wbtiger
/
foundationdb
mirror of https://github.com/apple/foundationdb.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,499 Commits 34 Branches 304 Tags 265 MiB
Commit Graph

2499 Commits

Author SHA1 Message Date
Evan Tschannen e17dfea3b6 fix: desiredTLogCount was used instead of getDesiredLogs(), which caused problems with recruitment when desiredTLogCount was -1. 
canKillProcess logic was wrong.
We still need to configure usable_regions because if datacenterVersionDifference is too large we cannot complete data movement.
 2018-07-04 16:22:32 -04:00
Alex Miller 01659e34cc Move TLS libs into STATIC_LIBS to avoid having a make dependency on them. 
And fix STATIC_LIBS to be cross platform.
 2018-07-04 00:29:53 -07:00
Evan Tschannen ea3365dc38 fix: quiet database only needs to use repopulate_anti_quorum instead of reducing usable_regions 2018-07-04 02:52:00 -04:00
Evan Tschannen 66a6fbb219 Merge branch 'master' into feature-remote-logs 2018-07-04 01:59:30 -04:00
Evan Tschannen 866ccfe344 added the ability to allow the master to finish recovery before all storage servers in both regions have their mutations. This allows you to recover from scenarios where you lose all your tlogs in one dc. 2018-07-04 01:59:04 -04:00
Alex Miller 77aecd3900
Merge pull request #559 from bnamasivayam/force-recovery-hidden-command 
Add force_recovery_with_data_loss to hidden command list.
 2018-07-03 15:51:13 -07:00
Alex Miller 78c23e4e1e
Merge pull request #558 from AlvinMooreSr/tls-init 
Fixed problem with stack initialization of TLS Options class
 2018-07-03 15:50:33 -07:00
Balachandar Namasivayam cbdf598fa2 Add force_recovery_with_data_loss to hidden command list. 2018-07-03 15:04:11 -07:00
Alvin Moore 9ea0f0a5ae Fixed problem with stack initialization of TLS Options class 2018-07-03 15:02:53 -07:00
Alex Miller 37f0e4be09
Merge pull request #557 from AlvinMooreSr/tls-build 
Added support for specifying location of LibreSSL libraries via defin…
 2018-07-03 13:08:02 -07:00
Balachandar Namasivayam af07a3782f
Merge pull request #556 from etschannen/feature-remote-logs 
Attempted to fix force recovery
 2018-07-03 10:51:45 -07:00
Evan Tschannen c69d6166e3 another attempt at forced recovery 2018-07-03 13:42:58 -04:00
Alvin Moore ab255b444f Added support for specifying location of LibreSSL libraries via define TLS_LIBDIR 2018-07-03 09:01:01 -07:00
Evan Tschannen 57a8c6862e fix: force recovery did not work if the latest log set did not recover th 2018-07-02 23:48:22 -04:00
Evan Tschannen 88ddc1c228 Merge branch 'master' into feature-remote-logs 2018-07-02 22:36:23 -04:00
Evan Tschannen 9eb8dc3a59 fix: previous attempt at force recovery did not work because we need to treat the remote logs as local for peeking 2018-07-02 22:35:18 -04:00
Alex Miller 29f560bafe Fix a warning-turned-error about not returning from an unreachable point. 2018-07-02 14:31:06 -07:00
Evan Tschannen b635d40a8f
Merge pull request #553 from etschannen/feature-remote-logs 
Minor bug fixes and improvements
 2018-07-02 10:10:52 -07:00
Evan Tschannen f2ec80f10d added trace events for cluster controller changing datacenters 2018-07-02 13:06:54 -04:00
Evan Tschannen 604b3bca17 increased the api correctness timeout 2018-07-02 12:51:50 -04:00
Evan Tschannen 334a433238 spend less time before using satellite fallback, because the database will be unavailable during this waiting time 2018-07-02 12:50:52 -04:00
Evan Tschannen 89a4b2cd68 fix: consistency check could loop too long 2018-07-02 12:08:02 -04:00
Steve Atherton abb5100388
Merge pull request #550 from etschannen/feature-remote-logs 
Fixed a variety of problems found by Valgrind, and added the untested ability to do an ACI recovery
 2018-07-02 00:00:46 -07:00
Evan Tschannen e67f951c06 Merge branch 'master' into feature-remote-logs 2018-07-02 02:18:20 -04:00
Evan Tschannen d3e1067d31
Merge pull request #508 from AlvinMooreSr/tls-static 
Added support for compiling TLS into binaries
 2018-07-01 23:17:03 -07:00
Alvin Moore c3f88dbfe1 Merge branch 'master' of github.com:apple/foundationdb into tls-static 2018-07-01 23:13:57 -07:00
Alvin Moore 132e2d9267 Defined TLS build flags for projects 
Updated TLS documentation
 2018-07-01 22:49:39 -07:00
Alec Grieser be873001cc
Merge pull request #532 from drew-richardson/master 
Avoid calls that can panic when handling errors
 2018-07-01 21:54:18 -07:00
Evan Tschannen b24e272394 Merge branch 'master' into feature-remote-logs 2018-07-02 00:07:25 -04:00
Evan Tschannen 3c9f3da980 fix: usable regions cannot be changed during an emergency transaction, because it could lead to all storage servers dying if the previous primary is dead 2018-07-01 23:59:06 -04:00
Evan Tschannen 73e61312c6 fix: shareLogRange was never initialized 2018-07-01 22:49:24 -04:00
Evan Tschannen 21d03cd1eb fix: we must store the result of range reads before iterating through the results 2018-07-01 21:07:25 -04:00
Evan Tschannen 5054c194e2 Some trace events are logged before FLOW_KNOBS are initialized 2018-07-01 14:30:37 -04:00
Evan Tschannen 7a12d3e130 added the (untested) ability to force a recovery to the remote datacenter, even if that results in data loss. If the DR lag is more than 1 week there could be potential data corruption if any primary storage servers are still alive. 2018-07-01 09:39:04 -04:00
Steve Atherton 7f6bced835
Merge pull request #538 from alexmiller-apple/tlsplugin_san 
TLS certificate handling enhancements
 2018-07-01 01:50:58 -07:00
Steve Atherton b17c8359ec
Merge pull request #549 from apple/release-5.2 
Merge release-5.2 into master
 2018-06-30 22:50:07 -07:00
Alec Grieser 45c0f01f05
Merge pull request #547 from satherton/fix-macos-aligned-allocation-bug 
Crash fix on MacOS with aligned memory allocation of small types.
 2018-06-30 22:14:33 -07:00
Stephen Atherton 3d32fc4e5d Reduced MacOS aligned_alloc fix to the most minimal change which fixes the crash while not technically changing the aligned_alloc() contract. The previous version allowed new bad behavior (a non power of 2 alignment less than sizeof(void *)) to succeed and it also would throw an exception on failure instead of just returning nullptr as the other platform implementations would. 2018-06-30 21:37:32 -07:00
Alec Grieser ddcf5955e8
Merge pull request #548 from satherton/fix-shardinfo-link-mishap 
Two structs named ShardInfo in one namespace (but different scopes) results in incorrect linking
 2018-06-30 18:59:08 -07:00
Stephen Atherton 5a84b5e1ef Renamed ShardInfo to avoid a name conflict which sometimes causes the wrong destructor to be used at link time. 2018-06-30 18:44:46 -07:00
Stephen Atherton 3f57d0226c Crash fix on MacOS. Aligned_alloc() would silently fail for alignments less than 8, which happen in Deque<T> for small T's such as Void or Error. 2018-06-30 17:16:19 -07:00
Steve Atherton b506361c94
Merge pull request #546 from alecgrieser/fix-docs-build 
Fix documentation build
 2018-06-30 16:43:09 -07:00
Alec Grieser 7cb12c1439
switch module name of ruby domain to sphinxcontrib.rubydomain 2018-06-30 13:26:12 -07:00
Evan Tschannen b42e0541eb
Merge pull request #545 from etschannen/feature-remote-logs 
Fixed a few problems with the consistency check
 2018-06-30 10:40:55 -07:00
Evan Tschannen 4a3247da69 fixed a few problems with the consistency check 2018-06-30 10:39:28 -07:00
Alex Miller 0f70f0435b
Merge pull request #535 from richardalow/default-peer-verification-docs-fix 
Correct the default peer verification in the docs
 2018-06-29 19:01:18 -07:00
Alex Miller fa910d5755 Update the TLS certificate verification documentation. 
Included is:

* Updating the fields supported to include UID and DC, from a previous change.
* Including a description of the operators supported and explaining
  prefix/suffix matching.
* Including a description of Subject Alternative Name matching.

And reworking the examples section to make it clear what a certificate would
look like and how we would then handle and validate it.
 2018-06-29 17:18:40 -07:00
Alex Miller 44694607e8 Fix Subject Alternative Name matching and add test cases. 
The previous change was done in the optimistic hope that NID_subject_alt_name
could be handled in the same fashion as all the rest of the attributes we match
against.  However, X509 is not a place for optimisim.  Instead, it turns out
that the Subject Alternative Name is an X509v3 extension, and needs to be
handled separately.

Therefore, this change...

* Introduces the idea of Criteria matching against a location in the
  certificate, and not just against the entirety of the certificate.
* Extracts the Subject Alternative Name extension, and allows iteration and
  matching against its components.
* Extends our constraint language to sensibly match against SubjectAlternativeNames.

The `S.subjectAltName` syntax has been kept, but the value is now required to
provide what type of field the rest of the value is intended to match against.
The code currently supports DNS, EMAIL, URI, and IP.  Prefix and suffix
matching is supported.

Both verify-test and plugin-test were updated to cover Subject Alternative Name
matching.  I've additionally run plugin-test under valgrind to verify that I've
understood object lifetimes correctly.
 2018-06-29 17:17:58 -07:00
Evan Tschannen 1f02bdee0a do not buggify future version delay, because remote storage servers will be delayed getting data so they need additional time 2018-06-29 11:29:22 -07:00
Balachandar Namasivayam 899f8d8f4d
Merge pull request #544 from etschannen/feature-remote-logs 
Reduce the number of cluster controller changes during a DC failover
 2018-06-29 10:47:04 -07:00