* Extend flat_buffer to support unordered_set (de)serialize
Extend flat_buffer to support unordered_set (de)serialize
Description
Extend flat_buffer to support unordered_set (de)serialize
Testing
Added unit test in flat_buffers.cpp to validate the functionality:
1. Empty unordered_set (de)serialize
1. Non-Empty unordered_set (de)serialize
This causes failures of backup_auth_missing: ErrorDescription="Cannot find
authentication details (such as a password or secret key) for the specified
Backup Container URL"
This is found by manually running "fdbdecode".
* Introduce BlobCipher interface and cipher caching interface
diff-3: Update the code to avoid deriving encryption key periodically.
Implement EncyrptBuf interface to limit memcpys.
Improve both unit test and simulation to better code coverage.
diff-2: Add specific error code for OpenSSL AES call failures
diff-1: Update encryption scheme to AES-256-CTR. Minor
updates to Header to capture more information.
Major changes proposed are:
1. Introduce encyrption header format.
2. Introduce a BlobCipher cipher key representation encoding
following information: baseCipher details, derived encryption cipher
details, creationTime and random salt.
3. Introduce interface to support block cipher encrytion and decrytion
operations. Encyrption populates encryption header allowing client to
persist them on-disk, this header is then read allowing decryption
on reads.
4. Introduce interface to allow in-memory caching of cipher keys. The
cache allowing mapping of "encryption domain" -> "base cipher id" ->
"derived cipher keys" (3D hash map). This cache interface will be used
by FDB processes participating in encryption to cache recently used
ciphers (performance optimization).
Testing:
1. Unit test to validate caching interface.
2. Update EncryptionOps simulation test to validate block cipher
operations.
* Improve assert diagnostics
* Make overwriteProxiesCount a deterministic function of conf keys
Previously, the final values for grv_proxy count, commit_proxy count,
and proxy count were derived from already-derived values from
overwriteProxiesCount. Instead, we should only look at the conf keys.
Also treat these keys as set to -1 if absent
* Add unit test
Illustrates how overwriteCommitProxy is not a function of conf keys.
Passes after change and fails before
* Add binding tester support for tenants
* Configure tenant_mode=optional_experimental in the binding tester
* Use the special key-space to delete tenants in between binding tester runs.
* Separate tenant tester spec into its own file.
Steve Atherton