d3e1067d31
Merge pull request #508 from AlvinMooreSr/tls-static
...
Added support for compiling TLS into binaries
2018-07-01 23:17:03 -07:00
c3f88dbfe1
Merge branch 'master' of github.com:apple/foundationdb into tls-static
2018-07-01 23:13:57 -07:00
132e2d9267
Defined TLS build flags for projects
...
Updated TLS documentation
2018-07-01 22:49:39 -07:00
be873001cc
Merge pull request #532 from drew-richardson/master
...
Avoid calls that can panic when handling errors
2018-07-01 21:54:18 -07:00
7f6bced835
Merge pull request #538 from alexmiller-apple/tlsplugin_san
...
TLS certificate handling enhancements
2018-07-01 01:50:58 -07:00
b17c8359ec
Merge pull request #549 from apple/release-5.2
...
Merge release-5.2 into master
2018-06-30 22:50:07 -07:00
45c0f01f05
Merge pull request #547 from satherton/fix-macos-aligned-allocation-bug
...
Crash fix on MacOS with aligned memory allocation of small types.
2018-06-30 22:14:33 -07:00
3d32fc4e5d
Reduced MacOS aligned_alloc fix to the most minimal change which fixes the crash while not technically changing the aligned_alloc() contract. The previous version allowed new bad behavior (a non power of 2 alignment less than sizeof(void *)) to succeed and it also would throw an exception on failure instead of just returning nullptr as the other platform implementations would.
2018-06-30 21:37:32 -07:00
ddcf5955e8
Merge pull request #548 from satherton/fix-shardinfo-link-mishap
...
Two structs named ShardInfo in one namespace (but different scopes) results in incorrect linking
2018-06-30 18:59:08 -07:00
5a84b5e1ef
Renamed ShardInfo to avoid a name conflict which sometimes causes the wrong destructor to be used at link time.
2018-06-30 18:44:46 -07:00
3f57d0226c
Crash fix on MacOS. Aligned_alloc() would silently fail for alignments less than 8, which happen in Deque<T> for small T's such as Void or Error.
2018-06-30 17:16:19 -07:00
b506361c94
Merge pull request #546 from alecgrieser/fix-docs-build
...
Fix documentation build
2018-06-30 16:43:09 -07:00
7cb12c1439
switch module name of ruby domain to sphinxcontrib.rubydomain
2018-06-30 13:26:12 -07:00
b42e0541eb
Merge pull request #545 from etschannen/feature-remote-logs
...
Fixed a few problems with the consistency check
2018-06-30 10:40:55 -07:00
4a3247da69
fixed a few problems with the consistency check
2018-06-30 10:39:28 -07:00
0f70f0435b
Merge pull request #535 from richardalow/default-peer-verification-docs-fix
...
Correct the default peer verification in the docs
2018-06-29 19:01:18 -07:00
fa910d5755
Update the TLS certificate verification documentation.
...
Included is:
* Updating the fields supported to include UID and DC, from a previous change.
* Including a description of the operators supported and explaining
prefix/suffix matching.
* Including a description of Subject Alternative Name matching.
And reworking the examples section to make it clear what a certificate would
look like and how we would then handle and validate it.
2018-06-29 17:18:40 -07:00
44694607e8
Fix Subject Alternative Name matching and add test cases.
...
The previous change was done in the optimistic hope that NID_subject_alt_name
could be handled in the same fashion as all the rest of the attributes we match
against. However, X509 is not a place for optimisim. Instead, it turns out
that the Subject Alternative Name is an X509v3 extension, and needs to be
handled separately.
Therefore, this change...
* Introduces the idea of Criteria matching against a location in the
certificate, and not just against the entirety of the certificate.
* Extracts the Subject Alternative Name extension, and allows iteration and
matching against its components.
* Extends our constraint language to sensibly match against SubjectAlternativeNames.
The `S.subjectAltName` syntax has been kept, but the value is now required to
provide what type of field the rest of the value is intended to match against.
The code currently supports DNS, EMAIL, URI, and IP. Prefix and suffix
matching is supported.
Both verify-test and plugin-test were updated to cover Subject Alternative Name
matching. I've additionally run plugin-test under valgrind to verify that I've
understood object lifetimes correctly.
2018-06-29 17:17:58 -07:00
1f02bdee0a
do not buggify future version delay, because remote storage servers will be delayed getting data so they need additional time
2018-06-29 11:29:22 -07:00
899f8d8f4d
Merge pull request #544 from etschannen/feature-remote-logs
...
Reduce the number of cluster controller changes during a DC failover
2018-06-29 10:47:04 -07:00
7e68bee692
update better machine classes first to give them a higher chance of becoming the next cluster controller
2018-06-29 01:11:59 -07:00
e9ac8a1039
when the cluster controller is changing itself to a better dc fitness, it should notify itself first so another process does not take over
2018-06-29 00:10:29 -07:00
899f880ce0
fix: log router class did not have the proper fitness for becoming the cluster controller
2018-06-28 23:20:01 -07:00
02f616eb68
fix: consistency check was broken when the key server key space is sharded
2018-06-28 23:16:32 -07:00
a288d5b9a9
added a fallback satellite configuration, so that we can use two satellites if available, but do not have to failover to the remote datacenter if one satellite is down
2018-06-28 23:15:32 -07:00
ddf1d15009
Merge pull request #543 from ajbeamon/fix-missing-trace-event-fields
...
The Machine field was missing in early trace events.
2018-06-28 16:02:11 -07:00
a680837ee4
The Machine field was missing in early trace events. The logGroup field was not being properly set.
2018-06-28 15:28:58 -07:00
890b18505d
Merge pull request #542 from ajbeamon/master
...
Add missing include for Windows, remove throw from TraceEvent destructor.
2018-06-28 15:00:22 -07:00
1ff42e078f
Add missing include for Windows, remove throw from TraceEvent destructor.
2018-06-28 14:59:23 -07:00
8caa6eaecf
Merge pull request #541 from etschannen/feature-remote-logs
...
More multiple DC improvements
2018-06-28 11:22:08 -07:00
45cf0067e4
fix: consistency check was not checking for data inconsistencies
2018-06-28 11:08:16 -07:00
65e03555bc
Merge pull request #540 from ajbeamon/master
...
Add include statement for std::function to try to make Windows build happy.
2018-06-28 10:36:43 -07:00
09624aeec9
Add include statement for std::function to try to make Windows build happy
2018-06-28 10:22:33 -07:00
a66eda8baa
added the three_datacenter_fallback redundancy mode, which allows you to drop a down datacenter when configured in three_datacenter mode
2018-06-27 23:24:33 -07:00
58c2f67ff6
checking outstanding requests can be CPU intensive, so rate limit checking requests
2018-06-27 23:02:08 -07:00
fb0d10635d
the first location in a satellite team is the one that will serve peek requests. Make sure we probably balance peek traffic by having the first servers on each team be used an equal amount of times
2018-06-27 22:14:50 -07:00
a5b4698bc8
do not wait for good recruitment delay if the cluster controller is in the second best region
2018-06-27 21:05:55 -07:00
dd72379363
reduced the failure detection times
2018-06-27 20:41:18 -07:00
c74e43f2d0
fix: during upgrades, a storage server which does not have data for a shard could be in the source servers, so as a fallback if a fetch keys fails long enough disable locality based load balancing to allow the storage server to peek from someone different than itself
2018-06-27 20:35:51 -07:00
70d078021f
Implement prefix and suffix matching for TLS certificate verification.
...
This extends our language for specifying verification rules from, e.g.
S.O=XYZCorp
to also include two more operators
S.O>=XYZ # Prefix
S.O<=Corp # Suffix
both of which would match against an Organization of XYZCorp (among others).
2018-06-27 18:11:07 -07:00
2203ba6c8f
Merge pull request #539 from ajbeamon/backstop-trace-event-throttle-in-constructor
...
Move the spammy trace event backstop from the destructor to the const…
2018-06-27 16:30:02 -07:00
e39d2c702d
Support Subject Alternative Name verification in TLS Plugin.
...
The TLS code understands three different things it can verify: the subject, the
issuer, and the root. The existing code assumes that any attribute we can
verify against one of these is also verifyable against the others.
For Subject Alternative Name, this might not be true. There exists both
Subject Alternative Name and Issuer Alternative Name. This code change allows
one to write "I.subjectAltName=Foo", and we'll verifiy a Subject Alt Name
against the Issuer, which wouldn't be right. Issuer Alternative Name isn't a
requested feature (yet?), so I'm punting on this problem.
2018-06-27 16:14:34 -07:00
ea8a288a20
Merge pull request #537 from apple/release-5.2
...
Merge Release-5.2 into master
2018-06-27 15:55:58 -07:00
cbc840ad0a
Move the spammy trace event backstop from the destructor to the constructor. This allows us to avoid doing needless work on a trace event that is going to be throttled.
2018-06-27 15:51:30 -07:00
ac9de812f4
Merge pull request #406 from ajbeamon/directory-tester-cleanup
...
Directory tester cleanup
2018-06-27 15:48:15 -07:00
23b691b9c8
Merge pull request #536 from brownleej/ruby-doc-fixes-52
...
Add a documentation plugin for the formatting in our Ruby docs.
2018-06-27 15:40:08 -07:00
9a51dec64e
Add a documentation plugin for the formatting in our Ruby docs.
2018-06-27 14:58:34 -07:00
cbcf5177eb
Merge pull request #429 from ajbeamon/trace-log-refactor
...
Trace log refactor
2018-06-27 14:52:09 -07:00
f6c6d79056
Merge pull request #534 from etschannen/feature-remote-logs
...
Durable known committed version was incorrect
2018-06-27 14:24:09 -07:00
d8ca7a766c
Change tree node state to have references to parent nodes and update merge logic accordinly.
2018-06-27 14:12:51 -07:00
Evan Tschannen