Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Revert "Re-create container if wanted create command changes" | Valerij Fredriksen | 2022-11-25 | 8 | -52/+20 |
| | |||||
* | Re-create container if wanted create command changes | Martin Polden | 2022-11-24 | 8 | -20/+52 |
| | |||||
* | Merge pull request #24902 from vespa-engine/enclaves-api | gjoranv | 2022-11-17 | 1 | -1/+2 |
|\ | | | | | Enclaves api | ||||
| * | Add test for enclave nodes, and necessary supporting infrastructure | gjoranv | 2022-11-16 | 1 | -1/+2 |
| | | |||||
* | | Use BouncyCastle AES GCM cipher and I/O streams instead of JCA | Tor Brede Vekterli | 2022-11-16 | 1 | -3/+1 |
|/ | | | | | | | | | | | | | | | | | | This resolves two issues: * `javax.crypto.OutputCipherStream` swallows MAC tag mismatch exceptions when the stream is closed, which means that corruptions (intentional or not) are not caught. This is documented behavior, but still very surprising and a rather questionable default. BC's interchangeable `CipherOutputStream` throws as expected. To avoid regressions, add an explicit test that both ciphertext and MAC tag corruptions are propagated. * The default-provided `AES/GCM/NoPadding` `Cipher` instance will not emit decrypted plaintext per `update()` chunk, but buffer everything until `doFinal()` is invoked when the stream is closed. This means that decrypting very large ciphertexts can blow up memory usage since internal output buffers are reallocated and increased per iteration...! Instead use an explicit BC `GCMBlockCipher` which has the expected behavior (and actually lets cipher streams, well, _stream_). Add an `AeadCipher` abstraction to avoid leaking BC APIs outside the security module. | ||||
* | Revert "Revert "Revert "Revert "Move $VESPA_HOME/tmp to $VESPA_HOME/var/tmp ↵ | Eirik Nygaard | 2022-11-07 | 2 | -6/+6 |
| | | | | [run-systemtest]"""" | ||||
* | Revert "Revert "Revert "Move $VESPA_HOME/tmp to $VESPA_HOME/var/tmp ↵ | Eirik Nygaard | 2022-11-07 | 2 | -6/+6 |
| | | | | [run-systemtest]""" | ||||
* | Revert "Revert "Move $VESPA_HOME/tmp to $VESPA_HOME/var/tmp [run-systemtest]"" | Eirik Nygaard | 2022-11-04 | 2 | -6/+6 |
| | |||||
* | Revert "Move $VESPA_HOME/tmp to $VESPA_HOME/var/tmp [run-systemtest]" | Arnstein Ressem | 2022-11-04 | 2 | -6/+6 |
| | |||||
* | Move $VESPA_HOME/tmp to $VESPA_HOME/var/tmp | Eirk Nygaard | 2022-11-04 | 2 | -6/+6 |
| | | | | | Prepare to support immutable container image where only var and logs directories must be writable. Create symlink from old tmp directory to $VESPA_HOME/var/tmp | ||||
* | Wire core dump encryption public key ID to core dump handler logic | Tor Brede Vekterli | 2022-11-04 | 3 | -9/+67 |
| | |||||
* | Merge pull request #24715 from vespa-engine/vekterli/encapsulate-key-id | Tor Brede Vekterli | 2022-11-02 | 1 | -1/+2 |
|\ | | | | | Encapsulate key identifier in own object | ||||
| * | Encapsulate key identifier in own object | Tor Brede Vekterli | 2022-11-02 | 1 | -1/+2 |
| | | | | | | | | Enforces invariants and avoids having to pass raw byte arrays around. | ||||
* | | Log core dump processing | Håkon Hallingstad | 2022-11-02 | 5 | -20/+164 |
|/ | |||||
* | Write absolute path of file | Håkon Hallingstad | 2022-11-01 | 1 | -1/+1 |
| | |||||
* | Merge pull request #24689 from ↵ | Valerij Fredriksen | 2022-11-01 | 8 | -33/+265 |
|\ | | | | | | | | | vespa-engine/hakonhall/guard-core-dump-upload-via-cfg Guard core dump upload via cfg | ||||
| * | Guard core dump upload via cfg | Håkon Hallingstad | 2022-11-01 | 8 | -33/+265 |
| | | |||||
* | | Let token key IDs be UTF-8 byte strings instead of just an integer | Tor Brede Vekterli | 2022-11-01 | 1 | -1/+1 |
|/ | | | | | | | | | | | | | | This makes key IDs vastly more expressive. Max size is 255 bytes, and UTF-8 form is enforced by checking that the byte sequence can be identity-transformed to and from a string with UTF-8 encoding. In addition, we now protect the integrity of the key ID by supplying it as the AAD parameter to the key sealing and opening operations. Reduce v1 token max length of `enc` part to 255, since this is always an X25519 public key, which is never bigger than 32 bytes (but may be _less_ if the random `BigInteger` is small enough, so we still have to encode the length). | ||||
* | zst is the extension for std compressed files. | Henning Baldersheim | 2022-11-01 | 2 | -5/+5 |
| | |||||
* | Add encryption capabilities to core dump handler | Tor Brede Vekterli | 2022-11-01 | 2 | -35/+132 |
| | | | | | | | | | | | | | Once wired in (not currently the case), a Supplier of non-null `SecretSharedKey` instances will trigger: 1. Wrapping the output stream with an encrypting output stream using the secret component of the supplied key. Zstd compression is handled on the input stream, so this should transparently encrypt compressed data. To disambiguate, encrypted core dumps are suffixed with an additional `.enc` file extension. 2. Emitting a public decryption token as part of the metadata using the shared component of the supplied key. | ||||
* | Add missing suffix newline | Håkon Hallingstad | 2022-11-01 | 1 | -1/+1 |
| | |||||
* | Export com.yahoo.vespa.hosted.node.admin.configserver.cores | Håkon Hallingstad | 2022-11-01 | 2 | -1/+9 |
| | |||||
* | Revert "Revert "New cores client in node-admin"" | Håkon Hallingstad | 2022-11-01 | 12 | -43/+297 |
| | |||||
* | Revert "New cores client in node-admin" | Håkon Hallingstad | 2022-11-01 | 12 | -297/+43 |
| | |||||
* | New cores client in node-admin | Håkon Hallingstad | 2022-10-31 | 12 | -43/+297 |
| | |||||
* | * apply new common bootstrap | Arne Juul | 2022-10-24 | 1 | -0/+3 |
| | | | | | * remove now-duplicated code * prefer using ${VESPA_HOME} environment variable | ||||
* | Allow suffix of base name of filename for upload URI | Håkon Hallingstad | 2022-10-20 | 1 | -8/+20 |
| | |||||
* | Start wireguard on configserver hosts (#24345) | gjoranv | 2022-10-13 | 4 | -6/+24 |
| | | | Co-authored-by: gjoranv <gv@verizonmedia.com> | ||||
* | Use UnixPath::exists | Håkon Hallingstad | 2022-10-12 | 1 | -1/+1 |
| | |||||
* | Don't ignore exit code | Ola Aunronning | 2022-09-30 | 1 | -1/+0 |
| | |||||
* | Get systemctl service property | Ola Aunronning | 2022-09-30 | 2 | -0/+12 |
| | |||||
* | Remove pem-trust-store flag | Håkon Hallingstad | 2022-09-29 | 1 | -14/+6 |
| | |||||
* | Add wantToRebuild field | Martin Polden | 2022-09-28 | 3 | -47/+71 |
| | |||||
* | Trust store path is associated with ZTS | Håkon Hallingstad | 2022-09-23 | 1 | -9/+9 |
| | |||||
* | Merge pull request #24130 from ↵ | Harald Musum | 2022-09-20 | 1 | -17/+15 |
|\ | | | | | | | | | vespa-engine/hakonhall/refresh-identity-from-pem-trust-store Refresh identity from PEM trust store | ||||
| * | Refresh identity from PEM trust store | Håkon Hallingstad | 2022-09-19 | 1 | -17/+15 |
| | | |||||
* | | Dont fail coredump reports if /proc/cpuinfo is missing microcode information. | Arnstein Ressem | 2022-09-16 | 1 | -1/+1 |
| | | |||||
* | | Fail service dump request gracefully if JSON is invalid | Bjørn Christian Seime | 2022-09-15 | 3 | -10/+52 |
|/ | |||||
* | Support censoring of command arguments | Martin Polden | 2022-09-08 | 3 | -14/+46 |
| | |||||
* | Merge pull request #23892 from ↵ | Martin Polden | 2022-09-05 | 2 | -2/+3 |
|\ | | | | | | | | | vespa-engine/hakonhall/disallow-gcp-endpoints-in-global-routing Disallow GCP endpoints in global routing | ||||
| * | Disallow GCP endpoints in global routing | Håkon Hallingstad | 2022-09-01 | 2 | -2/+3 |
| | | |||||
* | | Simplify record constructor | Valerij Fredriksen | 2022-09-02 | 1 | -3/+3 |
| | | | | | | Co-authored-by: Håkon Hallingstad <hakon.hallingstad@gmail.com> | ||||
* | | Simplify record constructor | Valerij Fredriksen | 2022-09-02 | 1 | -3/+3 |
| | | | | | | Co-authored-by: Håkon Hallingstad <hakon.hallingstad@gmail.com> | ||||
* | | Remove unnecessary indirection | Valerij Fredriksen | 2022-09-01 | 2 | -16/+22 |
| | | |||||
* | | Non-functional changes: Use records | Valerij Fredriksen | 2022-09-01 | 4 | -76/+4 |
| | | |||||
* | | Non-functional changes: Use new switch style | Valerij Fredriksen | 2022-09-01 | 7 | -78/+62 |
| | | |||||
* | | Non-functional cleanup | Valerij Fredriksen | 2022-09-01 | 16 | -30/+23 |
|/ | |||||
* | Consider trusted node ports in ACL rules | Martin Polden | 2022-08-29 | 8 | -94/+93 |
| | |||||
* | Merge pull request #23764 from ↵ | Valerij Fredriksen | 2022-08-24 | 3 | -30/+15 |
|\ | | | | | | | | | vespa-engine/hakonhall/purge-old-containers-dimension-value Purge old containers dimension value | ||||
| * | Purge old containers dimension value | Håkon Hallingstad | 2022-08-24 | 3 | -30/+15 |
| | |