Age | Commit message (Collapse) | Author | Files | Lines |
|
The following patch adds a stronger cryptographic suite to IKEv2 implementation.
The following algorithms can now be used for integrity checking in IKEv2 implementation (responder and initiator):
- hmac-sha2-256-128
- hmac-sha2-384-192
- hmac-sha2-512-256
The default integrity checking method was set to hmac-sha2-256-128.
The default PRF function was set sha2-256.
Change-Id: Ia82b4cbbf3067b19b8487040dbefbaf4c9319548
Signed-off-by: Berenger Foucher <berenger.foucher@stagiaires.ssi.gouv.fr>
|
|
- the FIB path takes a vector of type fib_mpls_label_t not u32 so the untype safe vec_add did not work
- write som eSR-MPLS tests
- allow an MPLS tunnel to resolve through a SR BSID
Change-Id: I2a18b9a9bf43584100ac269c4ebc286c9e3b3ea5
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ib1601d01a54296e72be3bbfa057fce965549b02b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Remove the expensive RPC call for every received packet and replace it with
lock-protected direct calls. Reinstate RPC for the less frequent
notification traffic.
Adjust the wakeup event sending logic to minimize the number of events
sent, by measuring the time it takes from sending the event to processing
it, and subsequently not sending the event if the pending wake-up time
is within 2x or the event propagation delay.
Eventually: remove oingo / oingoes.
Change-Id: I0b3d33c5d029527b54867a97ab07f35f346aaa3d
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Steve Shin <jonshin@cisco.com>
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I603094215162bfe7d41bbff1b9fe8ab974aa3fab
Signed-off-by: Ping Yu <ping.yu@intel.com>
|
|
Change-Id: I221cebddc45efbfdec428b7df2af96e2aedff2dd
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Move the binary api segment above 4gb
Change-Id: I40e8aa7a97722a32397f5a538b5ff8344c50d408
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I48f32fdf1859420d2966dd8553f3a8f9a082e2ae
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Iac6e1c32cf99c5392a29f7366401b7fc39e463e3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I43832cdadda820772ba9052890bba59b24e70c6c
Signed-off-by: Eyal Bari <ebari@cisco.com>
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I3281f65f7dec792d56de48afb39efcc2fed8578b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I1f741b66ab8e3ecbb5c0d248b72e52c56545d5f3
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I7e6045514d58010258889cadd220b7efcef7c1b9
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I1382021a6f616571b4b3243ba8c8999239d10815
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ibcb7105fa7e3c09efdce01bccd4de235fe33ea99
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I3a0f48381232fcac1727034aa6d2504a8d1edb04
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I2a25bba675fc9c84e5d391533e92b9a041637405
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Refactor session layer to support multiple workers per application.
Change-Id: Ie67354688d396449d14bbbb8c56050206e307cd8
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
this is the same behaviour as other tunnel types
Change-Id: I6439f692bc2bc18f12eea599e0e06b9eaa5eb128
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I9228ce29e9d2fc862a2d076b4072bcdd728d6dd1
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
sup hw int is needed only for unicast validation
Change-Id: I5e5753c09d1c16fdb2435b4db5628a2379fe6f96
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I89e8052f2d2c36dd3de5255c4ee570722dc58227
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I0f5c1dc99610b65646c3b5cf8da7aea273371e4d
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- perf improvement is around 3 clock per packet
- it properly prefetches ip header and rewrite area
Credits to zhiyong.yang@intel.com for spotting that in some cases
rewrite area is not prefetched.
Change-Id: Ie02913de7bd7f42b7df2617fb5fa87c74ab53c23
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch resolves the coverity warning.
Change-Id: I3f5e664b442fa9bcafd28c67283596570dc1244d
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Change-Id: Ifaef196a24fa9b6924f2b9692318f69763cee5e1
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
Change-Id: I4907f48e6c4a4e91343fd0d4fface00f09e5fa2b
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
reorder structs for less padding
Change-Id: Id05123f5bac870e1c585b3aa2177d9e3a6f8d70b
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: Ic4c42c5610a827234e6582501f0ddcba47aa34ee
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ic18aa0fb42a72b5e0ebbfbebdefc7582cb46b5ea
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
Change-Id: I294be184764b45777d6e5e44f5d742b2c8732de4
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
Change-Id: Ibc59323e849810531dd0963e85493efad3b86857
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
VPP-1368
Change-Id: I6373f76ba87184a91b517712eafb4ee1f5cea59e
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Not only is it wasteful to send all fragments back through ip4-lookup, but
it doesn't work with tunnel mechanisms that don't have IP enabled on their
payload side.
Change-Id: Ic92d95982dddaa70969a2a6ea2f98edec7614425
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
GCC 7 found this issue with a compiling warning,
and this bug has been confirmed by module owner.
Change-Id: If29e857b3a87f91f08674aee6993b075fcff87e7
Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com>
|
|
move un-necessary session based operation to listener
split orignal openssl ctx to be session based ctx and listen ctx
Change-Id: Id6c54f47b0e2171fd8924a45efcd5266ce5402d5
Signed-off-by: Ping Yu <ping.yu@intel.com>
|
|
The root cause is it uses a dangling reference after memory move
Need to call session_alloc first, then use index to get the app
listener point
Change-Id: If5b7e0d6ddc761e5327660c47ce620e375319b4d
Signed-off-by: Ping Yu <ping.yu@intel.com>
|
|
- replies should not need to contain client_index since
it is used to identify sender of requests to VPP
Change-Id: Iece3853b3f020054ee1652b149d0cf8d9580db4e
Signed-off-by: Ondrej Fabry <ofabry@cisco.com>
|
|
- context should be first field for reply messages,
just like it is for all other 545 replies
Change-Id: Ib291036d3389dbc26c8e9194966d01cab81534aa
Signed-off-by: Ondrej Fabry <ofabry@cisco.com>
|
|
Change-Id: Ic20eea8f2fd19dd3c1728a1f7c622ef0c9728f81
Signed-off-by: ahdj007 <dong.juan1@zte.com.cn>
|
|
Change-Id: I30788c0dd1ee012e786bb3127bf2743ab0bfdc70
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Change-Id: I68b55fc641da9dacc3343628b3e0cf77d3533313
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This significantly reduces need for
...
in multiarch code. Simply constructor macros will jost create static unused
entry if CLIB_MARCH_VARIANT is defined and that will be optimized out by
compiler.
Change-Id: I17d1c4ac0c903adcfadaa4a07de1b854c7ab14ac
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I39f87ca161c891fb22462a23188982fef7c3243f
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Change-Id: I8d1072cf9ff9f502302fd906c5590e0f3698dc60
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
- support eventfd based mq signaling. Based on configuration, vcl
epoll/select can use either condvars or epoll on mq eventfds.
- add vcl support for memfd segments
- vpp explicitly registers cut-through segments with apps/vcl
- if using eventfd, make ldp allow one call to libc_epoll_create. Needed
for the message queue epfd
- update svm_queue_t to allow blocking calls with eventfd signaling.
Change-Id: I064151ac370bbe29bb16c968bf4e3659c8286bea
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Iff557f566ebc9ab170d75da1233997d83b8c8a66
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: Iadfbe3c0d0c6dcec2b4ccf1695bd234358f6969a
Signed-off-by: shubing guo <guo.shubing@zte.com.cn>
|
|
Change-Id: I3c714c519b6d0009329b50947ce250c18ee2a85a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
... rather than re-implementing the loop
Change-Id: I20bede8403c804cbec654db9b7020a4d01e5bc18
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|