Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: feature
This changes the behavior of both API calls
APPLICATION_TLS_CERT_ADD & APPLICATION_TLS_KEY_ADD
certificates and keys aren't bound to an app, they are
passed to it via connect / listen using the message
queue.
This should be followed by a per protocol (QUIC/TLS)
crypto_context store to save devrived structs
Change-Id: I36873bc8b63b5c72776c69e8cd9febc9cae31882
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Enforce that variable length fields are the last element of API messages.
Add a 'fixed' version of string type, since dealing with
multiple variable length strings turned out too painful
for the C language bindings.
The string type is now:
{
string name[64]; // NUL terminated C-string. Essentially decays to u8 name[64]
string name[]; // Variable length string with embedded len field (vl_api_string_t)
};
The latter notation could be made available to other types as well.
e.g.
{
vl_api_address_t addresses[];
}
instead of
{
u32 n_addr;
vl_api_address_t addresses[n_addr];
};
Type: fix
Change-Id: I18fa17ef47227633752ab50453e8d20a652a9f9b
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type:refactor
Moves connect, disconnect, bind, unbind and app detach to message
queue from binary api. Simplifies app/vcl interaction with the session
layer since all session control messages are now handled over the mq.
Add/del segment messages require internal C api changes which affect all
builtin applications. They'll be moved in a different patch and might
not be back portable to 19.08.
Change-Id: I93f6d18e551b024effa75d47f5ff25f23ba8aff5
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
This is mostly used for quic in the case of a stream
creation (i.e. connect on an already established QUIC
session). We want do default parent_handle to INVALID
to be able to distinguish it from parent_handle = 0
Change-Id: Id5ac0b0155a3c44e51334231b711e4fd87a96a10
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Needed by QUIC to distinguish Q/Ssessions
Change-Id: Idcc9e46f86f54a7d06ce6d870edec1766e95c82d
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Change-Id: Ia1a628498fa3b639b6b1508f65c6aea1806f73ec
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Instead of waiting for notification from binary api.
Change-Id: I5ecab857d6bcdbed62d6bb06709570c4cf6b19ea
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I03884b6cde9d4c38ae13d1994fd8d37d44016ef0
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I8a680be62ab91d2ccb144641981a635506973a49
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I913ffc963928b74cf4753b6b9a0eed4436887e04
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Allows app workers to listen on the same session endpoint. Incoming
connects are spread across the workers in a round-robin fashion
Change-Id: Ib5f5817230d9abc6127a85cdbdcad70d980c0f7f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Add basic support for app registration of multiple workers. LDP does not
work with multi-worker apps.
Change-Id: I3fc421a2a591a077b275827463f874b261415a63
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Refactor session layer to support multiple workers per application.
Change-Id: Ie67354688d396449d14bbbb8c56050206e307cd8
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- replies should not need to contain client_index since
it is used to identify sender of requests to VPP
Change-Id: Iece3853b3f020054ee1652b149d0cf8d9580db4e
Signed-off-by: Ondrej Fabry <ofabry@cisco.com>
|
|
- support eventfd based mq signaling. Based on configuration, vcl
epoll/select can use either condvars or epoll on mq eventfds.
- add vcl support for memfd segments
- vpp explicitly registers cut-through segments with apps/vcl
- if using eventfd, make ldp allow one call to libc_epoll_create. Needed
for the message queue epfd
- update svm_queue_t to allow blocking calls with eventfd signaling.
Change-Id: I064151ac370bbe29bb16c968bf4e3659c8286bea
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- adds session layer support for datagram based protocols
- updates udp to work in pure connectionless and datagram mode. The
existing connected mode is now 'accessible' for apps as a dummy UDPC,
as in, connected udp, protocol.
- updates udp_echo, echo client, echo server code to work in datagram
mode.
Change-Id: I2960c0d2d246cb166005f545794ec31fe0d546dd
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- add option to use test certificate in the ca chain
- add hostname to extended session endpoint fields and connect api
parameters. If hostname is present, certificate validation is
enforced.
- use /etc/ssl/certs/ca-certificates.crt to bootstrap CA cert. A
different path can be provided via startup config
Change-Id: I046f9c6ff3ae6a9c2d71220cb62eca8f7b10e5fb
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
It consists of two main parts. First, add an application transport type
whereby applications can offer transport to other applications. For
instance, a tls app can offer transport services to other applications.
And second, a tls transport app that leverages the mbedtls library for
tls protocol implementation.
Change-Id: I616996c6e6539a9e2368fab8a1ac874d7c5d9838
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Memfd backed shared memory segments can only be negotiated over sockets.
For such scenarios, the existing redirect mechanism that establishes
cut-through sessions does not work anymore as the two peer application
do not share such a socket.
This patch adds support for local sessions, as opposed to sessions
backed by a transport connection, in a way that is almost transparent to
the two applications by reusing the existing binary api messages.
Moreover, all segment allocations are now entirely done through the
segment manager valloc, so segment overlaps due to independent
allocations previously required for redirects are completely avoided.
The one notable characteristic of local sessions (cut-through from app
perspective) notification messages is that they carry pointers to two
event queues, one for each app peer, instead of one. For
transport-backed sessions one of the queues can be inferred but for
local session they cannot.
Change-Id: Ia443fb63e2d9d8e43490275062a708f039038175
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This is a version of the VPP API generator in Python PLY. It supports
the existing language, and has a plugin architecture for generators.
Currently C and JSON are supported.
Changes:
- vl_api_version to option version = "major.minor.patch"
- enum support
- Added error checking and reporting
- import support (removed the C pre-processor)
- services (tying request/reply together)
Version:
option version = "1.0.0";
Enum:
enum colours {
RED,
BLUE = 50,
};
define foo {
vl_api_colours_t colours;
};
Services:
service {
rpc foo returns foo_reply;
rpc foo_dump returns stream foo_details;
rpc want_stats returns want_stats_reply
events ip4_counters, ip6_counters;
};
Future planned features:
- unions
- bool, text
- array support (including length)
- proto3 output plugin
- Refactor C/C++ generator as a plugin
- Refactor Java generator as a plugin
Change-Id: Ifa289966c790e1b1a8e2938a91e69331e3a58bdf
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I86b2e2c5a655e53a915fbf62ff04ee23c86de234
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I86bfe4e8b0a899cc54c9b37eeb5eec701d0baf3d
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Id5ebb410f509ac4c83d60e48efd54e00035e5ce6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ie42fd77e75e86a45cfe5951768c4638f27fdc3aa
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This introduces 5-tuple lookup tables that may be used to implement
custom session layer actions at connection establishment time (session
layer perspective).
The rules table build mask-match-action lookup trees that for a given
5-tuple key return the action for the first longest match. If rules
overlap, ordering is established by tuple longest match with the
following descending priority: remote ip, local ip, remote port, local
port.
At this time, the only match action supported is to forward packets to
the application identified by the action.
Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I7794d5a0774017da4c1c15f45783a18754994ac8
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Applications are now provided the option to select the namespace they
are to be attached to and the scope of their attachement. Application
namespaces are meant to:
1) constrain the scope of communication through the network by
association with source interfaces and/or fib tables that provide the
source ips to be used and limit the scope of routing
2) provide a namespace local scope to session layer communication, as
opposed to the global scope provided by 1). That is, sessions can be
established without assistance from transport and network layers.
Albeit, zero/local-host ip addresses must still be provided in session
establishment messages due to existing application idiosyncrasies. This
mode of communication uses shared-memory fifos (cut-through sessions)
exclusively.
If applications request no namespace, they are assigned to the default
one, which at its turn uses the default fib. Applications can request
access to both local and global scopes for a namespace. If no scope is
specified, session layer defaults to the global one.
When a sw_if_index is provided for a namespace, zero-ip (INADDR_ANY)
binds are converted to binds to the requested interface.
Change-Id: Ia0f660bbf7eec7f89673f75b4821fc7c3d58e3d1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Add one of these statements to foo.api:
vl_api_version 1.2.3
to generate a version tuple stanza in foo.api.h:
/****** Version tuple *****/
vl_api_version_tuple(foo, 1, 2, 3)
Change-Id: Ic514439e4677999daa8463a94f948f76b132ff15
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: If7fd125989c90240de12953658d10007b9eb4f07
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: I6a566d1dc9531b790bdcb00edc73516f86daeb72
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I72298aaae7d172082ece3a8edea4217c11b28d79
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Major refactoring of the session layer api
- Add attatch api for application binding to the the session layer
- Simplify listen/connect calls
- Update application CLI
- Add transport endpoint to accept callback
- Associate segment manager to application and allow for multiple
binds/connects per app
Additional:
- svm fifo cleanup
- add fifo free, format fns
- add fifo offset enqueue unit test
Change-Id: Id93a65047de61afc2bf3d58c9b544339c02065af
Signed-off-by: Florin Coras <fcoras@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
- Add CLI/API to enable session layer, by default it's disabled
- Improve rcv wnd computation
- Improvements to tx path
- URI code cleanup
- Builtin test tcp server
- Improve src port allocation
Change-Id: I2ace498e76a0771d4c31a8075cc14fe33d7dfa38
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I49e5ce0aae6e4ff634024387ceaf7dbc432a0351
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Florin Coras <fcoras@cisco.com>
|