Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | drain as much as possible before reading more socket data | Håvard Pettersen | 2018-09-17 | 2 | -2/+6 |
| | |||||
* | let xor crypto engine use smart buffers | Håvard Pettersen | 2018-09-13 | 1 | -29/+36 |
| | | | | | also use similar buffer strategies to the (tls) crypto codec adapter to make benchmark comparisons more reasonable. | ||||
* | use smart buffer for crypto codec adapter | Håvard Pettersen | 2018-09-13 | 1 | -4/+4 |
| | |||||
* | Merge pull request #6912 from vespa-engine/havardpe/smart-buffer-in-vespalib | Håvard Pettersen | 2018-09-12 | 6 | -0/+252 |
|\ | | | | | slightly smarter buffer with test | ||||
| * | slightly smarter buffer with test | Håvard Pettersen | 2018-09-11 | 6 | -0/+252 |
| | | |||||
* | | Merge pull request #6903 from ↵ | Tor Brede Vekterli | 2018-09-12 | 1 | -6/+12 |
|\ \ | |/ |/| | | | | | vespa-engine/havardpe/better-handling-of-framed-sockets-in-fnet better handling of framed sockets in fnet | ||||
| * | better handling of framed sockets in fnet | Håvard Pettersen | 2018-09-11 | 1 | -6/+12 |
| | | | | | | | | also minor tweaking of crypto codec adapter | ||||
* | | Merge pull request #6896 from ↵ | Henning Baldersheim | 2018-09-11 | 1 | -0/+2 |
|\ \ | | | | | | | | | | | | | vespa-engine/toregge/handle-single-mmap-hole-in-mmap-extension-test The first memory mapped region can be a long distance from the second one | ||||
| * | | The first memory mapped region can be a long distance from the second | Tor Egge | 2018-09-11 | 1 | -0/+2 |
| | | | | | | | | | | | | | | | one if there is a hole in the memory mapping. Add a dummy mapping to plug this hole. | ||||
* | | | Handle 4k logical sector size in vespalib::copy function. | Tor Egge | 2018-09-11 | 2 | -2/+2 |
| |/ |/| | |||||
* | | Merge pull request #6874 from ↵ | Tor Brede Vekterli | 2018-09-10 | 2 | -2/+10 |
|\ \ | | | | | | | | | | | | | vespa-engine/vekterli/enforce-tls-peer-certificate-verification Enforce TLS peer certificate verification (client and server) | ||||
| * | | Enforce TLS peer certificate verification (client and server) | Tor Brede Vekterli | 2018-09-10 | 2 | -2/+10 |
| |/ | |||||
* / | enable tls when VESPA_TLS_CONFIG_FILE is set | Håvard Pettersen | 2018-09-10 | 1 | -3/+11 |
|/ | |||||
* | Merge pull request #6852 from vespa-engine/havardpe/tls-crypto-adapter | Tor Brede Vekterli | 2018-09-07 | 7 | -8/+251 |
|\ | | | | | tls crypto adapter | ||||
| * | tls crypto adapter | Håvard Pettersen | 2018-09-07 | 7 | -8/+251 |
| | | |||||
* | | Make error message less specific since it might be triggered in other scenarios | Tor Brede Vekterli | 2018-09-07 | 2 | -2/+2 |
| | | |||||
* | | Address code review comments | Tor Brede Vekterli | 2018-09-07 | 1 | -5/+5 |
| | | |||||
* | | Add TLS config file support with proposed JSON structure | Tor Brede Vekterli | 2018-09-07 | 10 | -0/+209 |
|/ | |||||
* | Merge pull request #6832 from vespa-engine/vekterli/openssl-tweaks | Tor Brede Vekterli | 2018-09-07 | 3 | -23/+49 |
|\ | | | | | OpenSSL version compatibility fixes and better exception safety | ||||
| * | Update function name to imply TLS version agnosticism | Tor Brede Vekterli | 2018-09-06 | 1 | -2/+2 |
| | | |||||
| * | OpenSSL version compatibility fixes and better exception safety | Tor Brede Vekterli | 2018-09-06 | 3 | -22/+48 |
| | | | | | | | | | | | | - On 1.1.0, make TLS version dynamic (but at least v1.2) - On 1.0.1, manually set a P-256 curve for ECDH - Ensure that exception during TLS context construction does not leak SSL_CTX | ||||
* | | Merge pull request #6828 from vespa-engine/havardpe/move-tls-opts-generation | Håvard Pettersen | 2018-09-06 | 5 | -70/+98 |
|\ \ | |/ |/| | move tls opts generation to make it more available | ||||
| * | move tls opts generation to make it more available | Håvard Pettersen | 2018-09-06 | 5 | -70/+98 |
| | | |||||
* | | Ignore deprecated declaration diagnostic when using openssl 1.1.0h. | Tor Egge | 2018-09-05 | 1 | -3/+6 |
|/ | |||||
* | Merge pull request #6815 from ↵ | Håvard Pettersen | 2018-09-05 | 1 | -2/+8 |
|\ | | | | | | | | | vespa-engine/vekterli/attempt-old-openssl-compatibility OpenSSL 1.0.1 API quick fixes | ||||
| * | fix version check | Håvard Pettersen | 2018-09-05 | 1 | -1/+1 |
| | | |||||
| * | Const cast sacrifice to satisfy the old OpenSSL gods | Tor Brede Vekterli | 2018-09-05 | 1 | -1/+5 |
| | | |||||
| * | Try to make TLS context compile on < OpenSSL 1.0.2 | Tor Brede Vekterli | 2018-09-05 | 1 | -3/+5 |
| | | |||||
* | | remove non-instant invocation | Håvard Pettersen | 2018-09-05 | 1 | -4/+4 |
|/ | |||||
* | Only add OpenSSL include directories, don't try to link for object libs | Tor Brede Vekterli | 2018-09-05 | 2 | -2/+4 |
| | |||||
* | The current implementation is known to be sub-optimal due to requiring | Tor Brede Vekterli | 2018-09-05 | 19 | -0/+1229 |
| | | | | | | memory copies in and out of OpenSSL's working BIOs for every encode and decode. Codec design is also up for change, depending on how well it fits with crypto socket integration. | ||||
* | Revert "Add initial OpenSSL CryptoEngine implementation and key/cert handling" | Jon Marius Venstad | 2018-09-05 | 19 | -1229/+0 |
| | |||||
* | Revert "Revert "Add initial OpenSSL CryptoEngine implementation and key/cert ↵ | Tor Brede Vekterli | 2018-09-05 | 19 | -0/+1229 |
| | | | | handling"" | ||||
* | Revert "Add initial OpenSSL CryptoEngine implementation and key/cert handling" | Tor Brede Vekterli | 2018-09-04 | 19 | -1229/+0 |
| | |||||
* | Explicit vespalib string namespace prefixing | Tor Brede Vekterli | 2018-09-03 | 3 | -15/+13 |
| | |||||
* | Use correct TLSv1.2 max frame size limits | Tor Brede Vekterli | 2018-09-03 | 2 | -10/+14 |
| | |||||
* | Address code review comments | Tor Brede Vekterli | 2018-09-03 | 8 | -33/+50 |
| | |||||
* | Add initial OpenSSL CryptoEngine implementation and key/cert handling | Tor Brede Vekterli | 2018-08-31 | 19 | -0/+1210 |
| | | | | | | | The current implementation is known to be sub-optimal due to requiring memory copies in and out of OpenSSL's working BIOs for every encode and decode. Codec design is also up for change, depending on how well it fits with crypto socket integration. | ||||
* | Merge pull request #6686 from ↵ | Håvard Pettersen | 2018-08-30 | 2 | -0/+24 |
|\ | | | | | | | | | vespa-engine/havardpe/integrate-crypto-engine-in-fnet integrate Crypto{Engine,Socket} into fnet | ||||
| * | fixes based on feedback | Håvard Pettersen | 2018-08-28 | 1 | -1/+1 |
| | | | | | | | | | | - do not check broken flag when doing flush - use auto-detection of guard template parameter | ||||
| * | integrate Crypto{Engine,Socket} into fnet | Håvard Pettersen | 2018-08-27 | 2 | -0/+24 |
| | | |||||
* | | Add move assignment and move constructor to CloneablePtr and IdentifiablePtr. | Tor Egge | 2018-08-29 | 1 | -0/+14 |
|/ | | | | | This allows for use of std::unique_ptr rhs value instead of temporary raw pointer. | ||||
* | first version of high-level c++ socket crypto APIs | Håvard Pettersen | 2018-08-24 | 5 | -0/+314 |
| | | | | | | includes fall-back implementation for non-encrypted communications and a very simple xor encryption implementation for testing and example purposes. | ||||
* | use non-const copy of input in rendezvous | Håvard Pettersen | 2018-08-13 | 3 | -28/+62 |
| | |||||
* | Remove whitespace | Henning Baldersheim | 2018-08-12 | 13 | -38/+38 |
| | |||||
* | Pass stringref by value | Henning Baldersheim | 2018-08-11 | 10 | -47/+41 |
| | |||||
* | Pass stringref by value | Henning Baldersheim | 2018-08-10 | 16 | -116/+116 |
| | |||||
* | Merge pull request #6485 from ↵ | Henning Baldersheim | 2018-08-08 | 1 | -2/+7 |
|\ | | | | | | | | | vespa-engine/balder/transfer-when-selecting-the-best Balder/transfer when selecting the best | ||||
| * | Improve tests by tightening it. | Henning Baldersheim | 2018-08-08 | 1 | -2/+7 |
| | | |||||
* | | Add fsync calls to reduce probability of unexpected state after a crash. | Tor Egge | 2018-08-02 | 2 | -0/+19 |
|/ |