| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Make it http version neutral, since h2 and h3 use 3 pseudo-headers.
Added scheme, target_authority_offset and target_authority_len
to http_msg_data_t, target_form removed.
Http transport now validate if correct form of request target
is received, so now we are also able to receive requests with
absolute-form target in server apps like http_static.
As bonus, unformat is not longer used to parse IP addresses.
Type: improvement
Change-Id: I369f77e2639c43cc1244d91f883c526eb88af63e
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Sets the program_vlans = 1 flag, enabling the DPDK sub-interface
function to configure VLAN offload settings on Intel iavf/i40e Ethernet
devices from VPP.
Type: improvement
Change-Id: I030af0c93b13cf80772982b243861f9c303f7e09
Signed-off-by: Kai Ji <kai.ji@intel.com>
|
|
Add async crypto algo macros for AES_CTR SHA256/384/512.
Add support for these in dev octeon plugin.
Type: feature
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
Change-Id: I22e81c6ac5a549b2f12556b8c79257a20a5bd47d
|
|
This patch introduces support for direct mode crypto
submission on CPT. For multi-segmented buffers,
scatter-gather submission mode will be utilized.
Type: feature
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
Change-Id: Idb99e6c9ea49028e11d3bf530c9559719c988252
|
|
Added changes in the pending queue structure to
incorporate each packet into a single inflight
request entry.
Type: improvement
Change-Id: I18729e01b5f73b128ae245a1a8f77a4f97065026
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
|
|
This patch resolves segmentation fault that occurs
during the initialization of an asynchronous crypto
session when processing the first packet in the
data path.
And resolves compilation failures.
Type: fix
Change-Id: I60e4060c65741a445fe02f01b3c94f627534ecef
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
|
|
Bump DPDK version to 24.11.1.
Reason behind going for 24.11.1 is that 24.11 was affected by
CVE-2024-11614 which was fixed in the point release.
Type: feature
Change-Id: Ic49a35fe7ac782679df39145e3adfd06f047b031
Signed-off-by: Vladimir Smirnov <civil.over@gmail.com>
|
|
This patch updates async processing logic by adding async event
handlers separately for handshake, read and write events.
Type: improvement
Change-Id: I6366689fec7e29fa9850cb22e20ab3659bf5245a
Signed-off-by: Varun Rapelly <vrapelly@marvell.com>
|
|
This is an sFlow dataplane plugin that can sample
1-in-N packets from device-input, copying them to
a FIFO queue and servicing that queue from a main
process which formats them as Netlink PSAMPLEs,
to be picked up by a popular sidecar agent called
host-sflow.
Type: feature
Change-Id: Ic03456472e53309678f182dc8f74d3c81fb619e6
Signed-off-by: neil.mckee@inmon.com
Signed-off-by: pim@ipng.nl
|
|
Type: fix
-When deleting a veth pair interface in linux, vpp's call to af_packet_fd_error will cause it to hang because it's a worker thread.
Change-Id: I3dc9018e7e492ccbdf0f59381f9bbbfd5c1c88a5
Signed-off-by: fenglei <1579628578@qq.com>
|
|
Implements load balancing between snort instances via flow hash.
New CLI commands have been made to support these changes:
snort attach instance <name1>
[instance <name2> ... ] interface <ifname> [input|output|inout]
snort attach all-instances interface <ifname> [input|output|inout]
snort detach instance <name1> interface <ifname>
snort detach all-instances interface <ifname>
The output of "show snort interfaces" has an extra column to show the
direction of each attachment:
interface instances direction
Ethernet0: snort1 inout
snort2 inout
snort3 inout
Ethernet1: snort1 input
snort3 output
To maintain backwards compatibility for the snort api, the
snort_interface_get api endpoint only returns one of the attached
instances and the snort_interface_detach endpoint detaches all
attached instances.
Type: improvement
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Change-Id: I6b7c26c203496d6a1dba244620907f28c04bb478
|
|
Type: fix
Change-Id: I60338a8c901cf5baf4974ce572f17e70116877df
Signed-off-by: Artem Glazychev <glazychev@mts.ru>
|
|
Plugins such as http_static sometimes reject requests without reading
all of the body. http_static in that case sends an error response and
closes the connection. But the error response cannot go out due to the
connection state being HTTP_REQ_STATE_TRANSPORT_IO_MORE_DATA.
With this change, we make http_app_tx_callback give a response like
that special treatment, allowing it to go out.
Type: fix
Change-Id: I72ae74b869183f5d5921837f6ac9c52f0efc7598
Signed-off-by: Semir Sionek <ssionek@cisco.com>
|
|
- check nl socket before receiving messages
- we don't need extra callback after adding an lcp pair because we start draining messages (due to epoll) right after opening socket
Type: fix
Change-Id: I0ecb03b758f066662015fd6c6b9d3c48cb520c0d
Signed-off-by: Artem Glazychev <glazychev@mts.ru>
|
|
Type: improvement
Change-Id: I4d507b105e5b5ba7dd68d373c7f1ab156a9fc9f1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch adds compatibility check for OCTEON model in plugin.
Type: refactor
Change-Id: Id583a2f42b8f66f7e045f6cf9176125680e9a16f
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
Type: feature
Change-Id: I9f3044aec29a611d4735001ff1943772b7035711
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
Type: improvement
Change-Id: Id863f59d04d8e6f22c886e079367d06908b8b24b
Signed-off-by: Semir Sionek <ssionek@cisco.com>
|
|
Type: improvement
Change-Id: I32ccf1d58a34bc6f64946ffd711dbd2b4f5864f6
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch adapts new changes introduced in crypto framework
as part of 6676d951.
Type: fix
fixes: 6676d951
Change-Id: I7bbe8d87250e072b2891c0eedee1e14642fab4bc
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
Type: improvement
Change-Id: I49d8415ce1d64dc797a0cc43f5382daeaddbe11a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: feature
Change-Id: Ic0ff9b9bfbad9fbc602fbcec0d8906cd21d63a2c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
This patch adapts new changes introduced in crypto framework
as part of 0cf4eef7.
Type: fix
fixes: 0cf4eef7
Change-Id: I41a17c9b340f54014c9d2ae21546ec39ccef3f43
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
Type: test
The sleep interval for this test is set to 0.1 seconds instead of
the default 2 seconds. This change is necessary because the test
verifies the expiration of old IPsec SAs
(self.fail("old IPsec SA not expired")) within a strict timeframe.
A longer sleep interval, such as 2 seconds, would significantly
delay the loop iterations, reducing the granularity of checks for
SA expiration and increasing the risk of false failures.
By setting the sleep interval to 0.1 seconds:
- The test can perform frequent checks for the status of IPsec SAs
- It reduces the likelihood of the test prematurely failing
Change-Id: I92ac3de0f33838620b51083d240043e62f37c490
Signed-off-by: Ivan Ivanets <iivanets@cisco.com>
|
|
Type: fix
Change-Id: I487ee4e69d8885f46d7a4af2c66a710da66108c5
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
New CLI to enable/disable auto-sdl (requires session enable rt-backend sdl)
auto-sdl <enable|disable> [threshold <n>] [remove-timeout <t>]
threshold is defined as the number of packets before the SDL entry is created to deny the source.
remove-timeout is defined as the duration to remove the SDL entry which was created earlier.
Type: feature
Change-Id: I513094a59663970beae33257006c652674643764
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Send rpc evt from ao thread to po thread so http response is generated
on correct thread.
Type: fix
Change-Id: I3b9a651a1935e5b623033902f9cf9ec1daf05617
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Interface tx nodes want frames with scalar data populated by output
nodes. This is not supported by nsim output feature. To avoid
reimplementing output node logic and/or future incompatibilities,
recirculate buffers through interface output after tagging.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ib8865798d8e7dc0d2f34b3e13ce29b683e490ceb
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I87cc6d2ba1a07751359c7276fe096eeae4e30a2e
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie8b4ba2cfd2c7fc1e27d2a2eb763b31417bc0743
|
|
This is first step in process of making crypto engine binaries
less dependant on specific VPP version.
Type: improvement
Change-Id: Ib08135688be409049b660e2b2ac435578b63be65
Signed-off-by: Damjan Marion <dmarion@me.com>
|
|
Type: improvement
cli support enable dns node and config name server addr
Change-Id: I4fcef28876b916bd5eac026f20afb0b0dda38fa2
Signed-off-by: fenglei <1579628578@qq.com>
|
|
Type: docs
Change-Id: Ia2f9f94ebdf55d435559f6615da61efb1d2f9616
Signed-off-by: Hadi Rayan Al-Sandid <halsandi@cisco.com>
|
|
Type: improvement
Change-Id: Ie8568999821f6dd5025fd5343670a8969a3e634e
Signed-off-by: Ole Troan <otroan@employees.org>
|
|
Fix API to handle map_domain_dump for domains with an empty tag.
Type: fix
Change-Id: Ie065c5863538d5851cd8f8907400255f51a2e90f
Signed-off-by: Ole Troan <otroan@employees.org>
|
|
Type: fix
Change-Id: I014aebc84d0c219cc0c99120e9cd51fcc520a41c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Handle "Connection" and "Upgrade" headers in http transport layer which
are used to create a tunnel for some other protocol on the same
connection.
Type: improvement
Change-Id: Icf5479f36fbcc7259b157eaad957211be5ea2aae
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Ief1e97d03b7a934547add35ac3ed1f93f2499a20
|
|
Properly handle incomplete capsule.
Type: fix
Change-Id: Ied7fca861f02e401451beaff09e612bcf471d8e0
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Adds support for tls async processing using OpenSSL.
Adds new CLI command to configure OpenSSL TLS configurations used by
OpenSSL context and session. New CLI format is:
tls openssl set-tls [record-size <size>]
[record-split-size <size>]
[max-pipelines <size>]
Sets default values to below TLS configuration parameters:
- first_seg_size: 32MB
- add_seg_size: 256MB
Type: feature
Signed-off-by: Varun Rapelly <vrapelly@marvell.com>
Change-Id: I990be31fced9e258fdb036f5751cd67594b0bce7
|
|
Type: refactor
Move PPP folder under vnet to the plugin folder, and modify some of path
of the #inlude<header> to the new path.
Add a plugin.c file to register a plugin.
Resolve ip4_input and ip6_input's dependency on PPP functions by moving
those calls to PPP's initialization.
Resolve osi's inter-plugin dependency on PPP by having it retrieve the
function pointer
Add ppp to the list of valid spelling words
JIRA: VPP-2052
Change-Id: I1a26ef0663a91857d13f7d87a3bb14bc38893194
Signed-off-by: Joel Ahn <joeahn@cisco.com>
|
|
Add memif stats per queue for performance tuning.
Type: improvement
Change-Id: Ifacc80c0adfe92075d91179857c8956d1cbf3a70
Signed-off-by: Dau Do <daudo@yahoo.com>
|
|
- when testing multithreaded proxy with udp iperf, iperf wouldn't
connect -> made client_sep a vector so multiple transport protocols
can be saved
Type: fix
Change-Id: I91936bd3214f40deb914792c02783112ae59942c
Signed-off-by: Adrian Villin <avillin@cisco.com>
|
|
Type: improvement
Change-Id: I63c16365a0d4a26b8ecb05bde81ad7b532df50a0
Signed-off-by: Dau Do <daudo@yahoo.com>
|
|
- Replace md5sum with sha256sum for verification of downloaded
external and optional dependencies.
Type: improvement
Change-Id: I52c96098d3cfd4c1eaf599da44a7b859ad24f1a4
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
- added request repeating (repeat <count>|duration <seconds>)
- added basic stats
Type: feature
Change-Id: Ic69eac8029eac31ea5ace5b5c0da1ce7a3543ac0
Signed-off-by: Adrian Villin <avillin@cisco.com>
|
|
Type: improvement
Change-Id: I6c1808a82f61c71f34eab12ae5f99cca5fee8854
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Type: improvement
Change-Id: I45de69172eec54578ceebe87f655701830af1a3d
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Type: improvement
Change-Id: I7c9c91a9c4d3ac2499e42eedda0a5d395bdf5912
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Added cli option idle-timeout to specify connect-proxy timeout for
idle connections, default value 10 minutes.
Type: improvement
Change-Id: I3ced83f28d3aabcc70fbd3ca1ef10b8a0336ffb1
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
Matus Fabian
Kai Ji
Nithinsen Kaithakadan
Vladimir Smirnov
Varun Rapelly
Pim van Pelt
fenglei
Agathiyan Bragadeesh
Artem Glazychev
Semir Sionek
Damjan Marion
Monendra Singh Kushwaha
Ivan Ivanets
Steven Luong
Florin Coras
Damjan Marion
Hadi Rayan Al-Sandid
Ole Troan
Mohsin Kazmi
Joel Ahn
Dau Do
Adrian Villin
Andrew Yourtchenko
Dave Wallace