Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: feature
Basic dtls transport protocol implementation that relies on openssl
wire protocol implementation. Retries/timeouts not yet supported.
To test using vcl test apps, first ensure all arp entries are properly
resolved and subsequently:
server: vcl_server -p dtls 1234
client: vcl_client -p dtls <server-ip> 1234 -U -N 2000000 -T 1460 -X
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I04b4516a8fe9ce85ba230bcdd891f33a900046ed
|
|
The bio interacts directly with the session so it avoids using an
intermediary mem bio and, implicitly, higher memory consumption and an
extra memcpy.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ifb675cfd12df86396a7a738a6cd4d0882c69ad2f
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Icdeddeffd95492ca34f37e1904b1f5f6d150a6bc
|
|
Type: improvement
Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com>
Change-Id: Ie0e6d48d65b0b8b493e9d49cfdf93c645523659a
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iae5dbb8aaaf82d8e95c2ee8bbbe6844c9dd49f80
|
|
Type: fix
Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com>
Change-Id: I61b7988bf6a49a51041bc6085d5f0f4689ff45a6
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I02d60134d6069764da75dc6d206b376a0d46998e
|
|
Type: improvement
Can be used to force app to close a connection on which it still waits
for data.
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7c3a8245cbbc23728e4408feb63a659a11f718ed
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ieb8bb9c6deb92479fdd3e045778fe5ae4782d1ea
|
|
Type: improvement
- allow apps to request rescheduling of tx events via
SESSION_F_CUSTOM_TX flag
- limit max burst per session custom tx dispatch
In tls
- use the new infra to reschedule tx events
- use max burst bytes as upper limit to number of bytes to be encrypted
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I544a5a3337af7ebdff3406b776adf30cf96ebf3c
|
|
Type: improvement
Change-Id: I9dd850a1ce85b0adb5136233f176117e0ee38817
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If4dee6dba1ea942daa921d566b35cdecdda680ee
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie3bc31fc3df662e087f7931de6c274eb3608a2d8
|
|
Type: fix
When async is enabled and request is inflight, delay close oepration
Change-Id: I713078fe9832c1599e8860fc0a6bb98588f20943
Signed-off-by: Yu Ping <ping.yu@intel.com>
|
|
Type: fix
Change-Id: I50329bda365d98f9f9d56a58187fb4fb2a4eb461
Signed-off-by: Yu Ping <ping.yu@intel.com>
|
|
Type: refactor
Make sure one tls ctx has one event availble
Thus ctx has the same life time with event, which can simplify the
management.
Change-Id: I1f4240e7316025d81bb97644946ffa399c00cd76
Signed-off-by: Yu Ping <ping.yu@intel.com>
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iea8abe33cf33036267ccaf58760abc2f48470202
|
|
Type: fix
Ensure listeners for app transport protocols are added to lookup tables
using their session endpoints instead of their transport connections,
which can override the network connection id in the transport connection.
Change-Id: I56fa3666bb1422c0799fc7143cd099751ff6e2e6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Adding few extra checks while doign session validationwq!
Signed-off-by: Srikanth Akula <srakula@cisco.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4d18b5ad97d1802ce38a07aeb56b5f35939c1187
|
|
- unformat_memory_size() writes to a uword *
- Limit cli input to u32
Type: fix
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I453a5633e04f9ee6f2f1a843634f99063a81579b
|
|
VPP would fail in tcp_connection_reset() if the tls
or app session was just created.
Type: fix
Change-Id: I45d107f57e4f3fc468c15ca3392d5e1c413bd690
Signed-off-by: Zeyu Zhang <zeyu.zhang@intel.com>
|
|
Type: fix
Use api with explicit thread index to retrieve tls contex on close.
Change-Id: Ibdc4338747300b7fc8f91ef3e10bcd48ce7ae366
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: refactor
This patch does the following conversions
TLS_ENGINE_X -> CRYPTO_ENGINE_X
tls_engine_type_t -> crypto_engine_t
It does not change numbering of engines
Change-Id: I872dfaec3a6713bf4229c84d1ffd98b8b2419995
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: feature
This changes the behavior of both API calls
APPLICATION_TLS_CERT_ADD & APPLICATION_TLS_KEY_ADD
certificates and keys aren't bound to an app, they are
passed to it via connect / listen using the message
queue.
This should be followed by a per protocol (QUIC/TLS)
crypto_context store to save devrived structs
Change-Id: I36873bc8b63b5c72776c69e8cd9febc9cae31882
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type:fix
Also fix transport close while handshake is ongoing.
Change-Id: I004c56d2297d0847c2cb77202f8fba3edaacad29
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type:fix
Change-Id: I5994fb53dc4b9fd58920b3d67472c38b41db27c2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type:fix
Also changes the way the ctx is freed. TLS now waits for tcp delete
notification before freeing the ctx.
Change-Id: I2f606a9ce7b3755ae9d11d6fe714fe11b65dcb98
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
Control ack generation and retransmissions with session layer scheduler.
Change-Id: Iacdf9f84ab81f44851980aa45a83e75f29be2b7b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type:fix
Change-Id: I528b7cfcb7a6aada94ee3649378e6fbe84d2e4e6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This reduces the memory required by tls and quic, allowing to run them
(and their tests) in more constrained environments by default.
Change-Id: I954081c725fb4f5f173db1f8e76922d957c5b0a2
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Type: fix
|
|
Add a thread_index argument to half-open and listener session formatters
because QUIC can have listeners and half-open sessions in any thread.
Change-Id: I1de60e35ece4c68ba8cfdd6b63f211bc620d687b
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Type: feature
|
|
Type: refactor
Change-Id: I4e0afc206e4871596c2ed8a6ca00914a379f1526
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: refactor
Change-Id: I97fa59a0ba0b6b7a98698926020ffffcf6ae6ba3
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
a bit like QUIC, and the added function can get the endpoint info in TLS,
so that the VCL layer can get those info correctly
Change-Id: Ied7aa3077087c1814499364dfa7654a088ad9910
Signed-off-by: Yu Ping <ping.yu@intel.com>
|
|
Change-Id: I11ac3e4f59206902e5dfc326f815c877c5dd6643
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I77ad9eb4d4c7699397aa4be6a973ef37c60db4c5
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I6169ebdd3ac2d5d77fd2e12068c8aab6d8072c03
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- disconnect sessions through session layer apis instead of directly
notifying the app worker.
- improve cli
- increase fifo sizes for tls app
Change-Id: I8a7d2865b3b00724e2a9da29fa4a906ea867da9b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Idbf7f3a57dc399798b8dba9463daeb7d66470ab1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I675f7090fa6b2ffdfb4ee748df858bfb7e39ce5a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Iad119e05ae5e570fbfcf66747c95822cee647c99
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: If4c7efaf6506a827e7a95a56c2f6b6060df03fa1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I7ccc948357d815a1bd4279a7079cf4db2949183c
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I1662ec4b5503cb64a8a86a2441842311d959b3a6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I89d240753b3f3c5e984aa303a7c8fa35fa59bf7f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Make app-listener the handle for app listens. Consequently transport and
local listen sessions are now associated to the app-listener.
Change-Id: I9397a26d42cccb100970b6b4794c15bac2e11465
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- move transport specific types to transport_types
- add transport wrapper functions for interaction with transport
protocol vfts
Change-Id: I93f70d884585fc2f41c4a605e310c80e8a8972f2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Rename core data structures. This will break compatibility for out of
tree builtin apps.
- stream_session_t to session_t
- server_rx/tx_fifo to rx/tx_fifo
- stream_session.h to session_types.h
- update copyright
Change-Id: I414097c6e28bcbea866fbf13b8773c7db3f49325
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Avoid allocating session and possibly reallocating thread session pool
on builtin session rx.
Change-Id: I70e7c604678b44ce8d22603489e247a2c5faa439
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Curernt code will overwrite parent_app_api_context, and defer the
setting after this value is used in callback.
Change-Id: Ie16e432fd0f4214e6deff3aa3b58b3be824b0331
Signed-off-by: Ping Yu <ping.yu@intel.com>
|