Delete the openssl related code to restore debugger

2020-09-10 11:14:11 +08:00 · 2020-09-10 11:14:11 +08:00 · af9c9b5129
parent 47ca1e3128
commit af9c9b5129
5 changed files with 7 additions and 224 deletions
--- a/config/debugger_config.json
+++ b/config/debugger_config.json
@ -1,14 +0,0 @@
-{
-  "DebuggerSettings": {
-    "ssl_certificate": true,
-    "certificate_path": "/home/maning/sslcertificates/client.pfx",
-    "certificate_passphrase": "12345678"
-  },
-
-  "DebuggerSettingsSpec": {
-    "ssl_certificate": "true, secure_mode enable, default is true",
-    "certificate_path": "path to the certificate file",
-    "certificate_passphrase": "passphrase of the certificate"
-  },
-  "other": {}
-}
--- a/mindspore/ccsrc/debug/debugger/debugger.cc
+++ b/mindspore/ccsrc/debug/debugger/debugger.cc
@ -30,11 +30,6 @@
 #include "backend/session/anf_runtime_algorithm.h"
 #include "runtime/device/kernel_runtime_manager.h"

-#include "utils/system/file_system.h"
-#include "utils/system/env.h"
-#include <nlohmann/json.hpp>
-using json = nlohmann::json;
-
 using debugger::EventReply;
 using debugger::GraphProto;
 using debugger::ModelProto;
@ -65,10 +60,7 @@ Debugger::Debugger()
      is_dataset_graph_(false),
      partial_memory_(false),
      last_overflow_bin_(0),
-      overflow_bin_path_(""),
-      ssl_certificate(true),
-      certificate_dir(""),
-      certificate_passphrase("") {}
+      overflow_bin_path_("") {}

 void Debugger::Init(const uint32_t device_id, const std::string device_target) {
  // access lock for public method
@ -182,8 +174,7 @@ void Debugger::EnableDebugger() {

  // initialize grpc client
  if (debugger_enabled_) {
-    SetDebuggerConfFromJsonFile();
-    grpc_client_ = std::make_unique<GrpcClient>(host, port, ssl_certificate, certificate_dir, certificate_passphrase);
+    grpc_client_ = std::make_unique<GrpcClient>(host, port);
  }

  debug_services_ = std::make_unique<DebugServices>();
@ -778,88 +769,4 @@ std::vector<std::string> Debugger::CheckOpOverflow() {
  return op_names;
 }

-bool Debugger::SetDebuggerConfFromJsonFile() {
-  const char *config_path_str = std::getenv("MINDSPORE_CONFIG_PATH");
-  if (config_path_str != nullptr) {
-    MS_LOG(INFO) << "Getenv MINDSPORE_CONFIG_PATH :" << config_path_str;
-  } else {
-    MS_LOG(INFO) << "No need debugger config path. please export MINDSPORE_CONFIG_PATH eg: MINDSPORE_CONFIG_PATH=/etc";
-    ssl_certificate = false;
-    return false;
-  }
-  char real_path[4096] = {0};
-  if (nullptr == realpath(config_path_str, real_path)) {
-    MS_LOG(ERROR) << "Env debugger config path error, " << config_path_str;
-    ssl_certificate = false;
-    return false;
-  }
-  std::string debugger_config_file = std::string(real_path) + "/debugger_config.json";
-  std::shared_ptr<system::FileSystem> fs = system::Env::GetFileSystem();
-  MS_EXCEPTION_IF_NULL(fs);
-  if (!fs->FileExist(debugger_config_file)) {
-    MS_LOG(ERROR) << debugger_config_file << " not exist.";
-    ssl_certificate = false;
-    return false;
-  }
-
-  return ParseDebuggerConfig(debugger_config_file);
-}
-
-bool Debugger::ParseDebuggerConfig(const std::string &debugger_config_file) {
-  std::ifstream jsonFile(debugger_config_file);
-  if (!jsonFile.is_open()) {
-    MS_LOG(ERROR) << debugger_config_file << " open failed.";
-    ssl_certificate = false;
-    return false;
-  }
-  json j;
-  jsonFile >> j;
-  if (j.find("DebuggerSettings") == j.end()) {
-    MS_LOG(ERROR) << "DebuggerSettings is not exist.";
-    ssl_certificate = false;
-    return false;
-  } else {
-    json debuggerSettings = j.at("DebuggerSettings");
-    // convert json to string
-    std::stringstream ss;
-    ss << debuggerSettings;
-    std::string cfg = ss.str();
-    MS_LOG(INFO) << "Debugger Settings Json: " << cfg;
-    if (!IsConfigExist(debuggerSettings)) {
-      return false;
-    }
-    if (!IsConfigValid(debuggerSettings)) {
-      return false;
-    }
-  }
-  return true;
-}
-
-bool Debugger::IsConfigExist(const nlohmann::json &debuggerSettings) {
-  if (debuggerSettings.find("ssl_certificate") == debuggerSettings.end() ||
-      debuggerSettings.find("certificate_dir") == debuggerSettings.end() ||
-      debuggerSettings.find("certificate_passphrase") == debuggerSettings.end()) {
-    MS_LOG(ERROR) << "DebuggerSettings keys is not exist.";
-    ssl_certificate = false;
-    return false;
-  }
-  return true;
-}
-
-bool Debugger::IsConfigValid(const nlohmann::json &debuggerSettings) {
-  auto enable_secure = debuggerSettings.at("ssl_certificate");
-  auto certificate_dir_ = debuggerSettings.at("certificate_dir");
-  auto certificate_passphrase_ = debuggerSettings.at("certificate_passphrase");
-  if (!(enable_secure.is_boolean() && certificate_dir_.is_string() && certificate_passphrase_.is_string())) {
-    MS_LOG(ERROR) << "Element's type in Debugger config json is invalid.";
-    ssl_certificate = false;
-    return false;
-  }
-
-  ssl_certificate = enable_secure;
-  certificate_dir = certificate_dir_;
-  certificate_passphrase = certificate_passphrase_;
-  return true;
-}
-
 }  // namespace mindspore
--- a/mindspore/ccsrc/debug/debugger/debugger.h
+++ b/mindspore/ccsrc/debug/debugger/debugger.h
@ -25,7 +25,6 @@
 #include "backend/session/kernel_graph.h"
 #include "debug/debugger/grpc_client.h"
 #include "debug/debug_services.h"
-#include <nlohmann/json.hpp>

 using debugger::Chunk;
 using debugger::DataType;
@ -165,14 +164,6 @@ class Debugger : public std::enable_shared_from_this<Debugger> {
  // singleton
  static std::mutex instance_lock_;
  static std::shared_ptr<Debugger> debugger_;
-
-  bool ssl_certificate;
-  std::string certificate_dir;
-  std::string certificate_passphrase;
-  bool SetDebuggerConfFromJsonFile();
-  bool ParseDebuggerConfig(const std::string &dump_config_file);
-  bool IsConfigExist(const nlohmann::json &dumpSettings);
-  bool IsConfigValid(const nlohmann::json &dumpSettings);
 };

 using DebuggerPtr = std::shared_ptr<Debugger>;
--- a/mindspore/ccsrc/debug/debugger/grpc_client.cc
+++ b/mindspore/ccsrc/debug/debugger/grpc_client.cc
@ -15,14 +15,6 @@
 */
 #include "debug/debugger/grpc_client.h"

-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-#include <openssl/x509.h>
-#include <openssl/evp.h>
-
 #include <thread>
 #include <vector>
 #include "utils/log_adapter.h"
@ -39,96 +31,13 @@ using debugger::WatchpointHit;
 #define CHUNK_SIZE 1024 * 1024 * 3

 namespace mindspore {
-GrpcClient::GrpcClient(const std::string &host, const std::string &port, const bool &ssl_certificate,
-                       const std::string &certificate_dir, const std::string &certificate_passphrase)
-    : stub_(nullptr) {
-  Init(host, port, ssl_certificate, certificate_dir, certificate_passphrase);
-}
+GrpcClient::GrpcClient(const std::string &host, const std::string &port) : stub_(nullptr) { Init(host, port); }

-void GrpcClient::Init(const std::string &host, const std::string &port, const bool &ssl_certificate,
-                      const std::string &certificate_dir, const std::string &certificate_passphrase) {
+void GrpcClient::Init(const std::string &host, const std::string &port) {
  std::string target_str = host + ":" + port;
  MS_LOG(INFO) << "GrpcClient connecting to: " << target_str;

-  std::shared_ptr<grpc::Channel> channel;
-  if (ssl_certificate) {
-    FILE *fp;
-    EVP_PKEY *pkey = NULL;
-    X509 *cert = NULL;
-    STACK_OF(X509) *ca = NULL;
-    PKCS12 *p12 = NULL;
-
-    if ((fp = fopen(certificate_dir.c_str(), "rb")) == NULL) {
-      MS_LOG(ERROR) << "Error opening file: " << certificate_dir;
-      exit(EXIT_FAILURE);
-    }
-    p12 = d2i_PKCS12_fp(fp, NULL);
-    fclose(fp);
-    if (p12 == NULL) {
-      MS_LOG(ERROR) << "Error reading PKCS#12 file";
-      X509_free(cert);
-      EVP_PKEY_free(pkey);
-      sk_X509_pop_free(ca, X509_free);
-      exit(EXIT_FAILURE);
-    }
-    if (!PKCS12_parse(p12, certificate_passphrase.c_str(), &pkey, &cert, &ca)) {
-      MS_LOG(ERROR) << "Error parsing PKCS#12 file";
-      X509_free(cert);
-      EVP_PKEY_free(pkey);
-      sk_X509_pop_free(ca, X509_free);
-      exit(EXIT_FAILURE);
-    }
-    std::string strca;
-    std::string strcert;
-    std::string strkey;
-
-    if (pkey == NULL || cert == NULL || ca == NULL) {
-      MS_LOG(ERROR) << "Error private key or cert or CA certificate.";
-      X509_free(cert);
-      EVP_PKEY_free(pkey);
-      sk_X509_pop_free(ca, X509_free);
-      exit(EXIT_FAILURE);
-    } else {
-      ASN1_TIME *validtime = X509_getm_notAfter(cert);
-      if (X509_cmp_current_time(validtime) < 0) {
-        MS_LOG(ERROR) << "This certificate is over its valid time, please use a new certificate.";
-        X509_free(cert);
-        EVP_PKEY_free(pkey);
-        sk_X509_pop_free(ca, X509_free);
-        exit(EXIT_FAILURE);
-      }
-      int nid = X509_get_signature_nid(cert);
-      int keybit = EVP_PKEY_bits(pkey);
-      if (nid == NID_sha1) {
-        MS_LOG(WARNING) << "Signature algrithm is sha1, which maybe not secure enough.";
-      } else if (keybit < 2048) {
-        MS_LOG(WARNING) << "The private key bits is: " << keybit << ", which maybe not secure enough.";
-      }
-      int dwPriKeyLen = i2d_PrivateKey(pkey, NULL);  // get the length of private key
-      unsigned char *pribuf = (unsigned char *)malloc(sizeof(unsigned char) * dwPriKeyLen);
-      i2d_PrivateKey(pkey, &pribuf);  // PrivateKey DER code
-      strkey = std::string(reinterpret_cast<char const *>(pribuf), dwPriKeyLen);
-
-      int dwcertLen = i2d_X509(cert, NULL);  // get the length of private key
-      unsigned char *certbuf = (unsigned char *)malloc(sizeof(unsigned char) * dwcertLen);
-      i2d_X509(cert, &certbuf);  // PrivateKey DER code
-      strcert = std::string(reinterpret_cast<char const *>(certbuf), dwcertLen);
-
-      int dwcaLen = i2d_X509(sk_X509_value(ca, 0), NULL);  // get the length of private key
-      unsigned char *cabuf = (unsigned char *)malloc(sizeof(unsigned char) * dwcaLen);
-      i2d_X509(sk_X509_value(ca, 0), &cabuf);  // PrivateKey DER code
-      strca = std::string(reinterpret_cast<char const *>(cabuf), dwcaLen);
-
-      free(pribuf);
-      free(certbuf);
-      free(cabuf);
-    }
-
-    grpc::SslCredentialsOptions opts = {strca, strkey, strcert};
-    channel = grpc::CreateChannel(target_str, grpc::SslCredentials(opts));
-  } else {
-    channel = grpc::CreateChannel(target_str, grpc::InsecureChannelCredentials());
-  }
+  std::shared_ptr<grpc::Channel> channel = grpc::CreateChannel(target_str, grpc::InsecureChannelCredentials());
  stub_ = EventListener::NewStub(channel);
 }

--- a/mindspore/ccsrc/debug/debugger/grpc_client.h
+++ b/mindspore/ccsrc/debug/debugger/grpc_client.h
@ -17,17 +17,9 @@
 #define MINDSPORE_CCSRC_DEBUG_DEBUGGER_GRPC_CLIENT_H_

 #include <grpcpp/grpcpp.h>
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/pem.h>
-#include <openssl/err.h>
-#include <openssl/pkcs12.h>
-
 #include <string>
 #include <list>
 #include <memory>
-
 #include "proto/debug_grpc.grpc.pb.h"

 using debugger::EventListener;
@ -41,15 +33,13 @@ namespace mindspore {
 class GrpcClient {
 public:
  // constructor
-  GrpcClient(const std::string &host, const std::string &port, const bool &ssl_certificate,
-             const std::string &certificate_dir, const std::string &certificate_passphrase);
+  GrpcClient(const std::string &host, const std::string &port);

  // deconstructor
  ~GrpcClient() = default;

  // init
-  void Init(const std::string &host, const std::string &port, const bool &ssl_certificate,
-            const std::string &certificate_dir, const std::string &certificate_passphrase);
+  void Init(const std::string &host, const std::string &port);

  // reset
  void Reset();