -289/+448 |
|\ | | | | | Bjorncs/capabilities [run-systemtest] | ||||
| * | Include client certificate chain even when authorization is disabled | Bjørn Christian Seime | 2022-07-20 | 4 | -7/+14 |
| | | |||||
| * | Improve testing of JRT access filtering | Bjørn Christian Seime | 2022-07-20 | 4 | -33/+71 |
| | | | | | | | | | | Test that method is not invoked when request is rejected by filter. Move testing of filter accepting request to async- and sync-specific test classes. | ||||
| * | Implement RequireCapabilitiesFilter in jrt + misc | Bjørn Christian Seime | 2022-07-20 | 11 | -38/+90 |
| | | | | | | | | | | Add peerSpec to Target/Connection. Always provide ConnectionAuthContext. Add helper for creating default, all-granting ConnectionAuthContext. | ||||
| * | Add to-string helper to ConnectionAuthContext | Bjørn Christian Seime | 2022-07-20 | 1 | -1/+38 |
| | | |||||
| * | Simplify type definition for subject alternative names | Bjørn Christian Seime | 2022-07-20 | 16 | -54/+52 |
| | | |||||
| * | Add 'X509CertificateUtils.getSubjectCommonName()' | Bjørn Christian Seime | 2022-07-20 | 1 | -1/+7 |
| | | |||||
| * | Move generic crypto helpers from 'c.y.s.tls' to 'c.y.s' | Bjørn Christian Seime | 2022-07-20 | 18 | -36/+22 |
| | | |||||
| * | Merge Java package 'c.y.s.tls.{auth,json,policy}' into 'c.y.s.tls' | Bjørn Christian Seime | 2022-07-20 | 38 | -110/+52 |
| | | | | | | | | Facilitate improved encapsulation of Vespa mTLS related classes | ||||
| * | Remove empty package | Bjørn Christian Seime | 2022-07-20 | 1 | -8/+0 |
| | | |||||
| * | Add 'CapabilitySet.has()' methods | Bjørn Christian Seime | 2022-07-20 | 1 | -0/+3 |
| | | |||||
| * | Introduce per method request access filtering to JRT | Bjørn Christian Seime | 2022-07-20 | 5 | -2/+67 |
| | | |||||
| * | Add environment variable for capabilities enforcement mode | Bjørn Christian Seime | 2022-07-20 | 2 | -0/+33 |
| | | |||||
* | | Merge pull request #23527 from vespa-engine/aressem/cleanup-el7-rpms-as-well | Jon Bratseth | 2022-07-20 | 1 | -2/+7 |
|\ \ | | | | | | | After switching to el8 / Vespa 8, we stopped cleaning the old Vespa 7… | ||||
| * | | After switching to el8 / Vespa 8, we stopped cleaning the old Vespa 7 ↵ | Arnstein Ressem | 2022-07-20 | 1 | -2/+7 |
| |/ | | | | | | | releases. Need to continue with this except the last 7 release to avoid filling the external public Artifactory instance. | ||||
* | | Merge pull request #23526 from vespa-engine/add-test-for-exported-packages | Jon Bratseth | 2022-07-20 | 4 | -45/+104 |
|\ \ | |/ |/| | Add test to properly verify all exported packages from jdisc_core | ||||
| * | Add test to properly verify all exported packages from jdisc_core | gjoranv | 2022-07-20 | 4 | -45/+104 |
|/ | | | | | | | | | | - The integration test generates exportPackages.properties in the same way as the maven execution, reading all the embedded bundles that we re-export packages for. - The failure message shows the difference between expected and actual packages, and a command to reset the expected set in case the change was intentional. - Remove the now obsolete ExportPackagesTestCase. | ||||
* | Merge pull request #23496 from vespa-engine/bjorncs/capabilitiesv8.21.11 | Bjørn Christian Seime | 2022-07-19 | 21 | -195/+196 |
|\ | | | | | Bjorncs/capabilities | ||||
| * | Rename method/variable names to match new class name | Bjørn Christian Seime | 2022-07-19 | 2 | -9/+9 |
| | | |||||
| * | Include mode in log message | Bjørn Christian Seime | 2022-07-15 | 1 | -3/+4 |
| | | |||||
| * | Rename 'toCapabilityNames()' to 'toNames()' | Bjørn Christian Seime | 2022-07-15 | 3 | -3/+3 |
| | | |||||
| * | Always run PeerAutorizer | Bjørn Christian Seime | 2022-07-15 | 9 | -45/+44 |
| | | | | | | | | | | Interpret empty AuthorizedPeers as granting all capabilities unconditionally. Assume AuthorizedPeers as always present. | ||||
| * | Rename 'hasAllCapabilities()' => 'hasAll()' | Bjørn Christian Seime | 2022-07-15 | 2 | -2/+2 |
| | | |||||
| * | Change type from SortedSet to Set | Bjørn Christian Seime | 2022-07-15 | 3 | -9/+5 |
| | | |||||
| * | Rename 'succeeded' => 'authorized' | Bjørn Christian Seime | 2022-07-15 | 4 | -6/+6 |
| | | |||||
| * | Include full certificate chain in auth context | Bjørn Christian Seime | 2022-07-15 | 5 | -18/+29 |
| | | |||||
| * | Return granted capabilities from PeerAuthorizer | Bjørn Christian Seime | 2022-07-15 | 15 | -131/+125 |
| | | | | | | | | Introduce new ConnectionAuthContext as replacement for AuthorizationResult/SecurityContext. | ||||
* | | Merge pull request #23525 from ↵ | Tor Brede Vekterli | 2022-07-19 | 1 | -2/+2 |
|\ \ | | | | | | | | | | | | | vespa-engine/vekterli/avoid-holding-ref-to-generated-op Avoid holding ref to last generated operation | ||||
| * | | Avoid holding ref to last generated operation | Tor Brede Vekterli | 2022-07-19 | 1 | -2/+2 |
|/ / | | | | | | | | | Move ref away to avoid an unneeded refcount bump and avoid leaving behind a lingering strong reference to the last generated operation. | ||||
* | | Merge pull request #23523 from vespa-engine/aressem/update-rpm-build-vespa8 | Jo Kristian Bergum | 2022-07-19 | 8 | -110/+23 |
|\ \ | | | | | | | Remove old rpm build system. Update repo definition. | ||||
| * | | Point to Vespa 8 development environment. | Arnstein Ressem | 2022-07-19 | 1 | -13/+13 |
| | | | |||||
| * | | Remove old rpm build system. Update repo definition. | Arnstein Ressem | 2022-07-18 | 7 | -97/+10 |
| | | | |||||
* | | | Merge pull request #23524 from vespa-engine/verify-installed-platform-bundles | Jon Bratseth | 2022-07-19 | 3 | -33/+70 |
|\ \ \ | | | | | | | | | Verify installed platform bundles | ||||
| * | | | Add reminder for an obvious fact that is still easy to forget. | gjoranv | 2022-07-19 | 1 | -0/+1 |
| | | | | |||||
| * | | | Rename and rearrange test helpers, and declare static. | gjoranv | 2022-07-19 | 1 | -36/+35 |
| | | | | |||||
| * | | | Add tests for (non-)installed platform bundles. | gjoranv | 2022-07-19 | 2 | -3/+40 |
|/ / / | |||||
* | | | Merge pull request #23521 from vespa-engine/bratseth/autoscaling-test-cleanupv8.20.14 | Jon Bratseth | 2022-07-18 | 9 | -591/+587 |
|\ \ \ | | | | | | | | | Bratseth/autoscaling test cleanup | ||||
| * | | | Cleanup | Jon Bratseth | 2022-07-18 | 1 | -4/+0 |
| | | | |