Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Unwrap KEK outside the main loopprototype/fdb-encryption | Eric Avdey | 2020-04-07 | 2 | -35/+355 |
| | |||||
* | Cache AAD alongside of KEK | Eric Avdey | 2020-04-07 | 1 | -21/+22 |
| | |||||
* | Change interface for plugin's unwrap_kek | Eric Avdey | 2020-04-07 | 3 | -13/+13 |
| | | | | | | If getting KEK requires a database name, then depending on an encryption provider it could be also necessary for unwrapping it too, so pass it to unwrap function just in case. | ||||
* | Use macro to choose old vs new crypto API depending on OTP version | Eric Avdey | 2020-04-07 | 1 | -5/+26 |
| | |||||
* | Make sure to use mocked config call in get_mek_failure_test | Eric Avdey | 2020-04-07 | 1 | -0/+1 |
| | |||||
* | Switch to couch_keywrap in encryption provider | Eric Avdey | 2020-04-07 | 2 | -43/+125 |
| | |||||
* | Use a record for cache entries for better clarity | Eric Avdey | 2020-04-07 | 1 | -4/+9 |
| | |||||
* | Delegate AAD generation to encryption plugin | Eric Avdey | 2020-04-07 | 3 | -20/+41 |
| | |||||
* | Request wrapped KEK out of encryption server loop | Eric Avdey | 2020-04-07 | 1 | -6/+39 |
| | |||||
* | Improvements in encryption server | Eric Avdey | 2020-04-07 | 1 | -32/+31 |
| | | | | | | | | - Set sensitive flags on workers - Use longer timeout for all the calls - Don't trap exit - No superfluous init_st - Properly drain waiters on the server termination | ||||
* | Encrypt whole stored in fdb value, not just doc body | Eric Avdey | 2020-04-07 | 2 | -34/+33 |
| | | | | | | | | Instead of serializing and encrypting doc body separately this changes approach to encrypt the whole stored term prior chunkifying. This is now possible because we not depend on a stored in term update counter to derive a key anymore and saves a term/bin convertion per doc write/read. | ||||
* | Rename encode/decode methods to encrypt/decrypt | Eric Avdey | 2020-04-07 | 2 | -25/+28 |
| | |||||
* | Revert from using update counter back to doc revs for key derivation | Eric Avdey | 2020-04-07 | 2 | -42/+33 |
| | | | | This reverts commit 8f9a988c875973a530806be492cb731b55bf7d12. | ||||
* | Change encryption provider to be default | Eric Avdey | 2020-04-07 | 3 | -12/+19 |
| | | | | | | | When encryption provided registred in epi's provider chain it intercepts the call chain preventing alternative plugins from working. This changes it to be just a default module, so it'll be used when no other encryption plugins registered. | ||||
* | Implement key management as an epi plugin | Eric Avdey | 2020-04-07 | 5 | -29/+132 |
| | |||||
* | Add on/off config switch for encryption | Eric Avdey | 2020-04-07 | 3 | -15/+37 |
| | |||||
* | Switch from rev to update counter for key derivation | Eric Avdey | 2020-04-07 | 2 | -28/+34 |
| | |||||
* | Switch to old crypto API for now | Eric Avdey | 2020-04-07 | 1 | -7/+9 |
| | |||||
* | Add basic tests | Eric Avdey | 2020-04-07 | 1 | -0/+38 |
| | |||||
* | Store wrapped KEK in db config | Eric Avdey | 2020-04-07 | 2 | -22/+60 |
| | |||||
* | Add basic KEK cache | Eric Avdey | 2020-04-07 | 1 | -5/+15 |
| | |||||
* | Grab KEK in main server loop | Eric Avdey | 2020-04-07 | 1 | -10/+11 |
| | |||||
* | Don't block encryption server on encode/decode operations | Eric Avdey | 2020-04-07 | 1 | -17/+80 |
| | |||||
* | Add basic data encryption | Eric Avdey | 2020-04-07 | 3 | -3/+153 |
| | |||||
* | remove defer and load_ddocs from mango_utils | Garren Smith | 2020-04-06 | 2 | -63/+0 |
| | | | | Clean up unused mango_utils functions. | ||||
* | update mango tests to work with Mango on FDB | Garren Smith | 2020-04-06 | 14 | -136/+129 |
| | |||||
* | Update mango test creds to same as elixir tests | Garren Smith | 2020-04-06 | 3 | -5/+5 |
| | |||||
* | Update Mango query to work with couch_views | Garren Smith | 2020-04-06 | 9 | -147/+139 |
| | |||||
* | Add mango indexing | Garren Smith | 2020-04-06 | 7 | -19/+187 |
| | | | | | | This uses couch_views_updater to create mango indexes in the doc update along with the couch_views_indexer to update the indexes in the background up to the creation versionstamp. | ||||
* | Remove quorum stats | Garren Smith | 2020-04-06 | 3 | -13/+1 |
| | | | | Removing quorum stats since they are not relevant with FDB. | ||||
* | Remove view_cb predicate push down | Garren Smith | 2020-04-06 | 1 | -94/+1 |
| | | | | | Removes the view callback that was performed on the nodes before sending the results back to the co-ordinator. | ||||
* | remove unneeded r/w parameter | Garren Smith | 2020-04-06 | 6 | -67/+6 |
| | |||||
* | remove partition opts from mango | Garren Smith | 2020-04-06 | 10 | -200/+10 |
| | |||||
* | remove mango native proc | Garren Smith | 2020-04-06 | 3 | -375/+0 |
| | |||||
* | Add couch_views_encoding max value | Garren Smith | 2020-04-06 | 1 | -0/+12 |
| | | | | | Adds a max value to use for encoding. This is useful when getting the max range when encoding startkey/endkeys. | ||||
* | Add couch_views_updater interactive indexer | Garren Smith | 2020-04-06 | 9 | -5/+470 |
| | | | | | | This adds the ability for couch_views to index an index in the docs update transaction. This only happens if a design doc has the field <<"interactive">> = true. | ||||
* | All couch_view queries to run across transactions | Garren Smith | 2020-04-06 | 1 | -1/+2 |
| | |||||
* | Add couch_views_indexer build to creation versionstamp | Garren Smith | 2020-04-06 | 7 | -33/+206 |
| | | | | | | This creates a versionstamp for when an indexed was created and build status for indexes. if the index has a creation_vs, then couch_views_indexer will built the index to this creation versionstamp. | ||||
* | add fabric2 after_doc_write plugin | Garren Smith | 2020-04-06 | 2 | -0/+8 |
| | |||||
* | add include_docs option to fold_docs | Garren Smith | 2020-04-06 | 1 | -2/+25 |
| | |||||
* | move all_doc view options to fabric2_util | Garren Smith | 2020-04-06 | 2 | -29/+39 |
| | |||||
* | fix all_docs call to return row | Garren Smith | 2020-04-06 | 1 | -1/+2 |
| | |||||
* | Merge pull request #2662 from cloudant/couch_view-rate_limit | iilyak | 2020-04-02 | 26 | -28/+1839 |
|\ | | | | | Use `couch_rate` application for `couch_view` | ||||
| * | Use `couch_rate` application for `couch_view` | ILYA Khlopotov | 2020-04-02 | 26 | -28/+1839 |
|/ | |||||
* | Merge pull request #2743 from apache/switch-erlfdb-couch | Robert Newson | 2020-04-01 | 1 | -6/+2 |
|\ | | | | | Switch erlfdb to the couchdb repo at tag v1.0.0 | ||||
| * | Switch erlfdb to the couchdb repo at tag v1.0.0 | Robert Newson | 2020-04-01 | 1 | -6/+2 |
|/ | |||||
* | change _all_docs to raw collation | Garren Smith | 2020-03-30 | 2 | -7/+4 |
| | |||||
* | Don't advertise unimplemented features | Jay Doane | 2020-03-28 | 3 | -12/+2 |
| | | | | | | | | | | | Removes the following features from the welcome message: - reshard - partitioned - pluggable-storage-engines - scheduler Although `scheduler` at least will presumably be returned once that feature is complete. | ||||
* | Return a 400 error code for an invalid update sequence | Nick Vatamaniuc | 2020-03-27 | 1 | -0/+2 |
| | | | | | | | | | | | | | | | | | Currently we return a 500 but a 400 return code makes more sense ``` $ http $DB1/db1/_changes?since=0-1345 HTTP/1.1 400 Bad Request { "error": "invalid_since_seq", "reason": "0-1345", "ref": 442671026 } ``` | ||||
* | Merge pull request #2722 from apache/couch-keywrap | Robert Newson | 2020-03-26 | 1 | -0/+103 |
|\ | | | | | Implement AES KW algorithm |