]>
git.proxmox.com Git - mirror_kronosnet.git/log
Fabio M. Di Nitto [Thu, 25 Jul 2019 07:24:26 +0000 (09:24 +0200)]
[nozzle] fix a few coverity errors in the test suite
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 25 Jul 2019 06:28:34 +0000 (08:28 +0200)]
[tx] drop unnecessary usleep when sending to localhost
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 24 Jul 2019 11:59:47 +0000 (13:59 +0200)]
[common] make sure string is null terminated
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 24 Jul 2019 11:46:51 +0000 (13:46 +0200)]
[test] simplify flush log
allocate on stack only once and make sure strings are null terminated
drop useless read loop since log msg are always smaller than PAGE_SIZE
and read are atomic at that level
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 24 Jul 2019 09:00:00 +0000 (11:00 +0200)]
[nozzle] avoid tons of possible buffer overruns
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 24 Jul 2019 06:38:56 +0000 (08:38 +0200)]
[PMTUd] do not double unlock global read lock
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 23 Jul 2019 07:15:15 +0000 (09:15 +0200)]
[coverity] add test targets to run coverity automatically
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 13:39:57 +0000 (15:39 +0200)]
[compress] do not overrun allocated array for compress modules
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 11:31:32 +0000 (13:31 +0200)]
[logging] make sure not to overrun buffers by pre-allocating them
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 11:12:36 +0000 (13:12 +0200)]
[compress] don't leak memory in case of errors during zstd init
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 11:09:05 +0000 (13:09 +0200)]
[nozzle] don't leak memory on error
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 11:04:54 +0000 (13:04 +0200)]
[nozzle] fix negative return detected by coverity scan
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 09:57:36 +0000 (11:57 +0200)]
[sctp] cleanup bugs detected in error paths by coverity scan
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 09:08:32 +0000 (11:08 +0200)]
[acl] avoid forward null deferencing
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 08:43:58 +0000 (10:43 +0200)]
[rx] better error report if we can't resolve hostname / port
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 08:36:43 +0000 (10:36 +0200)]
[common] fix dlopen error handling
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 08:23:14 +0000 (10:23 +0200)]
[tests] fix knet_bench coverity errors
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 05:59:01 +0000 (07:59 +0200)]
[sctp] revalidate fd to make coverity scan happy
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 05:50:37 +0000 (07:50 +0200)]
[handle] make sure that the pmtud buf contains at least knet header size
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 05:11:56 +0000 (07:11 +0200)]
[rx] align data types
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 18 Jul 2019 05:03:11 +0000 (07:03 +0200)]
[sctp] free access list only if the socket is valid
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Mon, 15 Jul 2019 13:10:15 +0000 (15:10 +0200)]
[sctp] fix deference after null check
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 17 Jul 2019 07:41:20 +0000 (09:41 +0200)]
[coverity] add .travis.yml to integrate CI with coverity scan
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 26 Jun 2019 03:31:23 +0000 (05:31 +0200)]
[compress] fix #if def around BZIP2 testing
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 26 Jun 2019 03:31:06 +0000 (05:31 +0200)]
[compress] fix a few minor space vs tab and code formatting
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
yuan ren [Tue, 25 Jun 2019 13:55:26 +0000 (21:55 +0800)]
[compress]Default compression level use
1. add test casees for a module without default.Using default
compression level.
2. Discuss with Fabio, invalid compression level not the knet
responsible for, so error logged. But if compress success but
dstLen larger than srcLen, defualt compression level will be
used, because the request level is not effective.
Signed-off-by: yuan ren <yren@suse.com>
yuan ren [Mon, 17 Jun 2019 11:58:20 +0000 (19:58 +0800)]
Default compress level use
Discuss with Fabio, invalid compression level not the knet
responsible for, so error logged. But if compress success but
dstLen larger than srcLen, defualt compression level will be
used, because the request level is not effective.
Signed-off-by: yuan ren <yren@suse.com>
Fabio M. Di Nitto [Wed, 21 Aug 2019 07:17:46 +0000 (09:17 +0200)]
Merge pull request #232 from kronosnet/stable1-proposed
stable1-proposed
Fabio M. Di Nitto [Wed, 21 Aug 2019 04:26:41 +0000 (06:26 +0200)]
[build] bump soname to indicate new API call
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 20 Aug 2019 04:57:45 +0000 (06:57 +0200)]
[PMTUd] add ability to manually override MTU and disable PMTUd
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 13 Aug 2019 04:41:32 +0000 (06:41 +0200)]
[PMTUd] add dynamic pong timeout when using crypto
problem originally reported by proxmox community, users
observed that under pressure the MTU would flap back and forth
between 2 values due to other node response timeout.
implement a dynamic timeout multiplier when using crypto that
should solve the problem in a more flexible fashion.
When a timeout hits, those new logs will show:
[knet]: [info] host: host: 1 (passive) best link: 0 (pri: 0)
[knet]: [debug] pmtud: Starting PMTUD for host: 1 link: 0
[knet]: [debug] pmtud: Increasing PMTUd response timeout multiplier to (4) for host 1 link: 0
[knet]: [info] pmtud: PMTUD link change for host: 1 link: 0 from 469 to 65429
[knet]: [debug] pmtud: PMTUD completed for host: 1 link: 0 current link mtu: 65429
[knet]: [info] pmtud: Global data MTU changed to: 65429
[knet]: [debug] pmtud: Starting PMTUD for host: 1 link: 0
[knet]: [debug] pmtud: Increasing PMTUd response timeout multiplier to (8) for host 1 link: 0
[knet]: [debug] pmtud: Increasing PMTUd response timeout multiplier to (16) for host 1 link: 0
[knet]: [debug] pmtud: Increasing PMTUd response timeout multiplier to (32) for host 1 link: 0
[knet]: [debug] pmtud: Increasing PMTUd response timeout multiplier to (64) for host 1 link: 0
[knet]: [debug] pmtud: PMTUD completed for host: 1 link: 0 current link mtu: 65429
[knet]: [debug] pmtud: Starting PMTUD for host: 1 link: 0
[knet]: [debug] pmtud: Increasing PMTUd response timeout multiplier to (128) for host 1 link: 0
[knet]: [debug] pmtud: PMTUD completed for host: 1 link: 0 current link mtu: 65429
and when the latency reduces and it is safe to be more responsive again:
[knet]: [debug] pmtud: Starting PMTUD for host: 1 link: 0
[knet]: [debug] pmtud: Decreasing PMTUd response timeout multiplier to (64) for host 1 link: 0
[knet]: [debug] pmtud: PMTUD completed for host: 1 link: 0 current link mtu: 65429
....
testing this patch on normal hosts is a bit challenging tho.
Patch was tested by hardcoding a super low timeout here:
diff --git a/libknet/threads_pmtud.c b/libknet/threads_pmtud.c
index
4f0ba0f ..
5e2b89b 100644
--- a/libknet/threads_pmtud.c
+++ b/libknet/threads_pmtud.c
@@ -261,7 +271,8 @@ retry:
/*
* crypto, under pressure, is a royal PITA
*/
- pong_timeout_adj_tmp = dst_link->pong_timeout_adj * 2;
+ //pong_timeout_adj_tmp = dst_link->pong_timeout_adj * dst_link->pmtud_crypto_timeout_multiplier;
+ pong_timeout_adj_tmp = 30 * dst_link->pmtud_crypto_timeout_multiplier;
} else {
pong_timeout_adj_tmp = dst_link->pong_timeout_adj;
}
and using a long running version of api_knet_send_crypto_test with a short PMTUd setfreq (10 sec).
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Mon, 12 Aug 2019 14:52:59 +0000 (16:52 +0200)]
[PMTUd] rework the whole math to calculate MTU
internal changes:
- drop the concept of sec_header_size that was completely wrong
and unnecessary
- bump crypto API to version 3 due to the above change
- clarify the difference between link->proto_overhead and
link->status->proto_overhead. We cannot rename the status
one as it would also change ABI.
- add onwire.c with documentation on the packet format
and what various len(s) mean in context.
- add 3 new functions to calculate MTUs back and forth
and use them around, hopefully with enough clarification
on why things are done in a given way.
- heavily change thread_pmtud.c to use those new facilities.
- fix major calculation issues when using crypto (non-crypto
was not affected by the problem).
- fix checks around to make sure they match the new math.
- fix padding calculation.
- add functional PMTUd crypto test
this test can take several hours (12+) and should be executed
on a controlled environment since it automatically changes
loopback MTU to run tests.
- fix way the lowest MTU is calculated during a PMTUd run
to avoid spurious double notifications.
- drop redundant checks.
user visible changes:
- Global MTU is now calculated properly when using crypto
and values will be in general bigger than before due
to incorrect padding calculation in the previous implementation.
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 2 Aug 2019 08:44:23 +0000 (10:44 +0200)]
[PMTUd] fix MTU calculation when using crypto and add docs
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 2 Aug 2019 08:43:09 +0000 (10:43 +0200)]
[docs] add knet packet layout
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 31 Jul 2019 12:15:07 +0000 (14:15 +0200)]
[udp] log information about detected kernel MTU
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 30 Jul 2019 09:18:33 +0000 (11:18 +0200)]
[crypto] fix log information
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 27 Jun 2019 08:55:23 +0000 (10:55 +0200)]
[threads] allow knet_handle_setfwd to flush socket queues
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 25 Jun 2019 11:30:23 +0000 (13:30 +0200)]
[tests] ignore libnss errors from OpenSuse Tumbleweed
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Sun, 16 Jun 2019 05:41:49 +0000 (07:41 +0200)]
[tests] ignore libnss errors from OpenSuse 15
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 12 Jun 2019 10:24:41 +0000 (12:24 +0200)]
Merge pull request #223 from kronosnet/stable1-proposed
Stable1 proposed
Fabio M. Di Nitto [Wed, 12 Jun 2019 03:23:47 +0000 (05:23 +0200)]
[global] update copyrights
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 12 Jun 2019 03:21:24 +0000 (05:21 +0200)]
[global] clarify license entry per file to match README.licence
libraries code: LGPL-2.0+
binaries code and other files: GPL-2.0+
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 11 Jun 2019 14:09:54 +0000 (16:09 +0200)]
[doc] fix a merge oversight from
541d7faf9068d10e12b4278c35825ce1353db081
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 11 Jun 2019 09:54:08 +0000 (11:54 +0200)]
[crypto] hide errors generated by openssl 1.1.1c
see also:
https://github.com/kronosnet/kronosnet/issues/226
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930061#12
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 11 Jun 2019 07:26:02 +0000 (09:26 +0200)]
[crypto] openssl: drop calls to RAND_seed as they donĀ“t really help RNG
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930061#12 for reference
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
yuan ren [Thu, 6 Jun 2019 05:46:01 +0000 (13:46 +0800)]
[crypto]openssl error strings release
In versions prior to OpenSSL 1.1.0, ERR_free_strings() releases
any resources created by ERR_load_crypto_strings.
Signed-off-by: yuan ren <yren@suse.com>
Fabio M. Di Nitto [Mon, 3 Jun 2019 16:13:04 +0000 (18:13 +0200)]
[transports] fix incorrect merge when cherry-picking
7033ddab505a0cf3655115fe5037579b7c882a8c
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 28 May 2019 04:14:29 +0000 (06:14 +0200)]
[crypto] fix openssl1.0 initialization code
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 28 May 2019 03:35:24 +0000 (05:35 +0200)]
[PMTUd] extend internal rerun API to allow full PMTUd reset
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 28 May 2019 03:24:47 +0000 (05:24 +0200)]
[crypto] rework knet_handle_crypto external API to be more solid
the API was rather weak and could potentially leave traffic uncrypted
in case of certain, corner case, failures.
this patch is a subset of a bigger rework of the crypto layer that
will in future allow runtime reconfiguration without traffic disruption
of the crypto config.
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Mon, 27 May 2019 10:42:33 +0000 (12:42 +0200)]
[crypto] make sure to trigger a PMTUd rerun on each good crypto config change
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Mon, 27 May 2019 10:37:15 +0000 (12:37 +0200)]
[PMTUd] create common/shared code to trigger PMTUd rerun
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Mon, 27 May 2019 10:25:55 +0000 (12:25 +0200)]
[crypto] make sure to clear all security info on crypto_fini
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Christine Caulfield [Fri, 24 May 2019 09:09:47 +0000 (10:09 +0100)]
misc: Fix more covscan warnings
The only serious bug here is in transport_udp.c
(see bottom of patch), the rest are mostly detail.
covscan still reports a lot of errors against doxyxml, most of
which are because it doesn't understand the libqb hashtables.
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Christine Caulfield [Fri, 17 May 2019 07:44:08 +0000 (08:44 +0100)]
misc: some coverity fixes
In rough order of seriousness:
1. Fix clock_gettime() in pmtud so that it's always called, as
variable 'clock_now' is always read.
2. Allow space for trailing NUL in libnozzle device names
3. Fix api_nozzle_run_updown_test so it can run out of the build tree
4. Disallow a 0 length prefix in libnozzle
5. Fix potential use of NULL pointer on doxyxml
6. Free 'name' in doxyxml as it's *not* in the map any more
7. Fix dead code in libknet API functions left by code changes
Fabio M. Di Nitto [Tue, 14 May 2019 04:57:36 +0000 (06:57 +0200)]
[spec] use ldconfig_scriptlets only when defined
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 14 May 2019 03:53:12 +0000 (05:53 +0200)]
[spec] drop support for init scripts
no rpm distros left that support old fashion init scripts
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Mon, 13 May 2019 04:55:36 +0000 (06:55 +0200)]
[spec] fix a bunch of rpmlint errors
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Mon, 13 May 2019 04:02:06 +0000 (06:02 +0200)]
[spec] reconciliate fedora spec file into upstream spec file (part 1)
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Sun, 12 May 2019 05:22:41 +0000 (07:22 +0200)]
[spec] clean up useless conditionals and defines
fix a couple of minor conditionals in the process
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Sun, 25 Feb 2018 08:08:10 +0000 (09:08 +0100)]
[spec] be more strict about plugins version and architecture depedencies
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Sun, 25 Feb 2018 07:42:55 +0000 (08:42 +0100)]
[spec] use distro conditionals to determine BuildRequires
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Sun, 12 May 2019 04:59:00 +0000 (06:59 +0200)]
[spec] fix upstream URLs to point to https and official release repo
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=
1708616
also to be noted, the Source0: line is different from upstream and Fedora
because upstream can handle tarballs during development
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 9 May 2019 14:36:07 +0000 (16:36 +0200)]
[build] bump soname to indicate new API calls
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 26 Mar 2019 12:45:52 +0000 (13:45 +0100)]
[global] update copyright across the board
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 30 Apr 2019 03:42:48 +0000 (05:42 +0200)]
[man] fix libknet.h for errors detected by newly added test
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 11 Apr 2019 07:31:00 +0000 (09:31 +0200)]
[tests] improve wait for packet implementation to flush logs during wait
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 11 Apr 2019 07:30:27 +0000 (09:30 +0200)]
[tests] hide an arm internal memory leak (non-recurring)
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 10 Apr 2019 06:40:50 +0000 (08:40 +0200)]
[compress] add support for libzstd
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Chrissie Caulfield [Tue, 12 Mar 2019 13:55:25 +0000 (13:55 +0000)]
manpages: Document enums (#206)
And also fix a bug in structure printing that caused it to print the wrong name for a struct.
Fabio M. Di Nitto [Thu, 7 Mar 2019 17:42:20 +0000 (18:42 +0100)]
[tests] remove stray comment
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Sat, 9 Mar 2019 06:03:25 +0000 (07:03 +0100)]
[logging] fix log target of recently added API calls
spotted during sctp testing
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 7 Mar 2019 14:31:28 +0000 (15:31 +0100)]
[access lists] add more extensive test for links_acl_ip
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Christine Caulfield [Thu, 7 Mar 2019 10:04:41 +0000 (10:04 +0000)]
acl: Fix English in commments
Fabio M. Di Nitto [Wed, 6 Mar 2019 12:08:34 +0000 (13:08 +0100)]
[access lists] add public API tests
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Wed, 6 Mar 2019 08:43:10 +0000 (09:43 +0100)]
[access lists] improve checks on various data types
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 5 Mar 2019 04:16:29 +0000 (05:16 +0100)]
[access lists] test implicit access lists management for UDP, SCTP and LOOPBACK
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Mon, 4 Mar 2019 12:07:04 +0000 (13:07 +0100)]
[access lists] add external API calls to manage access lists
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Sat, 2 Mar 2019 06:49:19 +0000 (07:49 +0100)]
[access lists] add documentation for enable_access_list
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 28 Feb 2019 13:55:27 +0000 (14:55 +0100)]
[transports / access list] add internal API to gather which fd to use for access lists given a certain link struct
this is required for the external API that has to be transport indepedent
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 28 Feb 2019 07:22:43 +0000 (08:22 +0100)]
[access lists] rename ip1/2 to ss1/2 to keep it more generic
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 26 Feb 2019 12:34:11 +0000 (13:34 +0100)]
[access lists] use arrays to access per-protocol functions
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 26 Feb 2019 11:12:09 +0000 (12:12 +0100)]
[access lists] use better name for fd_tracker structure
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 26 Feb 2019 10:37:49 +0000 (11:37 +0100)]
[access lists] confine access lists data structs within the protocol itself
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Tue, 26 Feb 2019 09:43:04 +0000 (10:43 +0100)]
[access lists] add errno around and start using them
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 22 Feb 2019 06:08:29 +0000 (07:08 +0100)]
[access lists] fix build on BSD and add some include files around
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 22 Feb 2019 05:53:48 +0000 (06:53 +0100)]
[access lists] make internal API consistent
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 9 May 2019 13:44:41 +0000 (15:44 +0200)]
[links] rename tranport_type to transport to avoid confusion (part 2)
complements
be9d053efafc822cabd696914d53b5dfe25fb4fd due to early
cherry-pick of
7033ddab505a0cf3655115fe5037579b7c882a8c
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 22 Feb 2019 04:31:42 +0000 (05:31 +0100)]
[links] rename transport_type to transport to avoid confusion
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 22 Feb 2019 04:29:07 +0000 (05:29 +0100)]
[access lists] remove 2 unnecessary wrappers
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 22 Feb 2019 04:21:29 +0000 (05:21 +0100)]
[access lists] cleanup API a bit
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 22 Feb 2019 04:17:57 +0000 (05:17 +0100)]
[access lists] more use of generic wrappers and remove duplicate code
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 22 Feb 2019 04:04:20 +0000 (05:04 +0100)]
[access lists] move access lists structs and data types to links_acl.*
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 22 Feb 2019 03:53:23 +0000 (04:53 +0100)]
[access lists] move all acl wrappers to links_acl* and split links_acl_ip to their own files
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Sun, 17 Feb 2019 08:49:06 +0000 (09:49 +0100)]
[access lists] fix build on freebsd
don't use malloc.h, obsoleted by stdlib.h
define s6_addr32 that's only available in kernel space
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Sun, 17 Feb 2019 06:49:13 +0000 (07:49 +0100)]
[access lists] add access lists support to sctp
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Sun, 17 Feb 2019 06:32:59 +0000 (07:32 +0100)]
[access lists] enable generic access lists only for protocols that use them
protocols such as SCTP that use their own access list tracking will
need to setup access lists in transport_link_set/clear_config
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Fri, 15 Feb 2019 09:57:45 +0000 (10:57 +0100)]
[access lists] enable access lists for GENERIC_ACL protocols (udp for example)
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 14 Feb 2019 06:23:09 +0000 (07:23 +0100)]
[access lists] allow knet_bench to enable/disable access lists
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Fabio M. Di Nitto [Thu, 14 Feb 2019 05:47:41 +0000 (06:47 +0100)]
[access lists] add tests for default access lists
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>