| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
The service was called "irmd", but it makes a bit more sense to give
it the system name. Only the service name is changed, the irmd binary
remains irmd.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
| |
The pff option was removed from irm tool in favor of selecting it from
the routing policy.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
| |
The manpage mentions that bind works for programs, but not specify
that these must be Ouroboros native programs. This is now added.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
| |
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a per-message symmetric encryption using the OpenSSL
library. At flow allocation, an Elliptic Curve Diffie-Hellman exchange
is performed to derive a shared secret, which is then hashed using
SHA3-256 to be used as a key for symmetric AES-256 encryption. Each
message on an encrypted flow adds a small crypto header that includes
a random 128-bit Initialization Vector (IV). If the server does not
have OpenSSL enabled, the flow allocation will fail with an -ECRYPT
error.
Future optimizations are to piggyback the public keys on the flow
allocation message, and to enable per-flow encryption that maintains
the context of the encryption over multiple packets and doesn't
require sending IVs.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
| |
The documentation and package point to the imec site, which is now
moved to ouroboros.rocks
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
| |
The UDP IPCP now uses a fixed server UDP port (default 3435) for all
communications. This allows passing firewalls more easily since only a
single port needs to be opened. The client port can be fixed as well
if needed (default random). It uses an internal eid, so the MTU of the
UDP layer is reduced by 4 bytes, similar to the Ethernet IPCPs.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
| |
Updates the copyright notice in all sources to 2019.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
| |
The Ouroboros man page will now include broadcast IPCPs and are
updated to reflect the latest API.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
| |
Patch for previous commit, which was broken.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
| |
Renames port_id to flow_id according to updated nomenclature.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
| |
The FLOWSFLAGS command was recently obsoleted with the removal of
online reconfiguration of FRCT.
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
| |
This will change SDU (Service Data Unit) to packet everywhere. SDU is
OSI terminology, whereas packet is Ouroboros terminology.
Signed-off-by: Sander Vrijders <[email protected]>
Signed-off-by: Dimitri Staessens <[email protected]>
|
|
|
|
|
|
|
|
|
|
| |
This revises the delta-t implementation to align with Watson's timer
specifications. FRCT will never deliver out-of-order packets. A raw
flow (without delta-t state machine) will be able to provide such a
service.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
| |
The event type of the current event in the fqueue can now be requested
using the fqueue_type() command. Currently events for packets
(FLOW_PKT), flows (FLOW_UP, FLOW_DOWN) and allocation (FLOW_ALLOC,
FLOW_DEALLOC) are specified. The implementation only tracks FLOW_PKT
at this point.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The reg/unreg API is simplified to registering and unregistering a
single name with a single IPCP. The functionality associated with
registering names was moved from the IRMd to the irm tool. The
function to list IPCPs was simplified to return all IPCPs in the
system with their basic properties needed for management.
The above changes led to some needed changes in the irm tool and the
management functions that were depending on the previous behaviour of
list_ipcps.
Command line functionality to list IPCPs in the system is also added
to the irm tool.
Some older code was refactored.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows disabling partial reads. It adds a flag FLOWFRNOPART that
disables partial reads. Partial read is different from partial
delivery (FRCTFPARTIAL), which allows delivery of fragments of an
incomplete packet and thus potentially corrupted data. FLOWFRNOPART
will never deliver corrupted data (unless FRCTFPARTIAL is also set).
If FLOWFRNOPART is set and the buffer provided to flow_read is too
small for the SDU, that SDU will be discarded and -EMSGSIZE is
returned;
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This implements partial read of packets if the buffer supplied to
flow_read() is smaller than the packet in the buffer. If the number of
bytes returned by flow_read equals the size of the buffer, the next
read() will deliver the next bytes of the packet (or 0 if the packet
was exactly the size of the buffer on the previous read).
Implements #7.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds an IPC Process that uses DIX Ethernet with an Ethertype that
is configurable at bootstrap. This allows parallel DIX layers over the
same Ethernet network with different Ethertypes (and one LLC
layer). It allows jumbo frames in the future, and should avoid the
problems we have with some routers not handling LLC traffic very
well. The destination endpoint ID is sent as a 16 bit integer, so the
maximum payload is 1498 bytes in standard Ethernet, and 8998 bytes
when Jumbo frames are used.
The implementation is very similar to the Ethernet LLC IPCP, so it is
implemented using preprocessor macros in the single source instead of
duplicating code.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
| |
This adds the FLOWGRXQLEN and FLOWGTXQLEN operations to fccntl to get
the number of packets that are in the receive and transmit buffers
respectively. The flow statistics are updated to show these queue
lengths.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
| |
This makes the TTL non-optional and allows the maximum (initial) value
of the TTL to be specified at bootstrap (the default is set to
60). The fd in the DT PCI is now called EID (Endpoint ID). The names
"dif" and "ae" have been replaced by "layer" and "component"
respectively in all sources.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
| |
This changes the build to use GNUInstallDirs instead of hardcoded
values. Package maintainers can then override these defaults by
passing the correct value to cmake on the command line.
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
| |
This adds the Creative Commons Attribution License 4.0 to the man
pages instead of the Copyright. Also fixes the data in version.h.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
| |
There was a wrongly inserted "s" in the name of the udp IPCP.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes the terminology to use layer instead of DIF and deprecate
the word "shim" for the IPCPs that attach to Ethernet LLC and UDP .The
terminology has not yet been changed in the variable names etc.
This reflects the design choices in Ouroboros to make IPCPs pure
resource allocators instead of also providing an "IPC service". The
Ouroboros IPCPs that attach to Ethernet and UDP implement the
allocator and are thus not really shims.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
| |
The ouroboros.8 man page contained some bad formatting symbols.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
| |
The raptor code is refactored to completely remove reduntant code
relating to addresses. The dependency on the google protocol buffers
is removed. The build system will only build raptor if the relevant
kernel module is found on the system. The irm tool and the relevant
documentation are updated.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
|
| |
This refactors ouroboros to use "program" instead of "application
process" and "process" instead of "application process instance" to
align with current naming in current Operating Systems courses instead
of the ISO nomenclature adopted by RINA. This change permeates through
the entire implementation. Also contains some minor other refactors.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
| |
The binding of the normal IPCP to its name is moved from the source
code to the irm tool introducing the "autobind" option for the
bootstrap and enroll commands. With this option, the IPCP will be
bound to the IPCP name and the DIF name automatically.
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
|
| |
The FLOWFNONBLOCK flag now has two subflags FLOWFRNOBLOCK and
FLOWFWNOBLOCK which allows setting the behavior of read and write
independently. The default behavior is unchanged (blocking read and
write).
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
| |
Removed a self-reference in ouroboros-tutorial. Fixes some style
issues in ouroboros(8).
Signed-off-by: dimitri staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
|
|
|
|
|
|
|
|
|
| |
This adds user documentation for the Ouroboros User Manual in man
sections 7 and 8. It consists of a general man page, a tutorial and a
glossary.
It also fixes and updates other manpages in the Ouroboros Programmer's
Manual.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit deprecates ouroboros_init and ouroboros_fini and adds them
as a constructor or destructor, causing these function to be run
automatically when a program that links to the library calls and exits
main(). For this to fully work, the library had to be split so that we
can avoid the irmd calling these functions (the IRMd has to create the
shm structures on which these calls depend).
The library is split in 3 parts: libouroboros-dev, libouroboros-irm
and libouroboros-common. The latter is linked to the other two so that
including libouroboros-dev or libouroboros-irm will also link
libouroboros-common.
|
|
|
|
|
| |
The option to mark a flow as down was missing from the manpage of
fccntl.
|
|
|
|
|
|
|
|
| |
This adds the flow down event to Ouroboros. In the shim-eth-llc, a
netlink socket is opened which listens to device up/down events. For
each event the flow is then adjusted with fccntl to notify the user
the flow is down or back up again. In the normal IPCP an event is
thrown if a write reports that the flow is down.
|
|
|
|
|
|
|
| |
This replaces the flow_set_* commands with a single fccntl command
that can configure flows and the FRCT instance.
For more details, see "man 3 fccntl".
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This revises the build system to have configuration per system
component. System settings can now be set using cmake.
The standard compliance defines were removed from configuration header
and are set in the sources where needed. Also some small code
refactors, such as moving the data for shims out of the ipcp structure
to the respective shims were performed.
|
|
|
|
| |
Fixes #35
|
|
|
|
|
|
| |
This will install the manpages found in doc/man/ during installation.
Fixes #38
|
| |
|
| |
|
|
This commit contains only the sources, correct installation requires
gzip and copying the files to /usr/local/man/man3/flow_alloc.3.gz. We
need to have a look at integrating this in the build system in an
efficient way.
|