summaryrefslogtreecommitdiffstats
path: root/vespalib
Commit message (Collapse)AuthorAgeFilesLines
* drain as much as possible before reading more socket dataHåvard Pettersen2018-09-172-2/+6
|
* let xor crypto engine use smart buffersHåvard Pettersen2018-09-131-29/+36
| | | | | also use similar buffer strategies to the (tls) crypto codec adapter to make benchmark comparisons more reasonable.
* use smart buffer for crypto codec adapterHåvard Pettersen2018-09-131-4/+4
|
* Merge pull request #6912 from vespa-engine/havardpe/smart-buffer-in-vespalibHåvard Pettersen2018-09-126-0/+252
|\ | | | | slightly smarter buffer with test
| * slightly smarter buffer with testHåvard Pettersen2018-09-116-0/+252
| |
* | Merge pull request #6903 from ↵Tor Brede Vekterli2018-09-121-6/+12
|\ \ | |/ |/| | | | | vespa-engine/havardpe/better-handling-of-framed-sockets-in-fnet better handling of framed sockets in fnet
| * better handling of framed sockets in fnetHåvard Pettersen2018-09-111-6/+12
| | | | | | | | also minor tweaking of crypto codec adapter
* | Merge pull request #6896 from ↵Henning Baldersheim2018-09-111-0/+2
|\ \ | | | | | | | | | | | | vespa-engine/toregge/handle-single-mmap-hole-in-mmap-extension-test The first memory mapped region can be a long distance from the second one
| * | The first memory mapped region can be a long distance from the secondTor Egge2018-09-111-0/+2
| | | | | | | | | | | | | | | one if there is a hole in the memory mapping. Add a dummy mapping to plug this hole.
* | | Handle 4k logical sector size in vespalib::copy function.Tor Egge2018-09-112-2/+2
| |/ |/|
* | Merge pull request #6874 from ↵Tor Brede Vekterli2018-09-102-2/+10
|\ \ | | | | | | | | | | | | vespa-engine/vekterli/enforce-tls-peer-certificate-verification Enforce TLS peer certificate verification (client and server)
| * | Enforce TLS peer certificate verification (client and server)Tor Brede Vekterli2018-09-102-2/+10
| |/
* / enable tls when VESPA_TLS_CONFIG_FILE is setHåvard Pettersen2018-09-101-3/+11
|/
* Merge pull request #6852 from vespa-engine/havardpe/tls-crypto-adapterTor Brede Vekterli2018-09-077-8/+251
|\ | | | | tls crypto adapter
| * tls crypto adapterHåvard Pettersen2018-09-077-8/+251
| |
* | Make error message less specific since it might be triggered in other scenariosTor Brede Vekterli2018-09-072-2/+2
| |
* | Address code review commentsTor Brede Vekterli2018-09-071-5/+5
| |
* | Add TLS config file support with proposed JSON structureTor Brede Vekterli2018-09-0710-0/+209
|/
* Merge pull request #6832 from vespa-engine/vekterli/openssl-tweaksTor Brede Vekterli2018-09-073-23/+49
|\ | | | | OpenSSL version compatibility fixes and better exception safety
| * Update function name to imply TLS version agnosticismTor Brede Vekterli2018-09-061-2/+2
| |
| * OpenSSL version compatibility fixes and better exception safetyTor Brede Vekterli2018-09-063-22/+48
| | | | | | | | | | | | - On 1.1.0, make TLS version dynamic (but at least v1.2) - On 1.0.1, manually set a P-256 curve for ECDH - Ensure that exception during TLS context construction does not leak SSL_CTX
* | Merge pull request #6828 from vespa-engine/havardpe/move-tls-opts-generationHåvard Pettersen2018-09-065-70/+98
|\ \ | |/ |/| move tls opts generation to make it more available
| * move tls opts generation to make it more availableHåvard Pettersen2018-09-065-70/+98
| |
* | Ignore deprecated declaration diagnostic when using openssl 1.1.0h.Tor Egge2018-09-051-3/+6
|/
* Merge pull request #6815 from ↵Håvard Pettersen2018-09-051-2/+8
|\ | | | | | | | | vespa-engine/vekterli/attempt-old-openssl-compatibility OpenSSL 1.0.1 API quick fixes
| * fix version checkHåvard Pettersen2018-09-051-1/+1
| |
| * Const cast sacrifice to satisfy the old OpenSSL godsTor Brede Vekterli2018-09-051-1/+5
| |
| * Try to make TLS context compile on < OpenSSL 1.0.2Tor Brede Vekterli2018-09-051-3/+5
| |
* | remove non-instant invocationHåvard Pettersen2018-09-051-4/+4
|/
* Only add OpenSSL include directories, don't try to link for object libsTor Brede Vekterli2018-09-052-2/+4
|
* The current implementation is known to be sub-optimal due to requiringTor Brede Vekterli2018-09-0519-0/+1229
| | | | | | memory copies in and out of OpenSSL's working BIOs for every encode and decode. Codec design is also up for change, depending on how well it fits with crypto socket integration.
* Revert "Add initial OpenSSL CryptoEngine implementation and key/cert handling"Jon Marius Venstad2018-09-0519-1229/+0
|
* Revert "Revert "Add initial OpenSSL CryptoEngine implementation and key/cert ↵Tor Brede Vekterli2018-09-0519-0/+1229
| | | | handling""
* Revert "Add initial OpenSSL CryptoEngine implementation and key/cert handling"Tor Brede Vekterli2018-09-0419-1229/+0
|
* Explicit vespalib string namespace prefixingTor Brede Vekterli2018-09-033-15/+13
|
* Use correct TLSv1.2 max frame size limitsTor Brede Vekterli2018-09-032-10/+14
|
* Address code review commentsTor Brede Vekterli2018-09-038-33/+50
|
* Add initial OpenSSL CryptoEngine implementation and key/cert handlingTor Brede Vekterli2018-08-3119-0/+1210
| | | | | | | The current implementation is known to be sub-optimal due to requiring memory copies in and out of OpenSSL's working BIOs for every encode and decode. Codec design is also up for change, depending on how well it fits with crypto socket integration.
* Merge pull request #6686 from ↵Håvard Pettersen2018-08-302-0/+24
|\ | | | | | | | | vespa-engine/havardpe/integrate-crypto-engine-in-fnet integrate Crypto{Engine,Socket} into fnet
| * fixes based on feedbackHåvard Pettersen2018-08-281-1/+1
| | | | | | | | | | - do not check broken flag when doing flush - use auto-detection of guard template parameter
| * integrate Crypto{Engine,Socket} into fnetHåvard Pettersen2018-08-272-0/+24
| |
* | Add move assignment and move constructor to CloneablePtr and IdentifiablePtr.Tor Egge2018-08-291-0/+14
|/ | | | | This allows for use of std::unique_ptr rhs value instead of temporary raw pointer.
* first version of high-level c++ socket crypto APIsHåvard Pettersen2018-08-245-0/+314
| | | | | | includes fall-back implementation for non-encrypted communications and a very simple xor encryption implementation for testing and example purposes.
* use non-const copy of input in rendezvousHåvard Pettersen2018-08-133-28/+62
|
* Remove whitespaceHenning Baldersheim2018-08-1213-38/+38
|
* Pass stringref by valueHenning Baldersheim2018-08-1110-47/+41
|
* Pass stringref by valueHenning Baldersheim2018-08-1016-116/+116
|
* Merge pull request #6485 from ↵Henning Baldersheim2018-08-081-2/+7
|\ | | | | | | | | vespa-engine/balder/transfer-when-selecting-the-best Balder/transfer when selecting the best
| * Improve tests by tightening it.Henning Baldersheim2018-08-081-2/+7
| |
* | Add fsync calls to reduce probability of unexpected state after a crash.Tor Egge2018-08-022-0/+19
|/