mirror of
https://github.com/apple/foundationdb.git
synced 2025-06-02 19:25:52 +08:00
fixup! Address issues per comment
Also try to introduce [[unlikely]] to ASSERT, this is related to issue #11422
This commit is contained in:
Xiaoge Su
parent
4b70993d89
commit
390e88c0ae
@ -50,6 +50,8 @@ TLSPolicy::~TLSPolicy() {}
|
||||
#include <openssl/x509v3.h>
|
||||
#include <openssl/x509_vfy.h>
|
||||
|
||||
#include <fmt/core.h>
|
||||
|
||||
#include "flow/Platform.h"
|
||||
#include "flow/IAsyncFile.h"
|
||||
#include "flow/FastRef.h"
|
||||
@ -734,7 +736,7 @@ public:
|
||||
std::string getX509Name(const X509_NAME* name) {
|
||||
std::unique_ptr<BIO, decltype(&BIO_free)> out(BIO_new(BIO_s_mem()), BIO_free);
|
||||
if (out == nullptr) {
|
||||
return std::string("Unable to allocate OpenSSL BIO");
|
||||
throw internal_error_msg("Unable to allocate OpenSSL BIO");
|
||||
}
|
||||
X509_NAME_print_ex(out.get(), name, /* indent= */ 0, /* flags */ XN_FLAG_ONELINE);
|
||||
unsigned char* rawName = nullptr;
|
||||
@ -811,7 +813,7 @@ bool PeerVerifier::matchExtensionCriteria(const X509* cert,
|
||||
}
|
||||
|
||||
// No entry matches
|
||||
m_verifyState.emplace_back("NoMatchingEntry");
|
||||
m_verifyState.emplace_back("NoMatchingEntry"sv);
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -888,9 +890,6 @@ bool PeerVerifier::verifyRule(const TLSPolicy::Rule& rule) {
|
||||
ASSERT(cert != nullptr);
|
||||
|
||||
m_verifyState.emplace_back("Subject"sv);
|
||||
if (deterministicRandom()->randomInt(0, 6) < 4) {
|
||||
return false;
|
||||
}
|
||||
if (auto subject = X509_get_subject_name(cert); subject != nullptr) {
|
||||
if (!verifyCriterias(cert, subject, rule.subject_criteria)) {
|
||||
return false;
|
||||
@ -1011,11 +1010,12 @@ bool TLSPolicy::verify_peer(bool preverified, X509_STORE_CTX* store_ctx) {
|
||||
for (size_t i = 0; i < rules.size(); ++i) {
|
||||
const auto& failureReason = verifier.getFailureReasons()[i];
|
||||
const auto& rule = rules[i];
|
||||
TraceEvent traceEvent(SevWarn, "TLSPolicyFailure");
|
||||
traceEvent.detail("Reason", failureReason).detail("Rule", rule.toString());
|
||||
if (i == rules.size() - 1) {
|
||||
traceEvent.suppressFor(1.0);
|
||||
}
|
||||
std::string eventName = fmt::format("TLSPolicyFailure{:02d}", i);
|
||||
|
||||
TraceEvent(SevWarn, eventName.c_str())
|
||||
.suppressFor(1.0)
|
||||
.detail("Reason", failureReason)
|
||||
.detail("Rule", rule.toString());
|
||||
}
|
||||
} else {
|
||||
TraceEvent(SevInfo, "TLSPolicySuccess").suppressFor(1.0).detail("Reason", verifier.getSuccessReason());
|
||||
|
||||
@ -897,7 +897,7 @@ BaseTraceEvent::BaseTraceEvent(BaseTraceEvent&& ev) {
|
||||
type = ev.type;
|
||||
timeIndex = ev.timeIndex;
|
||||
|
||||
for (int i = 0; i < 5; i++) {
|
||||
for (int i = 0; i < NUM_MAJOR_LEVELS_OF_EVENTS; i++) {
|
||||
eventCounts[i] = ev.eventCounts[i];
|
||||
}
|
||||
|
||||
@ -925,7 +925,7 @@ BaseTraceEvent& BaseTraceEvent::operator=(BaseTraceEvent&& ev) {
|
||||
type = ev.type;
|
||||
timeIndex = ev.timeIndex;
|
||||
|
||||
for (int i = 0; i < 5; i++) {
|
||||
for (int i = 0; i < NUM_MAJOR_LEVELS_OF_EVENTS; i++) {
|
||||
eventCounts[i] = ev.eventCounts[i];
|
||||
}
|
||||
|
||||
@ -1015,8 +1015,6 @@ BaseTraceEvent::State BaseTraceEvent::init() {
|
||||
if (g_network && severity < FLOW_KNOBS->MIN_TRACE_SEVERITY)
|
||||
enabled = BaseTraceEvent::State::disabled();
|
||||
|
||||
std::string_view typeSv(type);
|
||||
|
||||
// Backstop to throttle very spammy trace events
|
||||
if (enabled.isSuppressible() && g_network && !g_network->isSimulated() && severity > SevDebug &&
|
||||
isNetworkThread()) {
|
||||
|
||||
@ -85,7 +85,9 @@ extern const std::set<int> transactionRetryableErrors;
|
||||
|
||||
#undef ERROR
|
||||
#define ERROR(name, number, description) \
|
||||
inline Error name() { return Error(number); }; \
|
||||
inline Error name() { \
|
||||
return Error(number); \
|
||||
}; \
|
||||
enum { error_code_##name = number };
|
||||
|
||||
#include "error_definitions.h"
|
||||
@ -126,20 +128,20 @@ extern bool isAssertDisabled(int line);
|
||||
// #define ASSERT( condition ) ((void)0)
|
||||
#define ASSERT(condition) \
|
||||
do { \
|
||||
if (!((condition) || isAssertDisabled(__LINE__))) { \
|
||||
if (!((condition) || isAssertDisabled(__LINE__))) [[unlikely]] { \
|
||||
throw internal_error_impl(#condition, __FILE__, __LINE__); \
|
||||
} \
|
||||
} while (false)
|
||||
#define ASSERT_ABORT(condition) \
|
||||
do { \
|
||||
if (!((condition) || isAssertDisabled(__LINE__))) { \
|
||||
if (!((condition) || isAssertDisabled(__LINE__))) [[unlikely]] { \
|
||||
internal_error_impl(#condition, __FILE__, __LINE__); \
|
||||
abort(); \
|
||||
} \
|
||||
} while (false) // For use in destructors, where throwing exceptions is extremely dangerous
|
||||
#define UNSTOPPABLE_ASSERT(condition) \
|
||||
do { \
|
||||
if (!(condition)) { \
|
||||
if (!(condition)) [[unlikely]] { \
|
||||
throw internal_error_impl(#condition, __FILE__, __LINE__); \
|
||||
} \
|
||||
} while (false)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user