Merge pull request #4646 from pwojcikdev/remove-tls-rpc

Remove tls support

nano/core_test/toml.cpp

@@ -1,6 +1,5 @@
 #include <nano/lib/jsonconfig.hpp>
 #include <nano/lib/rpcconfig.hpp>
-#include <nano/lib/tlsconfig.hpp>
 #include <nano/lib/tomlconfig.hpp>
 #include <nano/node/daemonconfig.hpp>
 #include <nano/secure/utility.hpp>
@@ -943,64 +942,6 @@ TEST (toml, daemon_read_config)
 	}
 }
 
-/** Deserialize an tls config with non-default values */
-TEST (toml, tls_config_deserialize_no_defaults)
-{
-	std::stringstream ss;
-
-	// A config file with values that differs from devnet defaults
-	ss << R"toml(
-	enable_https=true
-	enable_wss=true
-	verbose_logging=true
-	server_cert_path="xyz.cert.pem"
-	server_key_path="xyz.key.pem"
-	server_key_passphrase="xyz"
-	server_dh_path="xyz.pem"
-	)toml";
-
-	nano::tomlconfig toml;
-	toml.read (ss);
-	nano::tls_config conf;
-	nano::tls_config defaults;
-	conf.deserialize_toml (toml);
-
-	ASSERT_FALSE (toml.get_error ()) << toml.get_error ().get_message ();
-
-	ASSERT_NE (conf.enable_https, defaults.enable_https);
-	ASSERT_NE (conf.enable_wss, defaults.enable_wss);
-	ASSERT_NE (conf.verbose_logging, defaults.verbose_logging);
-	ASSERT_NE (conf.server_cert_path, defaults.server_cert_path);
-	ASSERT_NE (conf.server_key_path, defaults.server_key_path);
-	ASSERT_NE (conf.server_key_passphrase, defaults.server_key_passphrase);
-	ASSERT_NE (conf.server_dh_path, defaults.server_dh_path);
-}
-
-/** Empty tls config file should match a default config object, and there should be no required values. */
-TEST (toml, tls_config_defaults)
-{
-	std::stringstream ss;
-
-	// A config with no values
-	ss << R"toml()toml";
-
-	nano::tomlconfig toml;
-	toml.read (ss);
-	nano::tls_config conf;
-	nano::tls_config defaults;
-	conf.deserialize_toml (toml);
-
-	ASSERT_FALSE (toml.get_error ()) << toml.get_error ().get_message ();
-
-	ASSERT_EQ (conf.enable_https, defaults.enable_wss);
-	ASSERT_EQ (conf.enable_wss, defaults.enable_wss);
-	ASSERT_EQ (conf.verbose_logging, defaults.verbose_logging);
-	ASSERT_EQ (conf.server_cert_path, defaults.server_cert_path);
-	ASSERT_EQ (conf.server_key_path, defaults.server_key_path);
-	ASSERT_EQ (conf.server_key_passphrase, defaults.server_key_passphrase);
-	ASSERT_EQ (conf.server_dh_path, defaults.server_dh_path);
-}
-
 TEST (toml, log_config_defaults)
 {
 	std::stringstream ss;

nano/lib/CMakeLists.txt

@@ -99,8 +99,6 @@ add_library(
   threading.cpp
   timer.hpp
   timer.cpp
-  tlsconfig.hpp
-  tlsconfig.cpp
   tomlconfig.hpp
   tomlconfig.cpp
   uniquer.hpp

nano/lib/rpcconfig.cpp

@@ -5,30 +5,6 @@
 
 #include <boost/dll/runtime_symbol_info.hpp>
 
-nano::error nano::rpc_secure_config::serialize_toml (nano::tomlconfig & toml) const
-{
-	toml.put ("enable", enable, "Enable or disable TLS support.\ntype:bool");
-	toml.put ("verbose_logging", verbose_logging, "Enable or disable verbose logging.\ntype:bool");
-	toml.put ("server_key_passphrase", server_key_passphrase, "Server key passphrase.\ntype:string");
-	toml.put ("server_cert_path", server_cert_path, "Directory containing certificates.\ntype:string,path");
-	toml.put ("server_key_path", server_key_path, "Path to server key PEM file.\ntype:string,path");
-	toml.put ("server_dh_path", server_dh_path, "Path to Diffie-Hellman params file.\ntype:string,path");
-	toml.put ("client_certs_path", client_certs_path, "Directory containing client certificates.\ntype:string");
-	return toml.get_error ();
-}
-
-nano::error nano::rpc_secure_config::deserialize_toml (nano::tomlconfig & toml)
-{
-	toml.get<bool> ("enable", enable);
-	toml.get<bool> ("verbose_logging", verbose_logging);
-	toml.get<std::string> ("server_key_passphrase", server_key_passphrase);
-	toml.get<std::string> ("server_cert_path", server_cert_path);
-	toml.get<std::string> ("server_key_path", server_key_path);
-	toml.get<std::string> ("server_dh_path", server_dh_path);
-	toml.get<std::string> ("client_certs_path", client_certs_path);
-	return toml.get_error ();
-}
-
 nano::rpc_config::rpc_config (nano::network_constants & network_constants) :
 	rpc_process{ network_constants },
 	address{ boost::asio::ip::address_v6::loopback ().to_string () }
@@ -68,12 +44,6 @@ nano::error nano::rpc_config::deserialize_toml (nano::tomlconfig & toml)
 {
 	if (!toml.empty ())
 	{
-		auto rpc_secure_l (toml.get_optional_child ("secure"));
-		if (rpc_secure_l)
-		{
-			return nano::error ("The RPC secure configuration has moved to config-tls.toml. Please update the configuration.");
-		}
-
 		boost::asio::ip::address_v6 address_l;
 		toml.get_optional<boost::asio::ip::address_v6> ("address", address_l, boost::asio::ip::address_v6::loopback ());
 		address = address_l.to_string ();

nano/lib/rpcconfig.hpp

@@ -13,34 +13,6 @@
 namespace nano
 {
 class tomlconfig;
-class tls_config;
-
-/**
- * Configuration options for RPC TLS.
- * @note This is deprecated, but kept for a few versions in order to yield a config error message on startup if it's used.
- */
-class rpc_secure_config final
-{
-public:
-	nano::error serialize_toml (nano::tomlconfig &) const;
-	nano::error deserialize_toml (nano::tomlconfig &);
-
-private:
-	/** If true, enable TLS */
-	bool enable{ false };
-	/** If true, log certificate verification details */
-	bool verbose_logging{ false };
-	/** Must be set if the private key PEM is password protected */
-	std::string server_key_passphrase;
-	/** Path to certificate- or chain file. Must be PEM formatted. */
-	std::string server_cert_path;
-	/** Path to private key file. Must be PEM formatted.*/
-	std::string server_key_path;
-	/** Path to dhparam file */
-	std::string server_dh_path;
-	/** Optional path to directory containing client certificates */
-	std::string client_certs_path;
-};
 
 class rpc_process_config final
 {
@@ -72,12 +44,9 @@ class rpc_config final
 	std::string address;
 	uint16_t port{ rpc_process.network_constants.default_rpc_port };
 	bool enable_control{ false };
-	rpc_secure_config secure;
 	uint8_t max_json_depth{ 20 };
 	uint64_t max_request_size{ 32 * 1024 * 1024 };
 	nano::rpc_logging_config rpc_logging;
-	/** Optional TLS config */
-	std::shared_ptr<nano::tls_config> tls_config;
 };
 
 nano::error read_rpc_config_toml (std::filesystem::path const & data_path_a, nano::rpc_config & config_a, std::vector<std::string> const & config_overrides = std::vector<std::string> ());