From 7f05221cfee9a6069d3341f780b88534ad4f4b56 Mon Sep 17 00:00:00 2001 From: sfc-gh-tclinkenbeard Date: Mon, 2 May 2022 22:15:27 -0700 Subject: [PATCH 1/7] Removed TLS_DISABLED macro --- fdbbackup/FileConverter.h | 2 - fdbbackup/FileDecoder.actor.cpp | 7 +- fdbbackup/backup.actor.cpp | 122 ++++-------------- fdbcli/fdbcli.actor.cpp | 16 +-- .../BackupContainerS3BlobStore.actor.cpp | 2 +- fdbclient/md5/md5.c | 2 +- fdbclient/md5/md5.h | 2 +- fdbserver/fdbserver.actor.cpp | 8 -- fdbserver/workloads/UnitTests.actor.cpp | 4 +- flow/BlobCipher.h | 8 -- flow/Net2.actor.cpp | 18 --- flow/Platform.actor.cpp | 4 +- flow/StreamCipher.h | 8 -- flow/TLSConfig.actor.cpp | 9 -- flow/TLSConfig.actor.h | 7 - 15 files changed, 32 insertions(+), 187 deletions(-) diff --git a/fdbbackup/FileConverter.h b/fdbbackup/FileConverter.h index 0aa1d105a6..251f8d004a 100644 --- a/fdbbackup/FileConverter.h +++ b/fdbbackup/FileConverter.h @@ -65,9 +65,7 @@ CSimpleOpt::SOption gConverterOptions[] = { { OPT_CONTAINER, "-r", SO_REQ_SEP }, { OPT_INPUT_FILE, "-i", SO_REQ_SEP }, { OPT_INPUT_FILE, "--input", SO_REQ_SEP }, { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, -#ifndef TLS_DISABLED TLS_OPTION_FLAGS -#endif { OPT_BUILD_FLAGS, "--build-flags", SO_NONE }, { OPT_LIST_ONLY, "--list-only", SO_NONE }, { OPT_KEY_PREFIX, "-k", SO_REQ_SEP }, diff --git a/fdbbackup/FileDecoder.actor.cpp b/fdbbackup/FileDecoder.actor.cpp index 71f6932598..2ad7a55df2 100644 --- a/fdbbackup/FileDecoder.actor.cpp +++ b/fdbbackup/FileDecoder.actor.cpp @@ -75,10 +75,7 @@ void printDecodeUsage() { " --crash Crash on serious error.\n" " --blob-credentials FILE\n" " File containing blob credentials in JSON format.\n" - " The same credential format/file fdbbackup uses.\n" -#ifndef TLS_DISABLED - TLS_HELP -#endif + " The same credential format/file fdbbackup uses.\n" TLS_HELP " --build-flags Print build information and exit.\n" " --list-only Print file list and exit.\n" " -k KEY_PREFIX Use the prefix for filtering mutations\n" @@ -302,7 +299,6 @@ int parseDecodeCommandLine(DecodeParams* param, CSimpleOpt* args) { param->save_file_locally = true; break; -#ifndef TLS_DISABLED case TLSConfig::OPT_TLS_PLUGIN: args->OptionArg(); break; @@ -326,7 +322,6 @@ int parseDecodeCommandLine(DecodeParams* param, CSimpleOpt* args) { case TLSConfig::OPT_TLS_VERIFY_PEERS: param->tlsConfig.tlsVerifyPeers = args->OptionArg(); break; -#endif case OPT_BUILD_FLAGS: printBuildInformation(); diff --git a/fdbbackup/backup.actor.cpp b/fdbbackup/backup.actor.cpp index 40ca160f3e..03f572e340 100644 --- a/fdbbackup/backup.actor.cpp +++ b/fdbbackup/backup.actor.cpp @@ -220,10 +220,7 @@ CSimpleOpt::SOption g_rgAgentOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupStartOptions[] = { @@ -269,10 +266,7 @@ CSimpleOpt::SOption g_rgBackupStartOptions[] = { { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, { OPT_INCREMENTALONLY, "--incremental", SO_NONE }, { OPT_ENCRYPTION_KEY_FILE, "--encryption-key-file", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupModifyOptions[] = { @@ -335,10 +329,7 @@ CSimpleOpt::SOption g_rgBackupStatusOptions[] = { { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_JSON, "--json", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupAbortOptions[] = { @@ -364,10 +355,7 @@ CSimpleOpt::SOption g_rgBackupAbortOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupCleanupOptions[] = { @@ -393,10 +381,7 @@ CSimpleOpt::SOption g_rgBackupCleanupOptions[] = { { OPT_KNOB, "--knob-", SO_REQ_SEP }, { OPT_DELETE_DATA, "--delete-data", SO_NONE }, { OPT_MIN_CLEANUP_SECONDS, "--min-cleanup-seconds", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupDiscontinueOptions[] = { @@ -424,10 +409,7 @@ CSimpleOpt::SOption g_rgBackupDiscontinueOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupWaitOptions[] = { @@ -455,10 +437,7 @@ CSimpleOpt::SOption g_rgBackupWaitOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupPauseOptions[] = { @@ -482,10 +461,7 @@ CSimpleOpt::SOption g_rgBackupPauseOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupExpireOptions[] = { @@ -521,10 +497,7 @@ CSimpleOpt::SOption g_rgBackupExpireOptions[] = { { OPT_EXPIRE_BEFORE_DATETIME, "--expire-before-timestamp", SO_REQ_SEP }, { OPT_EXPIRE_MIN_RESTORABLE_DAYS, "--min-restorable-days", SO_REQ_SEP }, { OPT_EXPIRE_DELETE_BEFORE_DAYS, "--delete-before-days", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupDeleteOptions[] = { @@ -550,10 +523,7 @@ CSimpleOpt::SOption g_rgBackupDeleteOptions[] = { { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupDescribeOptions[] = { @@ -584,10 +554,7 @@ CSimpleOpt::SOption g_rgBackupDescribeOptions[] = { { OPT_DESCRIBE_DEEP, "--deep", SO_NONE }, { OPT_DESCRIBE_TIMESTAMPS, "--version-timestamps", SO_NONE }, { OPT_JSON, "--json", SO_NONE }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupDumpOptions[] = { @@ -616,10 +583,7 @@ CSimpleOpt::SOption g_rgBackupDumpOptions[] = { { OPT_KNOB, "--knob-", SO_REQ_SEP }, { OPT_DUMP_BEGIN, "--begin", SO_REQ_SEP }, { OPT_DUMP_END, "--end", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupTagsOptions[] = { @@ -634,10 +598,7 @@ CSimpleOpt::SOption g_rgBackupTagsOptions[] = { { OPT_TRACE_LOG_GROUP, "--loggroup", SO_REQ_SEP }, { OPT_QUIET, "-q", SO_NONE }, { OPT_QUIET, "--quiet", SO_NONE }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupListOptions[] = { @@ -662,10 +623,7 @@ CSimpleOpt::SOption g_rgBackupListOptions[] = { { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupQueryOptions[] = { @@ -698,10 +656,7 @@ CSimpleOpt::SOption g_rgBackupQueryOptions[] = { { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; // g_rgRestoreOptions is used by fdbrestore and fastrestore_tool @@ -747,10 +702,7 @@ CSimpleOpt::SOption g_rgRestoreOptions[] = { { OPT_RESTORE_BEGIN_VERSION, "--begin-version", SO_REQ_SEP }, { OPT_RESTORE_INCONSISTENT_SNAPSHOT_ONLY, "--inconsistent-snapshot-only", SO_NONE }, { OPT_ENCRYPTION_KEY_FILE, "--encryption-key-file", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBAgentOptions[] = { @@ -780,10 +732,7 @@ CSimpleOpt::SOption g_rgDBAgentOptions[] = { { OPT_HELP, "-h", SO_NONE }, { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBStartOptions[] = { @@ -813,10 +762,7 @@ CSimpleOpt::SOption g_rgDBStartOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBStatusOptions[] = { @@ -846,10 +792,7 @@ CSimpleOpt::SOption g_rgDBStatusOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBSwitchOptions[] = { @@ -878,10 +821,7 @@ CSimpleOpt::SOption g_rgDBSwitchOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBAbortOptions[] = { @@ -911,10 +851,7 @@ CSimpleOpt::SOption g_rgDBAbortOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBPauseOptions[] = { @@ -940,10 +877,7 @@ CSimpleOpt::SOption g_rgDBPauseOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; const KeyRef exeAgent = LiteralStringRef("backup_agent"); @@ -1017,9 +951,7 @@ static void printAgentUsage(bool devhelp) { printf(" -m SIZE, --memory SIZE\n" " Memory limit. The default value is 8GiB. When specified\n" " without a unit, MiB is assumed.\n"); -#ifndef TLS_DISABLED printf(TLS_HELP); -#endif printf(" --build-flags Print build information and exit.\n"); printf(" -v, --version Print version information and exit.\n"); printf(" -h, --help Display this help and exit.\n"); @@ -1147,9 +1079,7 @@ static void printBackupUsage(bool devhelp) { "and ignore the range files.\n"); printf(" --encryption-key-file" " The AES-128-GCM key in the provided file is used for encrypting backup files.\n"); -#ifndef TLS_DISABLED printf(TLS_HELP); -#endif printf(" -w, --wait Wait for the backup to complete (allowed with `start' and `discontinue').\n"); printf(" -z, --no-stop-when-done\n" " Do not stop backup when restorable.\n"); @@ -1222,9 +1152,7 @@ static void printRestoreUsage(bool devhelp) { "instead of the entire set.\n"); printf(" --encryption-key-file" " The AES-128-GCM key in the provided file is used for decrypting backup files.\n"); -#ifndef TLS_DISABLED printf(TLS_HELP); -#endif printf(" -v DBVERSION The version at which the database will be restored.\n"); printf(" --timestamp Instead of a numeric version, use this to specify a timestamp in %s\n", BackupAgentBase::timeFormat().c_str()); @@ -1281,9 +1209,7 @@ static void printDBAgentUsage(bool devhelp) { printf(" -m, --memory SIZE\n" " Memory limit. The default value is 8GiB. When specified\n" " without a unit, MiB is assumed.\n"); -#ifndef TLS_DISABLED printf(TLS_HELP); -#endif printf(" --build-flags Print build information and exit.\n"); printf(" -v, --version Print version information and exit.\n"); printf(" -h, --help Display this help and exit.\n"); @@ -1322,9 +1248,7 @@ static void printDBBackupUsage(bool devhelp) { " If not specified, the entire database will be backed up.\n"); printf(" --cleanup Abort will attempt to stop mutation logging on the source cluster.\n"); printf(" --dstonly Abort will not make any changes on the source cluster.\n"); -#ifndef TLS_DISABLED printf(TLS_HELP); -#endif printf(" --log Enables trace file logging for the CLI session.\n" " --logdir PATH Specifes the output directory for trace files. If\n" " unspecified, defaults to the current directory. Has\n" @@ -3793,7 +3717,6 @@ int main(int argc, char* argv[]) { case OPT_BLOB_CREDENTIALS: tlsConfig.blobCredentials.push_back(args->OptionArg()); break; -#ifndef TLS_DISABLED case TLSConfig::OPT_TLS_PLUGIN: args->OptionArg(); break; @@ -3812,7 +3735,6 @@ int main(int argc, char* argv[]) { case TLSConfig::OPT_TLS_VERIFY_PEERS: tlsConfig.tlsVerifyPeers = args->OptionArg(); break; -#endif case OPT_DUMP_BEGIN: dumpBegin = parseVersion(args->OptionArg()); break; diff --git a/fdbcli/fdbcli.actor.cpp b/fdbcli/fdbcli.actor.cpp index 5f5f7d25fc..af920e63ba 100644 --- a/fdbcli/fdbcli.actor.cpp +++ b/fdbcli/fdbcli.actor.cpp @@ -125,12 +125,7 @@ CSimpleOpt::SOption g_rgOptions[] = { { OPT_CONNFILE, "-C", SO_REQ_SEP }, { OPT_DEBUG_TLS, "--debug-tls", SO_NONE }, { OPT_API_VERSION, "--api-version", SO_REQ_SEP }, { OPT_MEMORY, "--memory", SO_REQ_SEP }, - -#ifndef TLS_DISABLED - TLS_OPTION_FLAGS -#endif - - SO_END_OF_OPTIONS }; + TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; void printAtCol(const char* text, int col, FILE* stream = stdout) { const char* iter = text; @@ -449,9 +444,7 @@ static void printProgramUsage(const char* name) { " the CLI.\n" " --api-version APIVERSION\n" " Specifies the version of the API for the CLI to use.\n" -#ifndef TLS_DISABLED TLS_HELP -#endif " --knob-KNOBNAME KNOBVALUE\n" " Changes a knob option. KNOBNAME should be lowercase.\n" " --debug-tls Prints the TLS configuration and certificate chain, then exits.\n" @@ -1091,7 +1084,6 @@ struct CLIOptions { case OPT_NO_HINTS: cliHints = false; -#ifndef TLS_DISABLED // TLS Options case TLSConfig::OPT_TLS_PLUGIN: args.OptionArg(); @@ -1111,7 +1103,7 @@ struct CLIOptions { case TLSConfig::OPT_TLS_VERIFY_PEERS: tlsVerifyPeers = args.OptionArg(); break; -#endif + case OPT_HELP: printProgramUsage(program_name.c_str()); return 0; @@ -2224,7 +2216,6 @@ int main(int argc, char** argv) { } if (opt.debugTLS) { -#ifndef TLS_DISABLED // Backdoor into NativeAPI's tlsConfig, which is where the above network option settings ended up. extern TLSConfig tlsConfig; printf("TLS Configuration:\n"); @@ -2241,9 +2232,6 @@ int main(int argc, char** argv) { printf("Use --log and look at the trace logs for more detailed information on the failure.\n"); return 1; } -#else - printf("This fdbcli was built with TLS disabled.\n"); -#endif return 0; } diff --git a/fdbclient/BackupContainerS3BlobStore.actor.cpp b/fdbclient/BackupContainerS3BlobStore.actor.cpp index 2240cc6741..58a436341a 100644 --- a/fdbclient/BackupContainerS3BlobStore.actor.cpp +++ b/fdbclient/BackupContainerS3BlobStore.actor.cpp @@ -20,7 +20,7 @@ #include "fdbclient/AsyncFileS3BlobStore.actor.h" #include "fdbclient/BackupContainerS3BlobStore.h" -#if (!defined(TLS_DISABLED) && !defined(_WIN32)) +#if (!defined(_WIN32)) #include "fdbrpc/AsyncFileEncrypted.h" #endif #include "fdbrpc/AsyncFileReadAhead.actor.h" diff --git a/fdbclient/md5/md5.c b/fdbclient/md5/md5.c index 03810862e3..4c3b21ce97 100644 --- a/fdbclient/md5/md5.c +++ b/fdbclient/md5/md5.c @@ -35,7 +35,7 @@ * compile-time configuration. */ -#if !defined(HAVE_OPENSSL) || defined(TLS_DISABLED) +#if !defined(HAVE_OPENSSL) #include diff --git a/fdbclient/md5/md5.h b/fdbclient/md5/md5.h index 71b1b0456b..09147eb7f1 100644 --- a/fdbclient/md5/md5.h +++ b/fdbclient/md5/md5.h @@ -23,7 +23,7 @@ * See md5.c for more information. */ -#if defined(HAVE_OPENSSL) && !defined(TLS_DISABLED) +#if defined(HAVE_OPENSSL) #if defined(HAVE_WOLFSSL) #include #endif diff --git a/fdbserver/fdbserver.actor.cpp b/fdbserver/fdbserver.actor.cpp index 1a2f244b0b..d3737536a2 100644 --- a/fdbserver/fdbserver.actor.cpp +++ b/fdbserver/fdbserver.actor.cpp @@ -204,11 +204,7 @@ CSimpleOpt::SOption g_rgOptions[] = { { OPT_FLOW_PROCESS_NAME, "--process-name", SO_REQ_SEP }, { OPT_FLOW_PROCESS_ENDPOINT, "--process-endpoint", SO_REQ_SEP }, { OPT_IP_TRUSTED_MASK, "--trusted-subnet-", SO_REQ_SEP }, - -#ifndef TLS_DISABLED TLS_OPTION_FLAGS -#endif - SO_END_OF_OPTIONS }; @@ -662,9 +658,7 @@ static void printUsage(const char* name, bool devhelp) { " collector -- None or FluentD (FluentD requires collector_endpoint to be set)\n" " collector_endpoint -- IP:PORT of the fluentd server\n" " collector_protocol -- UDP or TCP (default is UDP)"); -#ifndef TLS_DISABLED printf("%s", TLS_HELP); -#endif printOptionUsage("-v, --version", "Print version information and exit."); printOptionUsage("-h, -?, --help", "Display this help and exit."); if (devhelp) { @@ -1621,7 +1615,6 @@ private: printSimTime = true; break; -#ifndef TLS_DISABLED case TLSConfig::OPT_TLS_PLUGIN: args.OptionArg(); break; @@ -1640,7 +1633,6 @@ private: case TLSConfig::OPT_TLS_VERIFY_PEERS: tlsConfig.addVerifyPeers(args.OptionArg()); break; -#endif } } diff --git a/fdbserver/workloads/UnitTests.actor.cpp b/fdbserver/workloads/UnitTests.actor.cpp index 96433181f5..1545f78ab8 100644 --- a/fdbserver/workloads/UnitTests.actor.cpp +++ b/fdbserver/workloads/UnitTests.actor.cpp @@ -28,7 +28,7 @@ void forceLinkFlowTests(); void forceLinkVersionedMapTests(); void forceLinkMemcpyTests(); void forceLinkMemcpyPerfTests(); -#if (!defined(TLS_DISABLED) && !defined(_WIN32)) +#if (!defined(_WIN32)) void forceLinkStreamCipherTests(); void forceLinkBlobCipherTests(); #endif @@ -79,7 +79,7 @@ struct UnitTestWorkload : TestWorkload { forceLinkVersionedMapTests(); forceLinkMemcpyTests(); forceLinkMemcpyPerfTests(); -#if (!defined(TLS_DISABLED) && !defined(_WIN32)) +#if (!defined(_WIN32)) forceLinkStreamCipherTests(); void forceLinkBlobCipherTests(); #endif diff --git a/flow/BlobCipher.h b/flow/BlobCipher.h index 624762caaa..e50d4caab1 100644 --- a/flow/BlobCipher.h +++ b/flow/BlobCipher.h @@ -25,13 +25,7 @@ #include #include -#if (!defined(TLS_DISABLED)) #define ENCRYPTION_ENABLED 1 -#else -#define ENCRYPTION_ENABLED 0 -#endif - -#if ENCRYPTION_ENABLED #include "flow/Arena.h" #include "flow/EncryptUtils.h" @@ -468,5 +462,3 @@ StringRef computeAuthToken(const uint8_t* payload, const uint8_t* key, const int keyLen, Arena& arena); - -#endif // ENCRYPTION_ENABLED diff --git a/flow/Net2.actor.cpp b/flow/Net2.actor.cpp index f83aac02c5..0778fefde8 100644 --- a/flow/Net2.actor.cpp +++ b/flow/Net2.actor.cpp @@ -30,12 +30,10 @@ #define BOOST_DATE_TIME_NO_LIB #define BOOST_REGEX_NO_LIB #include -#ifndef TLS_DISABLED #if defined(HAVE_WOLFSSL) #include #endif #include "boost/asio/ssl.hpp" -#endif #include #include #include @@ -239,12 +237,10 @@ public: // private: ASIOReactor reactor; -#ifndef TLS_DISABLED AsyncVar>> sslContextVar; Reference sslHandshakerPool; int sslHandshakerThreadsStarted; int sslPoolHandshakesInProgress; -#endif TLSConfig tlsConfig; Future backgroundCertRefresh; ETLSInitState tlsInitializedState; @@ -379,14 +375,12 @@ public: { TraceEvent evt(SevWarn, errContext, errID); evt.suppressFor(1.0).detail("ErrorCode", error.value()).detail("Message", error.message()); -#ifndef TLS_DISABLED // There is no function in OpenSSL to use to check if an error code is from OpenSSL, // but all OpenSSL errors have a non-zero "library" code set in bits 24-32, and linux // error codes should never go that high. if (error.value() >= (1 << 24L)) { evt.detail("WhichMeans", TLSPolicy::ErrorString(error)); } -#endif } p.sendError(connection_failed()); @@ -793,7 +787,6 @@ private: } }; -#ifndef TLS_DISABLED typedef boost::asio::ssl::stream ssl_socket; struct SSLHandshakerThread final : IThreadPoolReceiver { @@ -1197,7 +1190,6 @@ private: } } }; -#endif struct PromiseTask final : public Task, public FastAllocated { Promise promise; @@ -1214,11 +1206,9 @@ struct PromiseTask final : public Task, public FastAllocated { Net2::Net2(const TLSConfig& tlsConfig, bool useThreadPool, bool useMetrics) : globals(enumGlobal::COUNT), useThreadPool(useThreadPool), reactor(this), -#ifndef TLS_DISABLED sslContextVar({ ReferencedObject::from( boost::asio::ssl::context(boost::asio::ssl::context::tls)) }), sslHandshakerThreadsStarted(0), sslPoolHandshakesInProgress(0), -#endif tlsConfig(tlsConfig), tlsInitializedState(ETLSInitState::NONE), network(this), tscBegin(0), tscEnd(0), taskBegin(0), currentTaskID(TaskPriority::DefaultYield), tasksIssued(0), stopped(false), started(false), numYields(0), lastPriorityStats(nullptr), ready(FLOW_KNOBS->READY_QUEUE_RESERVED_SIZE) { @@ -1243,7 +1233,6 @@ Net2::Net2(const TLSConfig& tlsConfig, bool useThreadPool, bool useMetrics) updateNow(); } -#ifndef TLS_DISABLED ACTOR static Future watchFileForChanges(std::string filename, AsyncTrigger* fileChanged) { if (filename == "") { return Never(); @@ -1320,13 +1309,11 @@ ACTOR static Future reloadCertificatesOnChange( } } } -#endif void Net2::initTLS(ETLSInitState targetState) { if (tlsInitializedState >= targetState) { return; } -#ifndef TLS_DISABLED // Any target state must be higher than NONE so if the current state is NONE // then initialize the TLS config if (tlsInitializedState == ETLSInitState::NONE) { @@ -1380,7 +1367,6 @@ void Net2::initTLS(ETLSInitState targetState) { } } } -#endif tlsInitializedState = targetState; } @@ -1834,12 +1820,10 @@ THREAD_HANDLE Net2::startThread(THREAD_FUNC_RETURN (*func)(void*), void* arg, in } Future> Net2::connect(NetworkAddress toAddr, const std::string& host) { -#ifndef TLS_DISABLED if (toAddr.isTLS()) { initTLS(ETLSInitState::CONNECT); return SSLConnection::connect(&this->reactor.ios, this->sslContextVar.get(), toAddr); } -#endif return Connection::connect(&this->reactor.ios, toAddr); } @@ -1979,12 +1963,10 @@ bool Net2::isAddressOnThisHost(NetworkAddress const& addr) const { Reference Net2::listen(NetworkAddress localAddr) { try { -#ifndef TLS_DISABLED if (localAddr.isTLS()) { initTLS(ETLSInitState::LISTEN); return Reference(new SSLListener(reactor.ios, &this->sslContextVar, localAddr)); } -#endif return Reference(new Listener(reactor.ios, localAddr)); } catch (boost::system::system_error const& e) { Error x; diff --git a/flow/Platform.actor.cpp b/flow/Platform.actor.cpp index 0cff826103..d29aea5c22 100644 --- a/flow/Platform.actor.cpp +++ b/flow/Platform.actor.cpp @@ -31,7 +31,7 @@ #include "flow/Platform.actor.h" #include "flow/Arena.h" -#if (!defined(TLS_DISABLED) && !defined(_WIN32)) +#if (!defined(_WIN32)) #include "flow/StreamCipher.h" #include "flow/BlobCipher.h" #endif @@ -3552,7 +3552,7 @@ void crashHandler(int sig) { bool error = (sig != SIGUSR2); -#if (!defined(TLS_DISABLED) && !defined(_WIN32)) +#if (!defined(_WIN32)) StreamCipherKey::cleanup(); StreamCipher::cleanup(); BlobCipherKeyCache::cleanup(); diff --git a/flow/StreamCipher.h b/flow/StreamCipher.h index 3e1fe10fe0..c6ed26e563 100644 --- a/flow/StreamCipher.h +++ b/flow/StreamCipher.h @@ -20,13 +20,7 @@ #pragma once -#if (!defined(TLS_DISABLED)) #define ENCRYPTION_ENABLED 1 -#else -#define ENCRYPTION_ENABLED 0 -#endif - -#if ENCRYPTION_ENABLED #include "flow/Arena.h" #include "flow/FastRef.h" @@ -117,5 +111,3 @@ public: }; void applyHmacKeyDerivationFunc(StreamCipherKey* cipherKey, HmacSha256StreamCipher* hmacGenerator, Arena& arena); - -#endif // ENCRYPTION_ENABLED diff --git a/flow/TLSConfig.actor.cpp b/flow/TLSConfig.actor.cpp index c7cad7945d..4d1ed9cf85 100644 --- a/flow/TLSConfig.actor.cpp +++ b/flow/TLSConfig.actor.cpp @@ -25,14 +25,6 @@ // To force typeinfo to only be emitted once. TLSPolicy::~TLSPolicy() {} -#ifdef TLS_DISABLED - -void LoadedTLSConfig::print(FILE* fp) { - fprintf(fp, "Cannot print LoadedTLSConfig. TLS support is not enabled.\n"); -} - -#else // TLS is enabled - #include #include #include @@ -837,4 +829,3 @@ bool TLSPolicy::verify_peer(bool preverified, X509_STORE_CTX* store_ctx) { } return rc; } -#endif diff --git a/flow/TLSConfig.actor.h b/flow/TLSConfig.actor.h index ff3e670f49..ec1e0e7c64 100644 --- a/flow/TLSConfig.actor.h +++ b/flow/TLSConfig.actor.h @@ -37,8 +37,6 @@ #include "flow/Knobs.h" #include "flow/flow.h" -#ifndef TLS_DISABLED - #if defined(HAVE_WOLFSSL) #include #endif @@ -72,7 +70,6 @@ struct Criteria { return criteria == c.criteria && match_type == c.match_type && location == c.location; } }; -#endif #include "flow/actorcompiler.h" // This must be the last #include. @@ -204,7 +201,6 @@ private: TLSEndpointType endpointType = TLSEndpointType::UNSET; }; -#ifndef TLS_DISABLED namespace boost { namespace asio { namespace ssl { @@ -216,7 +212,6 @@ void ConfigureSSLContext( const LoadedTLSConfig& loaded, boost::asio::ssl::context* context, std::function onPolicyFailure = []() {}); -#endif class TLSPolicy : ReferenceCounted { public: @@ -226,7 +221,6 @@ public: virtual void addref() { ReferenceCounted::addref(); } virtual void delref() { ReferenceCounted::delref(); } -#ifndef TLS_DISABLED static std::string ErrorString(boost::system::error_code e); void set_verify_peers(std::vector verify_peers); @@ -248,7 +242,6 @@ public: }; std::vector rules; -#endif bool is_client; }; From 475d66084db63ca4921272362501770453cefe68 Mon Sep 17 00:00:00 2001 From: sfc-gh-tclinkenbeard Date: Mon, 2 May 2022 22:26:31 -0700 Subject: [PATCH 2/7] Remove ENCRYPTION_ENABLED macro --- fdbclient/BackupContainerAzureBlobStore.actor.cpp | 2 -- fdbclient/BackupContainerFileSystem.actor.cpp | 10 ---------- fdbclient/BackupContainerS3BlobStore.actor.cpp | 4 ---- fdbrpc/AsyncFileEncrypted.h | 4 ---- fdbrpc/Net2FileSystem.cpp | 2 -- fdbrpc/sim2.actor.cpp | 2 -- fdbserver/workloads/EncryptionOps.actor.cpp | 4 ---- flow/BlobCipher.cpp | 4 ---- flow/BlobCipher.h | 2 -- flow/StreamCipher.h | 2 -- 10 files changed, 36 deletions(-) diff --git a/fdbclient/BackupContainerAzureBlobStore.actor.cpp b/fdbclient/BackupContainerAzureBlobStore.actor.cpp index 1ec987fc56..0c3ac8ba02 100644 --- a/fdbclient/BackupContainerAzureBlobStore.actor.cpp +++ b/fdbclient/BackupContainerAzureBlobStore.actor.cpp @@ -213,9 +213,7 @@ public: // Hack to get around the fact that macros don't work inside actor functions static Reference encryptFile(Reference const& f, AsyncFileEncrypted::Mode mode) { Reference result = f; -#if ENCRYPTION_ENABLED result = makeReference(result, mode); -#endif return result; } diff --git a/fdbclient/BackupContainerFileSystem.actor.cpp b/fdbclient/BackupContainerFileSystem.actor.cpp index a4778ecc10..0314a918b3 100644 --- a/fdbclient/BackupContainerFileSystem.actor.cpp +++ b/fdbclient/BackupContainerFileSystem.actor.cpp @@ -1128,7 +1128,6 @@ public: return false; } -#if ENCRYPTION_ENABLED ACTOR static Future createTestEncryptionKeyFile(std::string filename) { state Reference keyFile = wait(IAsyncFileSystem::filesystem()->open( filename, @@ -1164,7 +1163,6 @@ public: ASSERT_EQ(bytesRead, cipherKey->size()); return Void(); } -#endif // ENCRYPTION_ENABLED }; // class BackupContainerFileSystemImpl @@ -1481,19 +1479,11 @@ Future BackupContainerFileSystem::encryptionSetupComplete() const { void BackupContainerFileSystem::setEncryptionKey(Optional const& encryptionKeyFileName) { if (encryptionKeyFileName.present()) { -#if ENCRYPTION_ENABLED encryptionSetupFuture = BackupContainerFileSystemImpl::readEncryptionKey(encryptionKeyFileName.get()); -#else - encryptionSetupFuture = Void(); -#endif } } Future BackupContainerFileSystem::createTestEncryptionKeyFile(std::string const& filename) { -#if ENCRYPTION_ENABLED return BackupContainerFileSystemImpl::createTestEncryptionKeyFile(filename); -#else - return Void(); -#endif } // Get a BackupContainerFileSystem based on a container URL string diff --git a/fdbclient/BackupContainerS3BlobStore.actor.cpp b/fdbclient/BackupContainerS3BlobStore.actor.cpp index 58a436341a..af3fb9d128 100644 --- a/fdbclient/BackupContainerS3BlobStore.actor.cpp +++ b/fdbclient/BackupContainerS3BlobStore.actor.cpp @@ -174,11 +174,9 @@ std::string BackupContainerS3BlobStore::getURLFormat() { Future> BackupContainerS3BlobStore::readFile(const std::string& path) { Reference f = makeReference(m_bstore, m_bucket, dataPath(path)); -#if ENCRYPTION_ENABLED if (usesEncryption()) { f = makeReference(f, AsyncFileEncrypted::Mode::READ_ONLY); } -#endif f = makeReference(f, m_bstore->knobs.read_block_size, m_bstore->knobs.read_ahead_blocks, @@ -194,11 +192,9 @@ Future> BackupContainerS3BlobStore::listURLs(Reference< Future> BackupContainerS3BlobStore::writeFile(const std::string& path) { Reference f = makeReference(m_bstore, m_bucket, dataPath(path)); -#if ENCRYPTION_ENABLED if (usesEncryption()) { f = makeReference(f, AsyncFileEncrypted::Mode::APPEND_ONLY); } -#endif return Future>(makeReference(path, f)); } diff --git a/fdbrpc/AsyncFileEncrypted.h b/fdbrpc/AsyncFileEncrypted.h index a01c32f8cf..36436c9127 100644 --- a/fdbrpc/AsyncFileEncrypted.h +++ b/fdbrpc/AsyncFileEncrypted.h @@ -26,8 +26,6 @@ #include "flow/IRandom.h" #include "flow/StreamCipher.h" -#if ENCRYPTION_ENABLED - #include /* @@ -81,5 +79,3 @@ public: void releaseZeroCopy(void* data, int length, int64_t offset) override; int64_t debugFD() const override; }; - -#endif // ENCRYPTION_ENABLED diff --git a/fdbrpc/Net2FileSystem.cpp b/fdbrpc/Net2FileSystem.cpp index b6460b172c..76c75f211b 100644 --- a/fdbrpc/Net2FileSystem.cpp +++ b/fdbrpc/Net2FileSystem.cpp @@ -79,14 +79,12 @@ Future> Net2FileSystem::open(const std::string& file f = map(f, [=](Reference r) { return Reference(new AsyncFileWriteChecker(r)); }); if (FLOW_KNOBS->ENABLE_CHAOS_FEATURES) f = map(f, [=](Reference r) { return Reference(new AsyncFileChaos(r)); }); -#if ENCRYPTION_ENABLED if (flags & IAsyncFile::OPEN_ENCRYPTED) f = map(f, [flags](Reference r) { auto mode = flags & IAsyncFile::OPEN_READWRITE ? AsyncFileEncrypted::Mode::APPEND_ONLY : AsyncFileEncrypted::Mode::READ_ONLY; return Reference(new AsyncFileEncrypted(r, mode)); }); -#endif // ENCRYPTION_ENABLED return f; } diff --git a/fdbrpc/sim2.actor.cpp b/fdbrpc/sim2.actor.cpp index 065a35d110..f9e6dfab20 100644 --- a/fdbrpc/sim2.actor.cpp +++ b/fdbrpc/sim2.actor.cpp @@ -2594,14 +2594,12 @@ Future> Sim2FileSystem::open(const std::string& file f = map(f, [=](Reference r) { return Reference(new AsyncFileWriteChecker(r)); }); if (FLOW_KNOBS->ENABLE_CHAOS_FEATURES) f = map(f, [=](Reference r) { return Reference(new AsyncFileChaos(r)); }); -#if ENCRYPTION_ENABLED if (flags & IAsyncFile::OPEN_ENCRYPTED) f = map(f, [flags](Reference r) { auto mode = flags & IAsyncFile::OPEN_READWRITE ? AsyncFileEncrypted::Mode::APPEND_ONLY : AsyncFileEncrypted::Mode::READ_ONLY; return Reference(new AsyncFileEncrypted(r, mode)); }); -#endif // ENCRYPTION_ENABLED return f; } else return AsyncFileCached::open(filename, flags, mode); diff --git a/fdbserver/workloads/EncryptionOps.actor.cpp b/fdbserver/workloads/EncryptionOps.actor.cpp index 30567889bd..4062823c98 100644 --- a/fdbserver/workloads/EncryptionOps.actor.cpp +++ b/fdbserver/workloads/EncryptionOps.actor.cpp @@ -34,8 +34,6 @@ #include "flow/actorcompiler.h" // This must be the last #include. -#if ENCRYPTION_ENABLED - #define MEGA_BYTES (1024 * 1024) #define NANO_SECOND (1000 * 1000 * 1000) @@ -379,5 +377,3 @@ struct EncryptionOpsWorkload : TestWorkload { }; WorkloadFactory EncryptionOpsWorkloadFactory("EncryptionOps"); - -#endif // ENCRYPTION_ENABLED diff --git a/flow/BlobCipher.cpp b/flow/BlobCipher.cpp index c14fbacd26..d8895cea26 100644 --- a/flow/BlobCipher.cpp +++ b/flow/BlobCipher.cpp @@ -35,8 +35,6 @@ #include #include -#if ENCRYPTION_ENABLED - namespace { bool isEncryptHeaderAuthTokenModeValid(const EncryptAuthTokenMode mode) { return mode >= ENCRYPT_HEADER_AUTH_TOKEN_MODE_NONE && mode < ENCRYPT_HEADER_AUTH_TOKEN_LAST; @@ -1186,5 +1184,3 @@ TEST_CASE("flow/BlobCipher") { TraceEvent("BlobCipherTest_Done").log(); return Void(); } - -#endif // ENCRYPTION_ENABLED diff --git a/flow/BlobCipher.h b/flow/BlobCipher.h index e50d4caab1..1d7a8d8dee 100644 --- a/flow/BlobCipher.h +++ b/flow/BlobCipher.h @@ -25,8 +25,6 @@ #include #include -#define ENCRYPTION_ENABLED 1 - #include "flow/Arena.h" #include "flow/EncryptUtils.h" #include "flow/FastRef.h" diff --git a/flow/StreamCipher.h b/flow/StreamCipher.h index c6ed26e563..cc7df84e47 100644 --- a/flow/StreamCipher.h +++ b/flow/StreamCipher.h @@ -20,8 +20,6 @@ #pragma once -#define ENCRYPTION_ENABLED 1 - #include "flow/Arena.h" #include "flow/FastRef.h" #include "flow/flow.h" From ea00ae3a25433dc89ea2ea500b052f6c9b90f701 Mon Sep 17 00:00:00 2001 From: sfc-gh-tclinkenbeard Date: Mon, 2 May 2022 22:31:46 -0700 Subject: [PATCH 3/7] Remove DISABLE_TLS CMake argument --- README.md | 1 - cmake/FDBComponents.cmake | 59 ++++++++++++++++++--------------------- 2 files changed, 27 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index e40bf6ae23..5b1a8d7a45 100755 --- a/README.md +++ b/README.md @@ -126,7 +126,6 @@ You should create a second build-directory which you will use for building and d mkdir .build && cd .build cmake -G Ninja \ -DUSE_CCACHE=on \ - -DDISABLE_TLS=off \ -DUSE_DTRACE=off \ .. ninja -j 10 diff --git a/cmake/FDBComponents.cmake b/cmake/FDBComponents.cmake index 998dfaf616..7710e871a5 100644 --- a/cmake/FDBComponents.cmake +++ b/cmake/FDBComponents.cmake @@ -20,40 +20,35 @@ endif() include(CheckSymbolExists) -set(DISABLE_TLS OFF CACHE BOOL "Don't try to find OpenSSL and always build without TLS support") set(USE_WOLFSSL OFF CACHE BOOL "Build against WolfSSL instead of OpenSSL") set(USE_OPENSSL ON CACHE BOOL "Build against OpenSSL") -if(DISABLE_TLS) - set(WITH_TLS OFF) -else() - if(USE_WOLFSSL) - set(WOLFSSL_USE_STATIC_LIBS TRUE) - find_package(WolfSSL) - if(WOLFSSL_FOUND) - set(CMAKE_REQUIRED_INCLUDES ${WOLFSSL_INCLUDE_DIR}) - set(WITH_TLS ON) - add_compile_options(-DHAVE_OPENSSL) - add_compile_options(-DHAVE_WOLFSSL) - else() - message(STATUS "WolfSSL was not found - Will compile without TLS Support") - message(STATUS "You can set WOLFSSL_ROOT_DIR to help cmake find it") - set(WITH_TLS OFF) - endif() - elseif(USE_OPENSSL) - set(OPENSSL_USE_STATIC_LIBS TRUE) - if(WIN32) - set(OPENSSL_MSVC_STATIC_RT ON) - endif() - find_package(OpenSSL) - if(OPENSSL_FOUND) - set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) - set(WITH_TLS ON) - add_compile_options(-DHAVE_OPENSSL) - else() - message(STATUS "OpenSSL was not found - Will compile without TLS Support") - message(STATUS "You can set OPENSSL_ROOT_DIR to help cmake find it") - set(WITH_TLS OFF) - endif() +if(USE_WOLFSSL) + set(WOLFSSL_USE_STATIC_LIBS TRUE) + find_package(WolfSSL) + if(WOLFSSL_FOUND) + set(CMAKE_REQUIRED_INCLUDES ${WOLFSSL_INCLUDE_DIR}) + set(WITH_TLS ON) + add_compile_options(-DHAVE_OPENSSL) + add_compile_options(-DHAVE_WOLFSSL) + else() + message(STATUS "WolfSSL was not found - Will compile without TLS Support") + message(STATUS "You can set WOLFSSL_ROOT_DIR to help cmake find it") + set(WITH_TLS OFF) + endif() +elseif(USE_OPENSSL) + set(OPENSSL_USE_STATIC_LIBS TRUE) + if(WIN32) + set(OPENSSL_MSVC_STATIC_RT ON) + endif() + find_package(OpenSSL) + if(OPENSSL_FOUND) + set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) + set(WITH_TLS ON) + add_compile_options(-DHAVE_OPENSSL) + else() + message(STATUS "OpenSSL was not found - Will compile without TLS Support") + message(STATUS "You can set OPENSSL_ROOT_DIR to help cmake find it") + set(WITH_TLS OFF) endif() endif() From 8ea68154bfeae76a40c9b5aa98f7e9cbd1ddee32 Mon Sep 17 00:00:00 2001 From: sfc-gh-tclinkenbeard Date: Mon, 2 May 2022 22:45:00 -0700 Subject: [PATCH 4/7] Remove WITH_TLS CMake variable --- cmake/FDBComponents.cmake | 11 +++++------ fdbrpc/CMakeLists.txt | 7 +------ flow/CMakeLists.txt | 22 ++++++---------------- flowbench/CMakeLists.txt | 7 +------ 4 files changed, 13 insertions(+), 34 deletions(-) diff --git a/cmake/FDBComponents.cmake b/cmake/FDBComponents.cmake index 7710e871a5..f0081df9c9 100644 --- a/cmake/FDBComponents.cmake +++ b/cmake/FDBComponents.cmake @@ -27,13 +27,12 @@ if(USE_WOLFSSL) find_package(WolfSSL) if(WOLFSSL_FOUND) set(CMAKE_REQUIRED_INCLUDES ${WOLFSSL_INCLUDE_DIR}) - set(WITH_TLS ON) add_compile_options(-DHAVE_OPENSSL) add_compile_options(-DHAVE_WOLFSSL) else() message(STATUS "WolfSSL was not found - Will compile without TLS Support") message(STATUS "You can set WOLFSSL_ROOT_DIR to help cmake find it") - set(WITH_TLS OFF) + message(FATAL_ERROR "Unable to find WolfSSL") endif() elseif(USE_OPENSSL) set(OPENSSL_USE_STATIC_LIBS TRUE) @@ -43,13 +42,14 @@ elseif(USE_OPENSSL) find_package(OpenSSL) if(OPENSSL_FOUND) set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIR}) - set(WITH_TLS ON) add_compile_options(-DHAVE_OPENSSL) else() message(STATUS "OpenSSL was not found - Will compile without TLS Support") message(STATUS "You can set OPENSSL_ROOT_DIR to help cmake find it") - set(WITH_TLS OFF) + message(FATAL_ERROR "Unable to find OpenSSL") endif() +else() + message(FATAL_ERROR "Must set USE_WOLFSSL or USE_OPENSSL") endif() ################################################################################ @@ -250,7 +250,6 @@ function(print_components) message(STATUS "Build Java Bindings: ${WITH_JAVA_BINDING}") message(STATUS "Build Go bindings: ${WITH_GO_BINDING}") message(STATUS "Build Ruby bindings: ${WITH_RUBY_BINDING}") - message(STATUS "Build with TLS support: ${WITH_TLS}") message(STATUS "Build Documentation (make html): ${WITH_DOCUMENTATION}") message(STATUS "Build Python sdist (make package): ${WITH_PYTHON_BINDING}") message(STATUS "Configure CTest (depends on Python): ${WITH_PYTHON}") @@ -260,7 +259,7 @@ function(print_components) endfunction() if(FORCE_ALL_COMPONENTS) - if(NOT WITH_C_BINDING OR NOT WITH_JAVA_BINDING OR NOT WITH_TLS OR NOT WITH_GO_BINDING OR NOT WITH_RUBY_BINDING OR NOT WITH_PYTHON_BINDING OR NOT WITH_DOCUMENTATION) + if(NOT WITH_C_BINDING OR NOT WITH_JAVA_BINDING OR NOT WITH_GO_BINDING OR NOT WITH_RUBY_BINDING OR NOT WITH_PYTHON_BINDING OR NOT WITH_DOCUMENTATION) print_components() message(FATAL_ERROR "FORCE_ALL_COMPONENTS is set but not all dependencies could be found") endif() diff --git a/fdbrpc/CMakeLists.txt b/fdbrpc/CMakeLists.txt index 3be4954666..00e13e564d 100644 --- a/fdbrpc/CMakeLists.txt +++ b/fdbrpc/CMakeLists.txt @@ -7,6 +7,7 @@ set(FDBRPC_SRCS AsyncFileReadAhead.actor.h AsyncFileWinASIO.actor.h AsyncFileCached.actor.cpp + AsyncFileEncrypted.actor.cpp AsyncFileNonDurable.actor.cpp AsyncFileWriteChecker.cpp FailureMonitor.actor.cpp @@ -45,12 +46,6 @@ set(FDBRPC_SRCS TraceFileIO.cpp TSSComparison.h) -if(WITH_TLS) - set(FDBRPC_SRCS - ${FDBRPC_SRCS} - AsyncFileEncrypted.actor.cpp) -endif() - set(COMPILE_EIO OFF) if(NOT WIN32) diff --git a/flow/CMakeLists.txt b/flow/CMakeLists.txt index bf390d4b88..7493dfee94 100644 --- a/flow/CMakeLists.txt +++ b/flow/CMakeLists.txt @@ -58,6 +58,7 @@ set(FLOW_SRCS SignalSafeUnwind.cpp SignalSafeUnwind.h SimpleOpt.h + StreamCipher.cpp StreamCipher.h SystemMonitor.cpp SystemMonitor.h @@ -108,12 +109,6 @@ set(FLOW_SRCS xxhash.c xxhash.h) -if(WITH_TLS) - set(FLOW_SRCS - ${FLOW_SRCS} - StreamCipher.cpp) -endif() - add_library(stacktrace stacktrace.amalgamation.cpp stacktrace.h) if (USE_ASAN) target_compile_definitions(stacktrace PRIVATE ADDRESS_SANITIZER) @@ -170,16 +165,11 @@ if(USE_VALGRIND) target_link_libraries(flow PUBLIC Valgrind) target_link_libraries(flow_sampling PUBLIC Valgrind) endif() -if(NOT WITH_TLS) - target_compile_definitions(flow PUBLIC TLS_DISABLED) - target_compile_definitions(flow_sampling PUBLIC TLS_DISABLED) -else() - target_link_libraries(flow PUBLIC OpenSSL::SSL) - target_link_libraries(flow_sampling PUBLIC OpenSSL::SSL) - if(USE_WOLFSSL) - target_include_directories(flow SYSTEM BEFORE PUBLIC ${WOLFSSL_INCLUDE_DIR}/wolfssl) - target_include_directories(flow_sampling SYSTEM BEFORE PUBLIC ${WOLFSSL_INCLUDE_DIR}/wolfssl) - endif() +target_link_libraries(flow PUBLIC OpenSSL::SSL) +target_link_libraries(flow_sampling PUBLIC OpenSSL::SSL) +if(USE_WOLFSSL) + target_include_directories(flow SYSTEM BEFORE PUBLIC ${WOLFSSL_INCLUDE_DIR}/wolfssl) + target_include_directories(flow_sampling SYSTEM BEFORE PUBLIC ${WOLFSSL_INCLUDE_DIR}/wolfssl) endif() target_link_libraries(flow PUBLIC Threads::Threads ${CMAKE_DL_LIBS}) target_link_libraries(flow_sampling PUBLIC Threads::Threads ${CMAKE_DL_LIBS}) diff --git a/flowbench/CMakeLists.txt b/flowbench/CMakeLists.txt index 71509a0404..8378c9c8ab 100644 --- a/flowbench/CMakeLists.txt +++ b/flowbench/CMakeLists.txt @@ -1,6 +1,7 @@ set(FLOWBENCH_SRCS flowbench.actor.cpp BenchCallback.actor.cpp + BenchEncrypt.cpp BenchHash.cpp BenchIterate.cpp BenchIONet2.actor.cpp @@ -16,12 +17,6 @@ set(FLOWBENCH_SRCS GlobalData.h GlobalData.cpp) -if(WITH_TLS AND NOT WIN32) - set(FLOWBENCH_SRCS - ${FLOWBENCH_SRCS} - BenchEncrypt.cpp) -endif() - project (flowbench) # include the configurations from benchmark.cmake configure_file(benchmark.cmake googlebenchmark-download/CMakeLists.txt) From 06825775db6068a5493bbd00186a4091c171ef1f Mon Sep 17 00:00:00 2001 From: sfc-gh-tclinkenbeard Date: Mon, 2 May 2022 22:56:06 -0700 Subject: [PATCH 5/7] Fix formatting of lines with TLS_OPTION_FLAGS --- fdbbackup/FileConverter.h | 2 +- fdbbackup/backup.actor.cpp | 66 +++++++++++++++++++++++------------ fdbcli/fdbcli.actor.cpp | 3 +- fdbserver/fdbserver.actor.cpp | 2 +- flow/TLSConfig.actor.h | 5 +-- 5 files changed, 51 insertions(+), 27 deletions(-) diff --git a/fdbbackup/FileConverter.h b/fdbbackup/FileConverter.h index 251f8d004a..37a5c3f761 100644 --- a/fdbbackup/FileConverter.h +++ b/fdbbackup/FileConverter.h @@ -65,7 +65,7 @@ CSimpleOpt::SOption gConverterOptions[] = { { OPT_CONTAINER, "-r", SO_REQ_SEP }, { OPT_INPUT_FILE, "-i", SO_REQ_SEP }, { OPT_INPUT_FILE, "--input", SO_REQ_SEP }, { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, - TLS_OPTION_FLAGS + TLS_OPTION_FLAGS, { OPT_BUILD_FLAGS, "--build-flags", SO_NONE }, { OPT_LIST_ONLY, "--list-only", SO_NONE }, { OPT_KEY_PREFIX, "-k", SO_REQ_SEP }, diff --git a/fdbbackup/backup.actor.cpp b/fdbbackup/backup.actor.cpp index 03f572e340..9ce6b03b18 100644 --- a/fdbbackup/backup.actor.cpp +++ b/fdbbackup/backup.actor.cpp @@ -220,7 +220,8 @@ CSimpleOpt::SOption g_rgAgentOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupStartOptions[] = { @@ -266,7 +267,8 @@ CSimpleOpt::SOption g_rgBackupStartOptions[] = { { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, { OPT_INCREMENTALONLY, "--incremental", SO_NONE }, { OPT_ENCRYPTION_KEY_FILE, "--encryption-key-file", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupModifyOptions[] = { @@ -329,7 +331,8 @@ CSimpleOpt::SOption g_rgBackupStatusOptions[] = { { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_JSON, "--json", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupAbortOptions[] = { @@ -355,7 +358,8 @@ CSimpleOpt::SOption g_rgBackupAbortOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupCleanupOptions[] = { @@ -381,7 +385,8 @@ CSimpleOpt::SOption g_rgBackupCleanupOptions[] = { { OPT_KNOB, "--knob-", SO_REQ_SEP }, { OPT_DELETE_DATA, "--delete-data", SO_NONE }, { OPT_MIN_CLEANUP_SECONDS, "--min-cleanup-seconds", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupDiscontinueOptions[] = { @@ -409,7 +414,8 @@ CSimpleOpt::SOption g_rgBackupDiscontinueOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupWaitOptions[] = { @@ -437,7 +443,8 @@ CSimpleOpt::SOption g_rgBackupWaitOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupPauseOptions[] = { @@ -461,7 +468,8 @@ CSimpleOpt::SOption g_rgBackupPauseOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupExpireOptions[] = { @@ -497,7 +505,8 @@ CSimpleOpt::SOption g_rgBackupExpireOptions[] = { { OPT_EXPIRE_BEFORE_DATETIME, "--expire-before-timestamp", SO_REQ_SEP }, { OPT_EXPIRE_MIN_RESTORABLE_DAYS, "--min-restorable-days", SO_REQ_SEP }, { OPT_EXPIRE_DELETE_BEFORE_DAYS, "--delete-before-days", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupDeleteOptions[] = { @@ -523,7 +532,8 @@ CSimpleOpt::SOption g_rgBackupDeleteOptions[] = { { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupDescribeOptions[] = { @@ -554,7 +564,8 @@ CSimpleOpt::SOption g_rgBackupDescribeOptions[] = { { OPT_DESCRIBE_DEEP, "--deep", SO_NONE }, { OPT_DESCRIBE_TIMESTAMPS, "--version-timestamps", SO_NONE }, { OPT_JSON, "--json", SO_NONE }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupDumpOptions[] = { @@ -583,7 +594,8 @@ CSimpleOpt::SOption g_rgBackupDumpOptions[] = { { OPT_KNOB, "--knob-", SO_REQ_SEP }, { OPT_DUMP_BEGIN, "--begin", SO_REQ_SEP }, { OPT_DUMP_END, "--end", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupTagsOptions[] = { @@ -598,7 +610,8 @@ CSimpleOpt::SOption g_rgBackupTagsOptions[] = { { OPT_TRACE_LOG_GROUP, "--loggroup", SO_REQ_SEP }, { OPT_QUIET, "-q", SO_NONE }, { OPT_QUIET, "--quiet", SO_NONE }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupListOptions[] = { @@ -623,7 +636,8 @@ CSimpleOpt::SOption g_rgBackupListOptions[] = { { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgBackupQueryOptions[] = { @@ -656,7 +670,8 @@ CSimpleOpt::SOption g_rgBackupQueryOptions[] = { { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_BLOB_CREDENTIALS, "--blob-credentials", SO_REQ_SEP }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; // g_rgRestoreOptions is used by fdbrestore and fastrestore_tool @@ -702,7 +717,8 @@ CSimpleOpt::SOption g_rgRestoreOptions[] = { { OPT_RESTORE_BEGIN_VERSION, "--begin-version", SO_REQ_SEP }, { OPT_RESTORE_INCONSISTENT_SNAPSHOT_ONLY, "--inconsistent-snapshot-only", SO_NONE }, { OPT_ENCRYPTION_KEY_FILE, "--encryption-key-file", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBAgentOptions[] = { @@ -732,7 +748,8 @@ CSimpleOpt::SOption g_rgDBAgentOptions[] = { { OPT_HELP, "-h", SO_NONE }, { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBStartOptions[] = { @@ -762,7 +779,8 @@ CSimpleOpt::SOption g_rgDBStartOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBStatusOptions[] = { @@ -792,7 +810,8 @@ CSimpleOpt::SOption g_rgDBStatusOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBSwitchOptions[] = { @@ -821,7 +840,8 @@ CSimpleOpt::SOption g_rgDBSwitchOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBAbortOptions[] = { @@ -851,7 +871,8 @@ CSimpleOpt::SOption g_rgDBAbortOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; CSimpleOpt::SOption g_rgDBPauseOptions[] = { @@ -877,7 +898,8 @@ CSimpleOpt::SOption g_rgDBPauseOptions[] = { { OPT_HELP, "--help", SO_NONE }, { OPT_DEVHELP, "--dev-help", SO_NONE }, { OPT_KNOB, "--knob-", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; const KeyRef exeAgent = LiteralStringRef("backup_agent"); diff --git a/fdbcli/fdbcli.actor.cpp b/fdbcli/fdbcli.actor.cpp index af920e63ba..1df6662fd9 100644 --- a/fdbcli/fdbcli.actor.cpp +++ b/fdbcli/fdbcli.actor.cpp @@ -125,7 +125,8 @@ CSimpleOpt::SOption g_rgOptions[] = { { OPT_CONNFILE, "-C", SO_REQ_SEP }, { OPT_DEBUG_TLS, "--debug-tls", SO_NONE }, { OPT_API_VERSION, "--api-version", SO_REQ_SEP }, { OPT_MEMORY, "--memory", SO_REQ_SEP }, - TLS_OPTION_FLAGS SO_END_OF_OPTIONS }; + TLS_OPTION_FLAGS, + SO_END_OF_OPTIONS }; void printAtCol(const char* text, int col, FILE* stream = stdout) { const char* iter = text; diff --git a/fdbserver/fdbserver.actor.cpp b/fdbserver/fdbserver.actor.cpp index d3737536a2..9c9635d20e 100644 --- a/fdbserver/fdbserver.actor.cpp +++ b/fdbserver/fdbserver.actor.cpp @@ -204,7 +204,7 @@ CSimpleOpt::SOption g_rgOptions[] = { { OPT_FLOW_PROCESS_NAME, "--process-name", SO_REQ_SEP }, { OPT_FLOW_PROCESS_ENDPOINT, "--process-endpoint", SO_REQ_SEP }, { OPT_IP_TRUSTED_MASK, "--trusted-subnet-", SO_REQ_SEP }, - TLS_OPTION_FLAGS + TLS_OPTION_FLAGS, SO_END_OF_OPTIONS }; diff --git a/flow/TLSConfig.actor.h b/flow/TLSConfig.actor.h index ec1e0e7c64..248f9aa3cd 100644 --- a/flow/TLSConfig.actor.h +++ b/flow/TLSConfig.actor.h @@ -257,8 +257,9 @@ public: { TLSConfig::OPT_TLS_CERTIFICATES, TLS_CERTIFICATE_FILE_FLAG, SO_REQ_SEP }, \ { TLSConfig::OPT_TLS_KEY, TLS_KEY_FILE_FLAG, SO_REQ_SEP }, \ { TLSConfig::OPT_TLS_VERIFY_PEERS, TLS_VERIFY_PEERS_FLAG, SO_REQ_SEP }, \ - { TLSConfig::OPT_TLS_PASSWORD, TLS_PASSWORD_FLAG, SO_REQ_SEP }, \ - { TLSConfig::OPT_TLS_CA_FILE, TLS_CA_FILE_FLAG, SO_REQ_SEP }, + { TLSConfig::OPT_TLS_PASSWORD, TLS_PASSWORD_FLAG, SO_REQ_SEP }, { \ + TLSConfig::OPT_TLS_CA_FILE, TLS_CA_FILE_FLAG, SO_REQ_SEP \ + } #define TLS_HELP \ " " TLS_CERTIFICATE_FILE_FLAG " CERTFILE\n" \ From 258ba462e17e5b0a8ceb752642fd26ef36c11559 Mon Sep 17 00:00:00 2001 From: sfc-gh-tclinkenbeard Date: Tue, 3 May 2022 09:48:24 -0700 Subject: [PATCH 6/7] Remove !defined(_WIN32) guards for encryption code --- fdbclient/BackupContainerS3BlobStore.actor.cpp | 2 -- fdbserver/workloads/UnitTests.actor.cpp | 4 ---- flow/Platform.actor.cpp | 4 ---- 3 files changed, 10 deletions(-) diff --git a/fdbclient/BackupContainerS3BlobStore.actor.cpp b/fdbclient/BackupContainerS3BlobStore.actor.cpp index af3fb9d128..413c8ea09b 100644 --- a/fdbclient/BackupContainerS3BlobStore.actor.cpp +++ b/fdbclient/BackupContainerS3BlobStore.actor.cpp @@ -20,9 +20,7 @@ #include "fdbclient/AsyncFileS3BlobStore.actor.h" #include "fdbclient/BackupContainerS3BlobStore.h" -#if (!defined(_WIN32)) #include "fdbrpc/AsyncFileEncrypted.h" -#endif #include "fdbrpc/AsyncFileReadAhead.actor.h" #include "flow/actorcompiler.h" // This must be the last #include. diff --git a/fdbserver/workloads/UnitTests.actor.cpp b/fdbserver/workloads/UnitTests.actor.cpp index 1545f78ab8..4ad6feab78 100644 --- a/fdbserver/workloads/UnitTests.actor.cpp +++ b/fdbserver/workloads/UnitTests.actor.cpp @@ -28,10 +28,8 @@ void forceLinkFlowTests(); void forceLinkVersionedMapTests(); void forceLinkMemcpyTests(); void forceLinkMemcpyPerfTests(); -#if (!defined(_WIN32)) void forceLinkStreamCipherTests(); void forceLinkBlobCipherTests(); -#endif void forceLinkParallelStreamTests(); void forceLinkSimExternalConnectionTests(); void forceLinkMutationLogReaderTests(); @@ -79,10 +77,8 @@ struct UnitTestWorkload : TestWorkload { forceLinkVersionedMapTests(); forceLinkMemcpyTests(); forceLinkMemcpyPerfTests(); -#if (!defined(_WIN32)) forceLinkStreamCipherTests(); void forceLinkBlobCipherTests(); -#endif forceLinkParallelStreamTests(); forceLinkSimExternalConnectionTests(); forceLinkMutationLogReaderTests(); diff --git a/flow/Platform.actor.cpp b/flow/Platform.actor.cpp index d29aea5c22..5003487591 100644 --- a/flow/Platform.actor.cpp +++ b/flow/Platform.actor.cpp @@ -31,10 +31,8 @@ #include "flow/Platform.actor.h" #include "flow/Arena.h" -#if (!defined(_WIN32)) #include "flow/StreamCipher.h" #include "flow/BlobCipher.h" -#endif #include "flow/Trace.h" #include "flow/Error.h" @@ -3552,11 +3550,9 @@ void crashHandler(int sig) { bool error = (sig != SIGUSR2); -#if (!defined(_WIN32)) StreamCipherKey::cleanup(); StreamCipher::cleanup(); BlobCipherKeyCache::cleanup(); -#endif fflush(stdout); { From 225146176d1ef0bd24fab47e6f581d2178cc54a4 Mon Sep 17 00:00:00 2001 From: sfc-gh-tclinkenbeard Date: Tue, 3 May 2022 12:13:09 -0700 Subject: [PATCH 7/7] Apply clang-format to fdbcli.actor.cpp and Net2.actor.cpp --- fdbcli/fdbcli.actor.cpp | 3 +-- flow/Net2.actor.cpp | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/fdbcli/fdbcli.actor.cpp b/fdbcli/fdbcli.actor.cpp index 1df6662fd9..ad8dcaa6e2 100644 --- a/fdbcli/fdbcli.actor.cpp +++ b/fdbcli/fdbcli.actor.cpp @@ -444,8 +444,7 @@ static void printProgramUsage(const char* name) { " --no-status Disables the initial status check done when starting\n" " the CLI.\n" " --api-version APIVERSION\n" - " Specifies the version of the API for the CLI to use.\n" - TLS_HELP + " Specifies the version of the API for the CLI to use.\n" TLS_HELP " --knob-KNOBNAME KNOBVALUE\n" " Changes a knob option. KNOBNAME should be lowercase.\n" " --debug-tls Prints the TLS configuration and certificate chain, then exits.\n" diff --git a/flow/Net2.actor.cpp b/flow/Net2.actor.cpp index 0778fefde8..19cd12c813 100644 --- a/flow/Net2.actor.cpp +++ b/flow/Net2.actor.cpp @@ -1208,8 +1208,8 @@ Net2::Net2(const TLSConfig& tlsConfig, bool useThreadPool, bool useMetrics) : globals(enumGlobal::COUNT), useThreadPool(useThreadPool), reactor(this), sslContextVar({ ReferencedObject::from( boost::asio::ssl::context(boost::asio::ssl::context::tls)) }), - sslHandshakerThreadsStarted(0), sslPoolHandshakesInProgress(0), - tlsConfig(tlsConfig), tlsInitializedState(ETLSInitState::NONE), network(this), tscBegin(0), tscEnd(0), taskBegin(0), + sslHandshakerThreadsStarted(0), sslPoolHandshakesInProgress(0), tlsConfig(tlsConfig), + tlsInitializedState(ETLSInitState::NONE), network(this), tscBegin(0), tscEnd(0), taskBegin(0), currentTaskID(TaskPriority::DefaultYield), tasksIssued(0), stopped(false), started(false), numYields(0), lastPriorityStats(nullptr), ready(FLOW_KNOBS->READY_QUEUE_RESERVED_SIZE) { // Until run() is called, yield() will always yield