Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | use latch instead of executor and improve timing testing | Håvard Pettersen | 2018-11-30 | 1 | -36/+48 |
| | |||||
* | added Latch utility | Håvard Pettersen | 2018-11-29 | 6 | -3/+178 |
| | |||||
* | Merge pull request #7786 from vespa-engine/havardpe/initial-portal-code | Tor Brede Vekterli | 2018-11-29 | 24 | -0/+2070 |
|\ | | | | | initial portal code | ||||
| * | initial portal code | Håvard Pettersen | 2018-11-27 | 24 | -0/+2070 |
| | | |||||
* | | Also test with hash_map | Henning Baldersheim | 2018-11-28 | 1 | -2/+34 |
| | | |||||
* | | Randomize keys | Henning Baldersheim | 2018-11-28 | 1 | -5/+9 |
| | | |||||
* | | =default | Henning Baldersheim | 2018-11-28 | 2 | -15/+4 |
|/ | |||||
* | Rename `allowed-peers` to `authorized-peers` | Tor Brede Vekterli | 2018-11-20 | 14 | -143/+123 |
| | |||||
* | Merge pull request #7608 from ↵ | Tor Brede Vekterli | 2018-11-13 | 22 | -37/+827 |
|\ | | | | | | | | | vespa-engine/vekterli/add-support-for-basic-certificate-verification-policies Add support for basic certificate verification policies in C++ | ||||
| * | `Cursor` -> `Inspector` for parsing | Tor Brede Vekterli | 2018-11-13 | 1 | -4/+4 |
| | | |||||
| * | Correct test name | Tor Brede Vekterli | 2018-11-13 | 1 | -1/+1 |
| | | |||||
| * | Use explicit `const` for `auto` | Tor Brede Vekterli | 2018-11-13 | 1 | -3/+3 |
| | | |||||
| * | Add support for basic certificate verification policies in C++ | Tor Brede Vekterli | 2018-11-08 | 22 | -36/+826 |
| | | | | | | | | | | | | | | | | Extends TLS config JSON file with an `allowed-peers` object, which if non-empty specifies a set of policies that a peer may match. If at least one policy exists a peer must match all requirements in any single policy to be allowed to connect. I.e. it's sufficient to match 1 policy out of many. | ||||
* | | = deafult and 0 -> nullptr | Henning Baldersheim | 2018-11-09 | 2 | -8/+8 |
|/ | |||||
* | Use template args for the class, not on the find method. | Henning Baldersheim | 2018-11-01 | 8 | -91/+46 |
| | |||||
* | Use a templated find() to enable lookup without object creation when objects ↵ | Henning Baldersheim | 2018-11-01 | 4 | -7/+40 |
| | | | | are comparable. | ||||
* | remove extra hug | Håvard Pettersen | 2018-10-19 | 1 | -2/+2 |
| | |||||
* | half_close for sync crypto sockets | Håvard Pettersen | 2018-10-19 | 3 | -0/+38 |
| | |||||
* | half_close for crypto sockets | Håvard Pettersen | 2018-10-19 | 9 | -4/+149 |
| | |||||
* | Add support for half-close to `CryptoCodec` and OpenSSL implementation | Tor Brede Vekterli | 2018-10-18 | 4 | -69/+163 |
| | |||||
* | Add support for custom certificate verification callbacks | Tor Brede Vekterli | 2018-10-15 | 21 | -45/+931 |
| | | | | | | | Specified as part of `TransportSecurityOptions` and will default to a callback accepting all pre-verified certificates if not given. Callback is provided with certificate subject Common Name and DNS Subject Alternate Name entries. | ||||
* | added sync crypto socket with test | Håvard Pettersen | 2018-10-09 | 7 | -3/+257 |
| | |||||
* | added simple test for various crypto sockets | Håvard Pettersen | 2018-10-09 | 3 | -0/+199 |
| | |||||
* | added SingleFdSelector utility | Håvard Pettersen | 2018-10-09 | 3 | -0/+152 |
| | |||||
* | test empty smart buffer | Håvard Pettersen | 2018-10-09 | 1 | -0/+6 |
| | |||||
* | Merge pull request #7160 from ↵ | Tor Brede Vekterli | 2018-10-01 | 1 | -0/+3 |
|\ | | | | | | | | | vespa-engine/vekterli/silently-handle-tls-client-graceful-shutdown Handle case where SSL_read fails when client has shutdown normally | ||||
| * | Handle case where SSL_read fails when client has shutdown normally | Tor Brede Vekterli | 2018-10-01 | 1 | -0/+3 |
| | | | | | | | | | | | | Break the connection silently when SSL_ERROR_ZERO_RETURN is returned from SSL_read, as this just implies the client has sent a shutdown alert frame. | ||||
* | | GC HashMap | Henning Baldersheim | 2018-09-28 | 16 | -236721/+50 |
|/ | |||||
* | Merge pull request #7132 from ↵ | Tor Brede Vekterli | 2018-09-28 | 4 | -79/+301 |
|\ | | | | | | | | | vespa-engine/vekterli/more-openssl-testing-and-improved-pem-error-reporting Improve OpenSSL codec tests and error detection for X509 PEM parsing | ||||
| * | Improve OpenSSL codec tests and error detection for X509 PEM parsing | Tor Brede Vekterli | 2018-09-27 | 4 | -79/+301 |
| | | | | | | | | | | Also support creating non-authenticated clients in case the codec will be used for non-RPC purposes at some point. | ||||
* | | use static assert | Håvard Pettersen | 2018-09-28 | 1 | -3/+1 |
| | | |||||
* | | avoid dynamic cast | Håvard Pettersen | 2018-09-28 | 3 | -7/+9 |
| | | |||||
* | | mixed mode tls support in fnet | Håvard Pettersen | 2018-09-27 | 10 | -4/+237 |
| | | |||||
* | | remove performance disclaimer related to using SimpleBuffer | Håvard Pettersen | 2018-09-27 | 1 | -3/+0 |
|/ | |||||
* | Merge pull request #7081 from ↵ | Tor Brede Vekterli | 2018-09-27 | 7 | -4/+250 |
|\ | | | | | | | | | vespa-engine/vekterli/add-tls-protocol-snooping-utilities Add functionality for detecting whether a client is using TLS or not | ||||
| * | Address code review feedback | Tor Brede Vekterli | 2018-09-25 | 3 | -12/+26 |
| | | |||||
| * | Add functionality for detecting whether a client is using TLS or not | Tor Brede Vekterli | 2018-09-25 | 7 | -4/+236 |
| | | | | | | | | | | Inspects first 8 bytes of a client's initial data stream to determine if it's (with very high confidence) a TLS ClientHello message. | ||||
* | | Add newline and rewrite error handling to a linear sequence of guards. | Henning Baldersheim | 2018-09-26 | 1 | -13/+13 |
| | | |||||
* | | Add simple usage test for vespa-drop-file-from-cache | Henning Baldersheim | 2018-09-26 | 3 | -8/+28 |
| | | |||||
* | | Add simple usage test for vespa-drop-file-from-cache | Henning Baldersheim | 2018-09-26 | 2 | -0/+21 |
| | | |||||
* | | Nested namespace and =delete | Henning Baldersheim | 2018-09-26 | 1 | -10/+5 |
| | | |||||
* | | Add simple program to drop files from the buffer cache. | Henning Baldersheim | 2018-09-25 | 4 | -0/+36 |
|/ | |||||
* | Address code review feedback | Tor Brede Vekterli | 2018-09-24 | 2 | -2/+2 |
| | |||||
* | Introduce custom OpenSSL BIOs for providing direct buffer read/write | Tor Brede Vekterli | 2018-09-19 | 9 | -147/+745 |
| | | | | | | | | BIOs offer a dynamic view into source or sink (const/mutable) buffers and avoids overhead of copying from/to memory BIOs. Also strictly enforces buffer sizes to ensure there are no hidden reallocs. Additionally make code OpenSSL 1.1+ and TLSv1.3 compatible. | ||||
* | drain as much as possible before reading more socket data | Håvard Pettersen | 2018-09-17 | 2 | -2/+6 |
| | |||||
* | let xor crypto engine use smart buffers | Håvard Pettersen | 2018-09-13 | 1 | -29/+36 |
| | | | | | also use similar buffer strategies to the (tls) crypto codec adapter to make benchmark comparisons more reasonable. | ||||
* | use smart buffer for crypto codec adapter | Håvard Pettersen | 2018-09-13 | 1 | -4/+4 |
| | |||||
* | Merge pull request #6912 from vespa-engine/havardpe/smart-buffer-in-vespalib | Håvard Pettersen | 2018-09-12 | 6 | -0/+252 |
|\ | | | | | slightly smarter buffer with test | ||||
| * | slightly smarter buffer with test | Håvard Pettersen | 2018-09-11 | 6 | -0/+252 |
| | | |||||
* | | Merge pull request #6903 from ↵ | Tor Brede Vekterli | 2018-09-12 | 1 | -6/+12 |
|\ \ | |/ |/| | | | | | vespa-engine/havardpe/better-handling-of-framed-sockets-in-fnet better handling of framed sockets in fnet |