Age | Commit message (Collapse) | Author | Files | Lines |
|
Half-open tls sessions are now tracked by the app worker and are cleaned
up only when tcp cleans up its half-open session, i.e., independent of
when the established tls context is allocated.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If5d594d7095192dd527daf4ea1358ffeccdfcc7a
|
|
App transports not supported for now. Will have to be updated
individually.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I75cb6c4e1c5af008af72858a9ee573016812abd4
|
|
Some app(e.g. Envoy) may call shutdown() instead of close() when
draining connection.
Type: improvement
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: I9543b9ca3caa87b10b134fd1fc4019124e41e4d2
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie46824f95f9488b04fa1f701ff94345e2dc83de2
|
|
Pass tls/quic crypto context using extended config instead of bloating
conect/listen messages.
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0bc637ae310e6c31ef1e16847501dcb81453ee94
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic8d9386fef37ffd3446aaeb93a96ee6d60633831
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ifdd6024daf044751895bb8d2deabad41d3a80c92
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9488ad7e045c908b60b5821d9c48583f6d513c2f
|
|
Avoid synchronizing producers and the consumer. Instead, only use mutex
or spinlock (if eventfds are configured) to synchronize producers.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie2aafbdc2e07fced5d5e46ee2df6b30a186faa2f
|
|
Remove the deprecated tls apis.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia1e12bd813671146f0aca22e83d04c23ac13e595
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic373cd2c11272da539eb4b0db27227f36f2f9688
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id8e77e8b2623be719fd43a95e181eaa5b7df2b6e
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I06c7022a6afbb146b23cbd3a430497ec9e8be73d
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibebb6f7d4e610570693e213acd2f6d9332c563c6
|
|
This is an af_unix socket alternative to the binary api. To enable it,
add use-app-socket-api under session stanza in startup.conf. When the
socket api is enabled, attachments through the binary api are disabled.
The socket api only works with memfd fifo segments, i.e., shm segments
are not supported.
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I55ffcee201d004846daeeec85c700c7e7a578d43
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7228a01d38e61cc00358419b2512ca0da4f76ff5
|
|
Currently, mutlti-threads only support one dispatch thread and multiple
worker threads, eventually only dispatch thread is a vcl worker and can
interact with epoll.
This patch will register all threads as vcl worker, and then each
thread can interact with epoll now. Moreover, session migration also
supported, such as socket created in thread A and used (bind, connect
and etc.) in thread B.
Type: feature
Signed-off-by: hanlin <hanlin_wang@163.com>
Change-Id: Iab0b43a33466968c1423d7d20faf1460c8589d91
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I664cd14c84fc5cf2ffe61efce99c95219b44fad7
|
|
Request connected udp listener behavior by setting
VPPCOM_ATTR_SET_CONNECTED attribute with vppcom_session_attr
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iba95155c0f41cea8c6e1a4263946270d49c213ac
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie47546ef36590b90ed481b14cf812afbecf7981c
|
|
Type: improvement
Can be used to force app to close a connection on which it still waits
for data.
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7c3a8245cbbc23728e4408feb63a659a11f718ed
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6b750bef5df0f8544e05177ccd480f87a020832d
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4a3861e31ca42faf0b59f8f09393fb10413bf3af
|
|
Type: improvement
Change-Id: I9dd850a1ce85b0adb5136233f176117e0ee38817
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6aaaec20a2b6d4c6ddfbe659d9402acc1be2f7e2
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4ee46a6c3c53c58199c275e20702f7fd11b60d9a
|
|
- Allowing application to register custom fifo-tuning-logic.
- Adding an example custom fifo-tuning-logic in hs_app/proxy.
Type: feature
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2aca14d1f23d5c3c9debb7f4c46aca3a15a8d1b9
|
|
1. segment manager would attempt to balance the usages across
the segments, when it allocate fifos
2. the memory presure level is determined per fifo-segment
3. updated unit test
4. updated cli output for segments
Type: feature
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Change-Id: I2923f3e0a43dd919196a0cb2cd55e098fde6cf66
|
|
Type: feature
Change-Id: I7f8e3763d7f8364563a25d0fcc782976b906b325
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
Change-Id: I402549818ba6e078802e914293304174dc6625c2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: refactor
Change-Id: I32234173ebd69f80acb1afa4039fffbd19157f6d
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
Make quic use the crypto contexts. This introduces a crypto context
pool backed by a hashtable giving ctx indexes by connect params
(ckpair, engine, rx & tx fifo sizes).
Applications keep the initialization vector common.
Change-Id: I22ed6711196cd70a2f2f74240f12113c7af8dfcd
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: feature
Change-Id: I3a642626a444504594c5e3df40dbc92df54136f0
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: refactor
Change-Id: I5ec7079d34826edd7a3048ae1d44037386f5d3ff
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: feature
Crypto contexts are a per protocol cache for storing
crypto related connection data. They share a common
interface with generic properties : cert, key, engine
and session refcount.
Change-Id: I8165e05afbcc6ecb3777b6abeab62c369d2fe9ed
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: feature
This patch adds the logic to pass to connect &
listen msg in the mq the following parameters
* ckpair index
* crypto engine (for now only used in quic)
Change-Id: I7213d8b581cb4532a9a6b18c4b3fe021287b7733
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
OpenSSL TLS is well maintained and many issues are fixed, and it makes
OpenSSL as the default engine will be more friendly to users if app does
not configure a specific engine such as http_static
Type: fix
Change-Id: I37499af1edd40ffb53b00436044d1fce3b43348d
Signed-off-by: Yu Ping <ping.yu@intel.com>
|
|
Type: feature
Change-Id: I888d415ff645b3827df7d4cfb0d3c5f4ac940617
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
Change-Id: I40169fbbe8a20670dd612c341b6c78b5c925bf74
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Connect ctrl message recently outgrew the maximum ctrl msg size, so
increase the limit. Also add static asserts for messages that could
potentially exceed the limit.
Change-Id: I0d3e32e0d4d67d7e222cff14ddba59a0c3fb8b00
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: I865534de9f16bff586106e0850f131de1e9cbf24
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: refactor
This patch does the following conversions
TLS_ENGINE_X -> CRYPTO_ENGINE_X
tls_engine_type_t -> crypto_engine_t
It does not change numbering of engines
Change-Id: I872dfaec3a6713bf4229c84d1ffd98b8b2419995
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: feature
This changes the behavior of both API calls
APPLICATION_TLS_CERT_ADD & APPLICATION_TLS_KEY_ADD
certificates and keys aren't bound to an app, they are
passed to it via connect / listen using the message
queue.
This should be followed by a per protocol (QUIC/TLS)
crypto_context store to save devrived structs
Change-Id: I36873bc8b63b5c72776c69e8cd9febc9cae31882
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: refactor
Change-Id: I4f370b09e22dbbc8920272df9a042dae04825bfc
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Change-Id: Iaa8045bba19cc305c84074668a20e1468d431b10
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Change-Id: I0807f84737d5e98e69e9ed27a1de6813b2ddd138
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type:refactor
Moves connect, disconnect, bind, unbind and app detach to message
queue from binary api. Simplifies app/vcl interaction with the session
layer since all session control messages are now handled over the mq.
Add/del segment messages require internal C api changes which affect all
builtin applications. They'll be moved in a different patch and might
not be back portable to 19.08.
Change-Id: I93f6d18e551b024effa75d47f5ff25f23ba8aff5
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
Change-Id: Ia9a5b1a6d85c7f3f2e6db583b33b5b20029a1e88
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: I26a6af7f92316f7a8a5309047b3b3605b87ca327
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
In contrast to the closing notification, whereby a transport informs
the session layer that is beginning the closing procedure, this allows
transports to notify the session layer of the fact that the transport is
"fully" closed, i.e., it expects no more data.
Also:
- adds app closed state for sessions
- changes tcp to have it notify when an active close has finished
Type: feature
Change-Id: I13c738006c03f85015e05ab82843a33a69382aaf
Signed-off-by: Florin Coras <fcoras@cisco.com>
|