aboutsummaryrefslogtreecommitdiffstats
path: root/fnet/src/tests/frt
Commit message (Collapse)AuthorAgeFilesLines
* Verify value of dummy member at object destruction.Henning Baldersheim2023-03-201-11/+16
|
* use ref_counted in fnetHåvard Pettersen2023-03-067-32/+32
| | | | | | also get rid of some cleanup functions on reference counted classes enable specifying low-level parameters to addref/subref (cnt/reserve)
* untangle fnet from fastosHåvard Pettersen2023-02-222-10/+4
|
* Add metrics tracking failed RPC and status page capability checksTor Brede Vekterli2023-02-171-0/+10
|
* GC #ifdef __clang__not neededHenning Baldersheim2023-02-141-11/+7
|
* Deinline destructors in metrics, fnet, jrt_test logdHenning Baldersheim2023-02-011-62/+64
|
* remove xor crypto engine from C++Håvard Pettersen2023-01-044-19/+1
|
* Remove stacksize from the thread pools and thread executors.Henning Baldersheim2022-12-202-2/+2
|
* Explicitly test that requiring an empty capability set is a no-opTor Brede Vekterli2022-08-251-0/+10
| | | | | | | This should always work (tm), so adding a test that shows that it does. Mostly useful for RPCs that are always configured to use a request filter but where the actual capability set is optionally set and defaults to empty.
* Add factory functions for creating capability requirement filtersTor Brede Vekterli2022-08-231-2/+2
| | | | Refactor existing request access filter creation to use these.
* Support capability enforcement environment variable in C++Tor Brede Vekterli2022-08-223-3/+46
| | | | | | | | | | Mirrors Java enforce/log-only/disable semantics, defaulting to enforce. Also fixes an issue where connection auth context and capabilities would not be set if a server socket was running in mixed-mode. This is not a problem in practice since mixed-mode is inherently completely insecure since it must accept plain-text clients, which implicitly have all capabilities granted.
* Support mTLS connection-level capabilities and RPC access filtering in C++Tor Brede Vekterli2022-06-291-3/+52
| | | | | | | | | | | | | | | | | | | | | | | | Adds the following: * Named capabilities and capability sets that represent (respectively) a single Vespa access API (such as Document API, search API etc) or a concrete subset of individual capabilities that make up a particular Vespa service (such as a content node). * A new `capabilities` array field to the mTLS authorization policies that allows for constraining what requests sent over a particular connection are allowed to actually do. Capabilities are referenced by name and may include any combination of capability sets and individual capabilities. If multiple capabilities/sets are configured, the resulting set of capabilities is the union set of all of them. * An FRT RPC-level access filter that can be set up as part of RPC method definitions. If set, filters are invoked prior to RPC methods. * A new `PERMISSION_DENIED` error code to FRT RPC that is invoked if an access filter denies a request. This also GCs the unused `AssumedRoles` concept which is now deprecated in favor of capabilities. Note: this is **not yet** a public or stable API, and capability names/semantics may change at any time.
* fix undefined behavior in unit testsHåvard Pettersen2022-06-092-174/+40
|
* avoid calling function on nullptrHåvard Pettersen2022-05-231-7/+7
|
* Add missing include statements. Check for atomic wait support.Tor Egge2022-04-051-0/+1
|
* enable detaching a supervisor from a running transportHåvard Pettersen2022-03-302-0/+196
| | | | | | | This is done by closing all connectors and connections related to the supervisor (via the server adapter interface). Also; the packet streamer was made a singleton to avoid additional (unneeded) references to the supervisor object.
* remove connection-based session handlingHåvard Pettersen2022-02-282-149/+0
| | | | also remove method mismatch hook
* Remove inlining warnings (fnet).Tor Egge2022-02-262-1/+9
|
* Revert "Revert "- Create the common transport and threadpool in the main loop.""Henning Baldersheim2022-02-241-1/+1
|
* Revert "- Create the common transport and threadpool in the main loop."Henning Baldersheim2022-02-241-1/+1
|
* - Create the common transport and threadpool in the main loop.Henning Baldersheim2022-02-241-1/+1
| | | | | - Also use the common transport for config subscriptions. - Put The TransportConfig in the fnet namespace.
* Ensure cross-thread visibility in testTor Brede Vekterli2022-02-181-8/+9
|
* Update 2019 Oath copyrights.gjoranv2021-10-271-1/+1
|
* Update 2018 copyright notices.gjoranv2021-10-071-1/+1
|
* Update 2017 copyright notices.gjoranv2021-10-0711-11/+11
|
* drop empty buffersHåvard Pettersen2021-06-011-9/+34
|
* use size literals in fnetArne Juul2021-02-151-1/+2
|
* Use vespalib::duration for timeoutsHenning Baldersheim2021-01-311-0/+1
|
* - Add the cost to expensive tests.Henning Baldersheim2021-01-131-12/+17
| | | | - Use less resources on the fnet_parallel_rpc test bu just using as many threads as you have cores.
* provide the config in the constructor only.Henning Baldersheim2020-12-011-1/+1
|
* Misc cleanup of includes and code healthHenning Baldersheim2020-12-017-18/+32
|
* - Add debug logging.Henning Baldersheim2020-02-231-0/+1
| | | | | - std::make_unique - Reduce code visibility.
* FastOS_THread::Sleep -> std::chrono::sleep_forHenning Baldersheim2019-12-041-1/+1
| | | | | Renamed Timer -> ScheduledExecutor. Do not include thread.h when not needed in header files.
* Mark fill members unused for clang.Tor Egge2019-08-021-6/+12
|
* Simplify the supervisor responsibilityHenning Baldersheim2019-05-107-45/+41
|
* async tls handshake workHåvard Pettersen2019-02-212-12/+29
|
* Remove files used by old unit test runner.Tor Egge2019-02-195-8/+0
|
* Reset global crypto shared pointer before returning fom main.Tor Egge2019-02-152-0/+2
|
* TLS time trace experimentsHåvard Pettersen2019-02-083-0/+144
| | | | Note that this is without intrusive samples in the code
* use generic latchHåvard Pettersen2018-11-301-23/+7
|
* mixed mode tls support in fnetHåvard Pettersen2018-09-272-0/+14
|
* improve rpc invocation testHåvard Pettersen2018-09-211-695/+212
|
* re-enable fnet tls testsHåvard Pettersen2018-09-172-7/+7
|
* disable fnet tests using tlsHåvard Pettersen2018-09-142-7/+7
|
* run micro-benchmark with various crypto engines (null/xor/tls)Håvard Pettersen2018-09-101-9/+28
|
* no encryption when encryption is not specifiedHåvard Pettersen2018-09-101-2/+2
|
* tls crypto adapterHåvard Pettersen2018-09-072-0/+8
|
* remove non-instant invocationHåvard Pettersen2018-09-056-34/+23
|
* make test run fasterHåvard Pettersen2018-09-031-9/+3
|
* also run invoke/session tests with xor crypto engineHåvard Pettersen2018-09-034-5/+40
| | | | bonus: wire crypto engine through supervisor