aboutsummaryrefslogtreecommitdiffstats
path: root/vespalib
Commit message (Collapse)AuthorAgeFilesLines
* start using concepts in vespalibHåvard Pettersen2022-09-155-19/+22
|
* more convenient ThreadBundle::runHåvard Pettersen2022-09-145-15/+99
|
* thread bundle now available when calculating the global filterHåvard Pettersen2022-09-123-0/+31
|
* Unify og getNumActiveDocs and hide some implementations.Henning Baldersheim2022-09-091-3/+3
|
* Merge pull request #23980 from ↵Tor Brede Vekterli2022-09-083-4/+5
|\ | | | | | | | | vespa-engine/vekterli/add-status-page-frame-ancestors-csp Add frame-ancestors: 'none' to CSP headers returned by internal server
| * Update test HTTP header expectationsTor Brede Vekterli2022-09-082-2/+2
| |
| * Add frame-ancestors: 'none' to CSP headers returned by internal serverTor Brede Vekterli2022-09-081-2/+3
| | | | | | | | | | We already have (and will continue to have) `X-Frame-Options: DENY`, but this is the more modern version of it.
* | Revert "Revert "Unify access to assets needed during rank-setup.""Henning Baldersheim2022-09-071-2/+5
|/
* Revert "Unify access to assets needed during rank-setup."Tor Egge2022-09-071-5/+2
|
* Unify access to assets needed during rank-setup.Henning Baldersheim2022-09-061-2/+5
|
* Merge pull request #23946 from ↵Henning Baldersheim2022-09-063-64/+91
|\ | | | | | | | | vespa-engine/havardpe/rank-profile-report-name-mapping-support support mapping names in execution profiling output
| * support mapping names in execution profiling outputHåvard Pettersen2022-09-063-64/+91
| | | | | | | | | | use feature descriptions rather than raw feature names drop single quotes from feature descriptions
* | Factor out XML attribute/content escaping to own utility functionsTor Brede Vekterli2022-09-057-50/+163
|/
* Use vespalib::SmartBuffer instead of ancient RawBuf.Henning Baldersheim2022-08-302-2/+5
|
* Reduce usage of RawBuf.Henning Baldersheim2022-08-291-1/+1
| | | | Remove some unused code.
* Merge pull request #23832 from ↵Tor Brede Vekterli2022-08-294-13/+13
|\ | | | | | | | | vespa-engine/vekterli/capability-filtering-of-content-status-pages Add capability filtering for content layer status pages and metrics [run-systemtest]
| * Unify to_string for PeerCredentials to match other typesTor Brede Vekterli2022-08-294-13/+13
| |
* | remove unused doxygen setup filesArne Juul2022-08-291-215/+0
|/
* Expose underlying connection auth context in Portal GetRequestTor Brede Vekterli2022-08-264-4/+28
|
* Add capabilities and RPC filters for sentinel and internal Proton APIsTor Brede Vekterli2022-08-253-12/+31
|
* Fix forward declaration.Tor Egge2022-08-241-1/+1
|
* Merge pull request #23749 from ↵Tor Brede Vekterli2022-08-231-1/+1
|\ | | | | | | | | vespa-engine/vekterli/let-compiler-warn-on-missing-switch-cases Let compiler warn on missing switch cases for enums
| * Let compiler warn on missing switch cases for enumsTor Brede Vekterli2022-08-231-1/+1
| | | | | | | | Minor cleanup sweep.
* | Merge pull request #23737 from ↵Tor Brede Vekterli2022-08-239-8/+109
|\ \ | |/ |/| | | | | vespa-engine/vekterli/support-capability-enforcement-env-var Support capability enforcement environment variable in C++ [run-systemtest]
| * Let compiler warn if we have incomplete enum set in case-listTor Brede Vekterli2022-08-231-1/+1
| |
| * Support capability enforcement environment variable in C++Tor Brede Vekterli2022-08-229-8/+109
| | | | | | | | | | | | | | | | | | | | Mirrors Java enforce/log-only/disable semantics, defaulting to enforce. Also fixes an issue where connection auth context and capabilities would not be set if a server socket was running in mixed-mode. This is not a problem in practice since mixed-mode is inherently completely insecure since it must accept plain-text clients, which implicitly have all capabilities granted.
* | added simple profilerHåvard Pettersen2022-08-226-4/+369
|/
* Merge pull request #23330 from ↵Henning Baldersheim2022-07-041-2/+2
|\ | | | | | | | | vespa-engine/toregge/fix-format-string-in-tsan-digest Fix format string in vespa-tsan-digest.
| * Fix format string in vespa-tsan-digest.Tor Egge2022-07-031-2/+2
| |
* | Merge pull request #23331 from ↵Henning Baldersheim2022-07-041-0/+1
|\ \ | | | | | | | | | | | | vespa-engine/toregge/include-csignal-to-get-declaration-of-kill Include csignal to get declaration of kill
| * | Include csignal to get declaration of killTor Egge2022-07-031-0/+1
| |/
* / GNU source is not required for boost stacktrace on darwin.Tor Egge2022-07-031-0/+3
|/
* Add noexcept specifier.Tor Egge2022-07-034-6/+6
|
* Refactor Capability(Set) and add more testingTor Brede Vekterli2022-06-305-70/+122
| | | | | | | Hide all nitty-gritty details of how capabilities map to internal bit set positions by making more of Capability private and only allowing CapabilitySet to see how the sausages are made. Move all bit set functionality to CapabilitySet, where it really belongs.
* Support mTLS connection-level capabilities and RPC access filtering in C++Tor Brede Vekterli2022-06-2933-312/+848
| | | | | | | | | | | | | | | | | | | | | | | | Adds the following: * Named capabilities and capability sets that represent (respectively) a single Vespa access API (such as Document API, search API etc) or a concrete subset of individual capabilities that make up a particular Vespa service (such as a content node). * A new `capabilities` array field to the mTLS authorization policies that allows for constraining what requests sent over a particular connection are allowed to actually do. Capabilities are referenced by name and may include any combination of capability sets and individual capabilities. If multiple capabilities/sets are configured, the resulting set of capabilities is the union set of all of them. * An FRT RPC-level access filter that can be set up as part of RPC method definitions. If set, filters are invoked prior to RPC methods. * A new `PERMISSION_DENIED` error code to FRT RPC that is invoked if an access filter denies a request. This also GCs the unused `AssumedRoles` concept which is now deprecated in favor of capabilities. Note: this is **not yet** a public or stable API, and capability names/semantics may change at any time.
* Avoid strlen when you already know ths length of the string.Henning Baldersheim2022-06-281-2/+2
|
* Merge pull request #23202 from ↵Henning Baldersheim2022-06-221-0/+5
|\ | | | | | | | | vespa-engine/toregge/remove-array-bounds-warning-in-vespalib Remove array-bounds warning (vespalib).
| * Remove array-bounds warning (vespalib).Tor Egge2022-06-221-0/+5
| |
* | add commentHåvard Pettersen2022-06-221-0/+2
| |
* | fix more undefined behaviorHåvard Pettersen2022-06-221-6/+14
|/
* Merge pull request #23183 from vespa-engine/havardpe/stop-passing-nullptrHåvard Pettersen2022-06-211-1/+3
|\ | | | | stop passing nullptr
| * stop passing nullptrHåvard Pettersen2022-06-211-1/+3
| |
* | too_big => throw_too_bigHenning Baldersheim2022-06-212-8/+8
| |
* | Inline hot path and keep error handling in .cpp file.Henning Baldersheim2022-06-212-31/+39
| |
* | Inline return AttrDFW::get_attribute() and clean up some old code with ↵Henning Baldersheim2022-06-211-32/+0
|/ | | | manual allocation.
* avoid unaligned accessHåvard Pettersen2022-06-202-6/+14
|
* enable making string handles directly from numbersHåvard Pettersen2022-06-163-0/+32
| | | | | used in peek/slice to avoid having to convert small numbers to strings before resolving the enum values.
* support VESPA_SHARED_STRING_REPO_NO_RECLAIM flagHåvard Pettersen2022-06-154-22/+78
|
* Merge pull request #23052 from vespa-engine/havardpe/common-memory-toolsHenning Baldersheim2022-06-132-95/+206
|\ | | | | common memory tools
| * use guards for unlikely casesHåvard Pettersen2022-06-131-8/+7
| |