aboutsummaryrefslogtreecommitdiffstats
path: root/fnet
Commit message (Collapse)AuthorAgeFilesLines
* Remove unused code in FNET_DataBuffer.Tor Egge2023-11-181-50/+0
|
* Update copyrightJon Bratseth2023-10-09132-132/+132
|
* atomic should not be neededHåvard Pettersen2023-08-092-8/+7
| | | | using atomic might hide issues from TSAN
* more robust shutdown to avoid multi-close raceHåvard Pettersen2023-08-093-21/+29
|
* use atomic swap in handle_add_eventArne Juul2023-08-031-3/+4
|
* use std::atomic<std::shared_ptr>Arne Juul2023-08-032-7/+7
|
* Add noexcept and explicit delete copy constructors and operatorsHenning Baldersheim2023-06-291-10/+8
|
* added AutoJoiner tool locally (might be moved to vespalib)Håvard Pettersen2023-06-091-1/+77
| | | | | - make sure detached threads are done before exiting the application - co-operative auto-joining to limit the number of unjoined threads
* Eliminate maybe-uninitialized warning in FNET_Transport::select_thread.Tor Egge2023-06-061-4/+8
|
* Add noexcept specifiers.Tor Egge2023-06-062-2/+2
|
* Verify value of dummy member at object destruction.Henning Baldersheim2023-03-201-11/+16
|
* Update expected size of FNET_IOComponentHenning Baldersheim2023-03-071-1/+1
|
* use ref_counted in fnetHåvard Pettersen2023-03-0634-365/+159
| | | | | | also get rid of some cleanup functions on reference counted classes enable specifying low-level parameters to addref/subref (cnt/reserve)
* assert that there are no pending resolves when deletingHåvard Pettersen2023-02-231-2/+3
|
* untangle fnet from fastosHåvard Pettersen2023-02-2216-110/+40
|
* Add metrics tracking failed RPC and status page capability checksTor Brede Vekterli2023-02-172-0/+12
|
* stop using fastos thread more placesHåvard Pettersen2023-02-141-2/+3
| | | | | | | | | | - also stop using std::jthread - remove Active and Joinable interfaces - remove stop, stopped and slumber - remove currentThread - make start function static - override start for Runnable w/init or custom function - explicit stop/slumber where needed
* GC #ifdef __clang__not neededHenning Baldersheim2023-02-141-11/+7
|
* Deinline destructors in metrics, fnet, jrt_test logdHenning Baldersheim2023-02-011-62/+64
|
* Use snprintf instead of sprintf.Tor Egge2023-01-312-3/+3
|
* GC some compiler pragmas not needed.Henning Baldersheim2023-01-301-4/+1
|
* remove some whitespace at end of linesArne Juul2023-01-222-3/+3
|
* Merge pull request #25392 from vespa-engine/havardpe/drop-safe-discardTor Egge2023-01-052-16/+1
|\ | | | | remove recursive pseudo lock
| * remove recursive pseudo lockHåvard Pettersen2023-01-042-16/+1
| | | | | | | | | | this allows dropping events in parallel during/after transport thread shutdown, which should be safe.
* | remove xor crypto engine from C++Håvard Pettersen2023-01-044-19/+1
|/
* Merge pull request #25325 from vespa-engine/geirst/typedef-to-using-in-cpp-codeHenning Baldersheim2022-12-213-5/+5
|\ | | | | Change from typedef to using in C++ code.
| * Change from typedef to using in misc C++ code.Geir Storli2022-12-213-5/+5
| |
* | Ensure that transport thread is woken up explicit for every FNET_CMD_EXECUTE ↵Henning Baldersheim2022-12-212-5/+7
|/ | | | command
* Remove stacksize from the thread pools and thread executors.Henning Baldersheim2022-12-209-11/+11
|
* Slow down when getting too far ahead of server.Tor Egge2022-11-031-0/+7
|
* Merge pull request #23832 from ↵Tor Brede Vekterli2022-08-291-1/+1
|\ | | | | | | | | vespa-engine/vekterli/capability-filtering-of-content-status-pages Add capability filtering for content layer status pages and metrics [run-systemtest]
| * Unify to_string for PeerCredentials to match other typesTor Brede Vekterli2022-08-291-1/+1
| |
* | remove unused doxygen setup filesArne Juul2022-08-291-939/+0
| |
* | Avoid out of bounds access to the argv array.Geir Storli2022-08-261-2/+6
|/ | | | | The following would crash the program before: vespa-rpc-invoke -t 1 tcp/localhost:1234
* Explicitly test that requiring an empty capability set is a no-opTor Brede Vekterli2022-08-251-0/+10
| | | | | | | This should always work (tm), so adding a test that shows that it does. Mostly useful for RPCs that are always configured to use a request filter but where the actual capability set is optionally set and defaults to empty.
* Add factory functions for creating capability requirement filtersTor Brede Vekterli2022-08-233-2/+18
| | | | Refactor existing request access filter creation to use these.
* Simplify expressionTor Brede Vekterli2022-08-231-1/+1
|
* Support capability enforcement environment variable in C++Tor Brede Vekterli2022-08-224-6/+57
| | | | | | | | | | Mirrors Java enforce/log-only/disable semantics, defaulting to enforce. Also fixes an issue where connection auth context and capabilities would not be set if a server socket was running in mixed-mode. This is not a problem in practice since mixed-mode is inherently completely insecure since it must accept plain-text clients, which implicitly have all capabilities granted.
* Add buffered logging of capability filter authz failuresTor Brede Vekterli2022-07-111-1/+17
| | | | | | Buffering is done using peer spec as token to ensure we don't miss any distinct peer permission failures, but avoid swamping the log since this is triggered per RPC call.
* Make GetPeerSpec() publicTor Brede Vekterli2022-07-111-4/+4
| | | | Very useful for getting the remote address of the connection
* Refactor Capability(Set) and add more testingTor Brede Vekterli2022-06-303-5/+5
| | | | | | | Hide all nitty-gritty details of how capabilities map to internal bit set positions by making more of Capability private and only allowing CapabilitySet to see how the sausages are made. Move all bit set functionality to CapabilitySet, where it really belongs.
* Clarify why we're setting the return handler prior to filter invocationTor Brede Vekterli2022-06-291-1/+1
|
* Support mTLS connection-level capabilities and RPC access filtering in C++Tor Brede Vekterli2022-06-2913-50/+207
| | | | | | | | | | | | | | | | | | | | | | | | Adds the following: * Named capabilities and capability sets that represent (respectively) a single Vespa access API (such as Document API, search API etc) or a concrete subset of individual capabilities that make up a particular Vespa service (such as a content node). * A new `capabilities` array field to the mTLS authorization policies that allows for constraining what requests sent over a particular connection are allowed to actually do. Capabilities are referenced by name and may include any combination of capability sets and individual capabilities. If multiple capabilities/sets are configured, the resulting set of capabilities is the union set of all of them. * An FRT RPC-level access filter that can be set up as part of RPC method definitions. If set, filters are invoked prior to RPC methods. * A new `PERMISSION_DENIED` error code to FRT RPC that is invoked if an access filter denies a request. This also GCs the unused `AssumedRoles` concept which is now deprecated in favor of capabilities. Note: this is **not yet** a public or stable API, and capability names/semantics may change at any time.
* fix undefined behavior in unit testsHåvard Pettersen2022-06-092-174/+40
|
* avoid calling function on nullptrHåvard Pettersen2022-05-232-8/+8
|
* Merge pull request #22492 from vespa-engine/havardpe/remember-port-numberHenning Baldersheim2022-05-062-2/+4
|\ | | | | remember port number
| * remember port numberHåvard Pettersen2022-05-062-2/+4
| | | | | | | | to avoid race on shutdown
* | Avoid nullptr src/dest args to zero-sized memcpyTor Brede Vekterli2022-05-041-4/+7
|/
* remove FastOS_ApplicationHåvard Pettersen2022-04-0810-130/+102
| | | | | | | | fixup (per application): - maybe ignore SIGPIPE - wire argc/argv untangle Vespa Test Framework strip down deprecated TestApp
* Add missing include statements. Check for atomic wait support.Tor Egge2022-04-051-0/+1
|