ivampiresp/Spdk - Spdk - Leaflow Developers

ivampiresp/Spdk

Fork 0

Commit Graph

Author	SHA1	Message	Date
Boris Glimcher	6212597bda	sock/ssl: Add psk_key and psk_identity options to spdk_sock_impl_opts Note, this change only sets defaults for the ID/KEY, more specific use cases like NVMe/TCP may set the ID and KEY on a per connection basis. Also simplify PSK identity string, that isn't NVMe focused. NVMe libraries using this will need to construct more complicated identity strings and pass them to the sock layer. Example: rpc.py sock_impl_set_options -i ssl --psk-key 4321DEADBEEF1234 rpc.py sock_impl_set_options -i ssl --psk-identity psk.spdk.io ./build/examples/perf --psk-key 4321DEADBEEF1234 --psk-identity psk.spdk.io ./build/examples/hello_sock --psk-key 4321DEADBEEF1234 --psk-identity psk.spdk.io Change-Id: I1cb5b0b706bdeafbccbc71f8320bc8e2961cbb55 Signed-off-by: Boris Glimcher <Boris.Glimcher@emc.com> Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/13759 Reviewed-by: Jim Harris <james.r.harris@intel.com> Reviewed-by: Ben Walker <benjamin.walker@intel.com> Reviewed-by: Paul Luse <paul.e.luse@intel.com> Tested-by: SPDK CI Jenkins <sys_sgci@intel.com> Community-CI: Mellanox Build Bot	2022-08-15 16:52:28 +00:00
Boris Glimcher	806744b7c8	sock: Add ktls and tls_version to spdk_sock_impl_opts Since `sock_impl_opts` was added to `sock_opts` Can remove `ktls` and `tls_version` from spdk_sock_opts Example: rpc.py sock_impl_set_options -i ssl --enable-ktls rpc.py sock_impl_set_options -i ssl --disable-ktls rpc.py sock_impl_set_options -i ssl --tls-version=12 ./build/examples/perf --enable-ktls ./build/examples/perf --disable-ktls ./build/examples/perf --tls-version=12 Check kTLS statistics here: /proc/net/tls_stat Change-Id: Icf7ee822bad92fda149710be77feb77fc8d4f163 Signed-off-by: Boris Glimcher <Boris.Glimcher@emc.com> Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/13510 Tested-by: SPDK CI Jenkins <sys_sgci@intel.com> Community-CI: Mellanox Build Bot Reviewed-by: Konrad Sztyber <konrad.sztyber@intel.com> Reviewed-by: Jim Harris <james.r.harris@intel.com>	2022-07-22 06:41:39 +00:00
Boris Glimcher	3781c0ea85	test/nvmf: TLS test This new test uses new ssl socket implementation to create and test NVMe/TCP with TLS. Signed-off-by: Boris Glimcher <Boris.Glimcher@emc.com> Change-Id: I8c8f81fbc20d5811ecbc94d849a364e4f3f3945c Signed-off-by: Boris Glimcher <Boris.Glimcher@emc.com> Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/12379 Community-CI: Broadcom CI <spdk-ci.pdl@broadcom.com> Tested-by: SPDK CI Jenkins <sys_sgci@intel.com> Reviewed-by: Ben Walker <benjamin.walker@intel.com> Reviewed-by: Shuhei Matsumoto <smatsumoto@nvidia.com> Reviewed-by: Jim Harris <james.r.harris@intel.com>	2022-06-20 14:59:47 +00:00

Author

SHA1

Message

Date

Boris Glimcher

6212597bda

sock/ssl: Add psk_key and psk_identity options to spdk_sock_impl_opts

Note, this change only sets defaults for the ID/KEY,
more specific use cases like NVMe/TCP may set the ID and KEY on a per connection basis.

Also simplify PSK identity string, that isn't NVMe focused.
NVMe libraries using this will need to construct more complicated
identity strings and pass them to the sock layer.

Example:
  rpc.py sock_impl_set_options -i ssl --psk-key 4321DEADBEEF1234
  rpc.py sock_impl_set_options -i ssl --psk-identity psk.spdk.io

  ./build/examples/perf --psk-key 4321DEADBEEF1234 --psk-identity psk.spdk.io

  ./build/examples/hello_sock --psk-key 4321DEADBEEF1234 --psk-identity psk.spdk.io

Change-Id: I1cb5b0b706bdeafbccbc71f8320bc8e2961cbb55
Signed-off-by: Boris Glimcher <Boris.Glimcher@emc.com>
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/13759
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Ben Walker <benjamin.walker@intel.com>
Reviewed-by: Paul Luse <paul.e.luse@intel.com>
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
Community-CI: Mellanox Build Bot

2022-08-15 16:52:28 +00:00

Boris Glimcher

806744b7c8

sock: Add ktls and tls_version to spdk_sock_impl_opts

Since `sock_impl_opts` was added to `sock_opts`
Can remove `ktls` and `tls_version` from spdk_sock_opts

Example:
  rpc.py sock_impl_set_options -i ssl --enable-ktls
  rpc.py sock_impl_set_options -i ssl --disable-ktls
  rpc.py sock_impl_set_options -i ssl --tls-version=12

  ./build/examples/perf --enable-ktls
  ./build/examples/perf --disable-ktls
  ./build/examples/perf --tls-version=12

Check kTLS statistics here: /proc/net/tls_stat

Change-Id: Icf7ee822bad92fda149710be77feb77fc8d4f163
Signed-off-by: Boris Glimcher <Boris.Glimcher@emc.com>
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/13510
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
Community-CI: Mellanox Build Bot
Reviewed-by: Konrad Sztyber <konrad.sztyber@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>

2022-07-22 06:41:39 +00:00

Boris Glimcher

3781c0ea85

test/nvmf: TLS test

This new test uses new ssl socket implementation
to create and test NVMe/TCP with TLS.

Signed-off-by: Boris Glimcher <Boris.Glimcher@emc.com>
Change-Id: I8c8f81fbc20d5811ecbc94d849a364e4f3f3945c
Signed-off-by: Boris Glimcher <Boris.Glimcher@emc.com>
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/12379
Community-CI: Broadcom CI <spdk-ci.pdl@broadcom.com>
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
Reviewed-by: Ben Walker <benjamin.walker@intel.com>
Reviewed-by: Shuhei Matsumoto <smatsumoto@nvidia.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>

2022-06-20 14:59:47 +00:00

3 Commits