Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: fix
Change-Id: I33dc4cf7b6c69f74c7bf4971ce59442678b878ef
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: refactor
Change-Id: I25f1cc3969c6a6ec1384079dc437537acd2ec152
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This fix was first made in
commit fdea5c6a00b74971dbb1b7ec4e25839a871006ca
but was subsequently lost in
commit 053204ab039d34a990ff0e14c32ce3b294fcce0e
Added unit test for setting VTR on a non-sub-interface to
help ensure no future regressions of this ability.
Type: fix
Change-Id: I71ce2684fb72383741455829ae2d397ea2e95eae
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
We discard unwanted events until we get an ACCEPTED.
But if we are non-blocking we need to check the queue
length every time and EAGAIN if empty before waiting.
Type: fix
Signed-off-by: Carl Smith <carl.smith@alliedtelesis.co.nz>
Change-Id: Ie0c7e5cb00f0d37d2e1534f8bb384221ff56f2e3
|
|
Type: refactor
Change-Id: I2c6b59013bfd21136a2955442c779685f951932b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
If a client application is built against 19.08, it can dump the "manifest" of API signatures.
Either the all APIs (--dump) or the APIs it is interested in (--dumpfiltered).
When the developers of said client application wants to verify that it works with VPP 20.01.
It can connect to VPP and --validate the old mainfest file, and will be told a list of
messages (both request and reply) that has changed.
import argparse
from vpp_papi import VPP
import sys
import argparse
parser = argparse.ArgumentParser()
group = parser.add_mutually_exclusive_group()
group.add_argument("--dump", action="store_true")
group.add_argument("--dumpfiltered", action="store_true")
group.add_argument("--validate", action="store_true")
args = parser.parse_args()
vpp = VPP(use_socket=True)
vpp.connect(name='apimanifest')
if args.validate:
# Verify manifest
message_table = eval(sys.stdin.read())
missing = vpp.validate_message_table(message_table)
print ('Changed message signatures: {}'.format(missing))
elif args.dump:
# Output manifest to stdout
print('{}'.format(vpp.dump_message_table()))
elif args.dumpfiltered:
# Output manifest to stdout
filterlist = eval(sys.stdin.read())
print('{}'.format(vpp.dump_message_table_filtered(filterlist)))
vpp.disconnect()
Type: feature
Change-Id: I7e708b36f599ed88e4864970c8593cc2fe5fbf61
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Having session enable in config file wasn't
working for multiple workers
Type: fix
Change-Id: Ib29ba540a6e1d714e7e470f4c7518e3d266fe7ca
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Change-Id: Ib5c9de9c9053b8339f514ff648a75c3b56b55215
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: Iea7d73a304236b525b95bdad3bfdb41e711f8cdb
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
opt_data is defined as a array, while in some code, e.g., function
vnet_crypto_get_op_type, it's used as vec.
vec api is not applicable to static arraies.
src/vnet/crypto/crypto.h:234:70: error: address of array 'cm->opt_data' will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
vnet_crypto_op_data_t *od = ({ do { if ((0 > 0) && ! ((id) < ((cm->opt_data) ? (((vec_header_t *) (cm->opt_data) - 1)->len) : 0)))
Type: fix
Change-Id: I0b6754406e4216ca975bc1da4b5d4ce293a9bb45
Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com>
|
|
Type: feature
Also make sure that size for dlmalloc allocated private segments is
accurate.
Change-Id: I6ec81ff99a13dd29b9664d768835a68019f0c96c
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Set vm->check_frame_queues after actually enqueuing a frame. Under
obscure circumstances, the code managed to set check_frame_queues so
far in advance that 100 dispatch cycles could elapse before the frame
enqueue succeeded. That resulted in permanent lack of queue service.
Type: fix
Ticket: VPP-1734
Fixes: 18191
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: If2d398202b4ba2b96581d25e8142daef3f74c9e5
|
|
Type: feature
- retransmit first unacked segment if newer retransmitted packets
are acked
- avoid spurious retransmits if recovery ends with sacked bytes
Change-Id: Ic1b56d22e025822edb7609afb136e47440ea6032
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This provides a functional interface to IP fragmentation.
Allowing external features to fragment. Supports
arbitrary encap size, for e.g. MPLS or inner fragmentation
of tunnels.
This also removed dual loop in MAP that was fundamentally broken.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ia89ecec8ee3cbe2416edbe87630fdb714898c2a8
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Autoconfigure router advertisements for delegated prefixes.
Clean up a longstanding issue. If vpp receives a dhcpv6 renew reply,
do NOT reset per-delegated-prefix timers. That prevented vpp from
sending a solicit to renew the delegation on time. That, in turn
caused the RA code to send advertisements with valid_time =
preferred_time = 0. That causes almost any downstream client to throw
away its delegated address.
Miscellaneous changes
o src/vnet/ip/ip6_neighbor.c - always memset elements allocated from pools
to zero. DGMS.
o Remove debug spew from the ipv6 connection-tracker plugin
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I428feccdc47efdc413898600e0d62916928a6eb7
|
|
Type: feature
Change-Id: I700d999771d837604dd0571741f4f0bcbec82403
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
|
|
Type: fix
Change-Id: I7416e827fbc5c63d082273656441c81dd6246d8a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: Ib6a8f5ca597389700e5746f089a5cec7eee65ab5
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Keep trying even if the interface in question is not "admin-up,
link-up." In real life, it's normal for link autonegotiation to take a
good fraction of a second. The driver layer takes care of packets sent
to an interface which can't transmit at the moment.
Renew address leases at the preferred renewal time, not at the
expiration time.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I68ec1c52cc1f4a8aa256185820748b845e92f7c1
|
|
Type: fix
Fixes: Ide0bb276659119c59bdbbc8b8155e37562a648b8
Change-Id: I4db18508910d5fe5f5df4d902e15cf19b10c0621
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: make
Change-Id: If822c85d6ff26982516ea1d597ca81aa84773b2b
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I694db40c3a0361852d01b84c7a45e32e39e9f4af
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
When creating rdma interface without specifying a name, we need to
generate one instead of NULL.
Type: fix
Change-Id: If41870691dec47e8e673d48ac4b4ddffd2385a03
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
APIs for dedicated IPSec tunnels will remain in this release and are
used to programme the IPIP tunnel protect. APIs will be removed in a
future release.
see:
https://wiki.fd.io/view/VPP/IPSec
Type: feature
Change-Id: I0f01f597946fdd15dfa5cae3643104d5a9c83089
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
Use sid returned by vcl_session_connected_handler instead of trying to
infer it from vpp session handle.
Change-Id: Ic0fbb90ec2bd851b435fc3f2a34265ac9a8ab29f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
Change-Id: I402f4c88dee70fbb0b3b61dc4e0a4034d24d8b56
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I38ee9efd23774cce7790565825527cca9ba6f200
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: Ia18632c8fe22bdcfdf3cb48a4234f8703a7ac1d7
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: style
Change-Id: If28a4959c1d60ab1caf22dbc8b72d9adf7060bd4
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
Raw('\xaf) and Raw(b'\xaf) are two quite different things in python 2 versus 3.
In most cases this didn't make a difference, apart from those cases where length
of payload actually mattered.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I3cba5c1486e436a3ca8aa10a7b393da75aa9f6b9
|
|
This patch improves the GCM encrypt and decrypt performance using
the dedicated API provided by intel-ipsec-mb library. This helps
remove the overhead caused by the JOB API.
Type: feature
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: I00c9ab3ed9f2660093fb2584feb8bca4979acee8
|
|
Type: feature
Change-Id: I5bbf37969c9c51e40a013d1fc3ab966838eeb80d
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
- Fix AAD initialization. With use-esn the aad data consists of the SPI
and the 64-bit sequence number in big-endian order. Fix the u32 swapped
code.
- Remove salt-reinitialization. The GCM code seems inspired by the GCM
RFCs recommendations on IKE keydata and how to produce a salt
value (create an extra 4 octets of keying material). This is not IKE
code though and the SA already holds the configured salt value which
this code is blowing away. Use the configured value instead.
Type: fix
Change-Id: I5e75518aa7c1d91037bb24b2a40fe4fc90bdfdb0
Signed-off-by: Christian Hopps <chopps@labn.net>
|
|
Type: fix
crypto perf test crashes for key size different than 16 bytes.
This patch fixes the issue
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: Ic8a8ca83ca189c879815dc5d065b8c6f7826cd41
|
|
Type: fix
Change-Id: I6f7df0d358f57f7feadb9b7a3fcffb99558b2af8
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
On multiworker setup when an app client dies, the
vec_reset_length call fails the assert in
clib_mem_is_heap_object. Same thing might happen for
the clib_warnings
Change-Id: I369f9d2dbe60407c84994a4e8d25f6df7848ca93
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: feature
Crypto contexts are a per protocol cache for storing
crypto related connection data. They share a common
interface with generic properties : cert, key, engine
and session refcount.
Change-Id: I8165e05afbcc6ecb3777b6abeab62c369d2fe9ed
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: feature
* vpp echo adds and dels a cert and key pair for each run
* it passes the crypto engine to be used (openssl, picotls, vpp, mbedtls)
Change-Id: Iaba1de2e6abb510e6c4edbe84b2324b2f4843f26
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
quic choice used ckpair is now the one passed to
connect or listen via mq.
The crypto engine is chosen with the value passed to
connect or listen via mq:
* If NONE(0) is provided, we default to quic_main.
default_crypto_engine (picotls at init, can be changed
via debug cli : quic set crypto api [crypto engine])
* If PICTOLS/VPP is provided, use this one
* Other values return an error
Type: feature
Change-Id: Ifab893d6d03c83f202e6c7e7a9936f546a4b1530
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: feature
This patch adds the logic to pass to connect &
listen msg in the mq the following parameters
* ckpair index
* crypto engine (for now only used in quic)
Change-Id: I7213d8b581cb4532a9a6b18c4b3fe021287b7733
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Change-Id: I57b3c76515544ba3655690b37e0dacb47734ba6d
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Change-Id: Ie50625271d257da814445ce13c2e6cd98986d523
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Signed-off-by: Aleksander Djuric <aleksander.djuric@gmail.com>
Change-Id: I5e0eb7024d208040d79e9d6db863f41e2ecf4ee6
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: feature
Along with the port information, we need to validate the IP address details as well.
This is very useful in the case port re-use scenario
Signed-off-by: Srikanth Akula <srakula@cisco.com>
Change-Id: I11e1ebcd3e56aae47ac235a89606a83c928aa6bb
|
|
The CI gate will fail if there are typos in the docs.
writing output... [ 21%] events/Summits/OpensourceSummit...
writing output... [ 22%] events/Summits/UKNO/2017_04_30_...
featuresbyrelease/vpp16.06.rst:34:Rasberry:vpp16.06
writing output... [100%] usecases/vppinazure
Spelling checker messages written to /vpp/docs/_build/html/output.txt
Warning, treated as error:
Found 1 misspelled words
Makefile:31: recipe for target 'html' failed
make[1]: *** [html] Error 2
make[1]: Leaving directory '/vpp/docs'
If you introduce a term that is not recognized,
please add it to custom dictionary at
docs/spelling_wordlist.txt.
Type: feature
Change-Id: Id49be4fbee617f544f1ab8e78e7de8a4df36448b
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
DPDK have bug which will be fixed in 19.11.
Type: fix
Change-Id: I6c0058928e5991d61b3c5fcba706f35e6886b0f2
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: feature
fts and trex rely on yaml config files. Verify
that they are valid, so comitters can catch
errors early.
Change-Id: Ide0bb276659119c59bdbbc8b8155e37562a648b8
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: fix
As udp_session.opaque is qctx index, qctx free
needs to happen after session cleanup. This patch
also introduces
* assert timer stop on ctx free
* debug cli for listing quic ctx
Change-Id: I3a58d226b094a0bbdf090b4f3eccbc2e11c6329b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type:feature
For cases when proxy is in use IPv6 flow label received in origin pkt needs to be added
to ipv6 header of outgoing pkts from proxy to original destination and vice versa.
Signed-off-by: Tarun Gupta <tarungup@cisco.com>
Change-Id: I143f7e67237c0f865333078628a016b50ad5e630
Signed-off-by: Tarun Gupta <tarungup@cisco.com>
|
|
Type: fix
Since CentOS 8, RPM build script doesn't accept '#!/usr/bin/env python'
as a valid shebang line. It requires scripts to explicitly chose
between python2 or python3.
Change all to use python3 as suggested by Paul Vinciguerra.
Depends-On: https://gerrit.fd.io/r/23170
Signed-off-by: Renato Botelho do Couto <renato@netgate.com>
Change-Id: Ie72af9f60fd0609e07f05b70f8d96e738b2754d1
|