Remove unused server_tls_certificates functions (#5028)

These have been unused since #4120, and with the demise of perspectives, it is
unlikely that they will ever be used again.
This commit is contained in:
Richard van der Hoff 2019-04-08 21:50:18 +01:00 committed by GitHub
parent b25e387c0d
commit 3352baac4b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 7 additions and 63 deletions

View File

@ -1 +1 @@
Remove legacy tables detailed in #1830. Remove a number of unused tables from the database schema.

1
changelog.d/5028.misc Normal file
View File

@ -0,0 +1 @@
Remove a number of unused tables from the database schema.

View File

@ -27,8 +27,5 @@ class SlavedKeyStore(BaseSlavedStore):
get_server_verify_keys = __func__(DataStore.get_server_verify_keys) get_server_verify_keys = __func__(DataStore.get_server_verify_keys)
store_server_verify_key = __func__(DataStore.store_server_verify_key) store_server_verify_key = __func__(DataStore.store_server_verify_key)
get_server_certificate = __func__(DataStore.get_server_certificate)
store_server_certificate = __func__(DataStore.store_server_certificate)
get_server_keys_json = __func__(DataStore.get_server_keys_json) get_server_keys_json = __func__(DataStore.get_server_keys_json)
store_server_keys_json = __func__(DataStore.store_server_keys_json) store_server_keys_json = __func__(DataStore.store_server_keys_json)

View File

@ -13,14 +13,12 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
import hashlib
import logging import logging
import six import six
from signedjson.key import decode_verify_key_bytes from signedjson.key import decode_verify_key_bytes
import OpenSSL
from twisted.internet import defer from twisted.internet import defer
from synapse.util.caches.descriptors import cachedInlineCallbacks from synapse.util.caches.descriptors import cachedInlineCallbacks
@ -38,53 +36,8 @@ else:
class KeyStore(SQLBaseStore): class KeyStore(SQLBaseStore):
"""Persistence for signature verification keys and tls X.509 certificates """Persistence for signature verification keys
""" """
@defer.inlineCallbacks
def get_server_certificate(self, server_name):
"""Retrieve the TLS X.509 certificate for the given server
Args:
server_name (bytes): The name of the server.
Returns:
(OpenSSL.crypto.X509): The tls certificate.
"""
tls_certificate_bytes, = yield self._simple_select_one(
table="server_tls_certificates",
keyvalues={"server_name": server_name},
retcols=("tls_certificate",),
desc="get_server_certificate",
)
tls_certificate = OpenSSL.crypto.load_certificate(
OpenSSL.crypto.FILETYPE_ASN1, tls_certificate_bytes
)
defer.returnValue(tls_certificate)
def store_server_certificate(
self, server_name, from_server, time_now_ms, tls_certificate
):
"""Stores the TLS X.509 certificate for the given server
Args:
server_name (str): The name of the server.
from_server (str): Where the certificate was looked up
time_now_ms (int): The time now in milliseconds
tls_certificate (OpenSSL.crypto.X509): The X.509 certificate.
"""
tls_certificate_bytes = OpenSSL.crypto.dump_certificate(
OpenSSL.crypto.FILETYPE_ASN1, tls_certificate
)
fingerprint = hashlib.sha256(tls_certificate_bytes).hexdigest()
return self._simple_upsert(
table="server_tls_certificates",
keyvalues={"server_name": server_name, "fingerprint": fingerprint},
values={
"from_server": from_server,
"ts_added_ms": time_now_ms,
"tls_certificate": db_binary_type(tls_certificate_bytes),
},
desc="store_server_certificate",
)
@cachedInlineCallbacks() @cachedInlineCallbacks()
def _get_server_verify_key(self, server_name, key_id): def _get_server_verify_key(self, server_name, key_id):
verify_key_bytes = yield self._simple_select_one_onecol( verify_key_bytes = yield self._simple_select_one_onecol(

View File

@ -24,7 +24,5 @@ DROP TABLE IF EXISTS event_edge_hashes;
DROP TABLE IF EXISTS event_signatures; DROP TABLE IF EXISTS event_signatures;
DROP TABLE IF EXISTS feedback; DROP TABLE IF EXISTS feedback;
DROP TABLE IF EXISTS room_hosts; DROP TABLE IF EXISTS room_hosts;
DROP TABLE IF EXISTS server_tls_certificates;
DROP TABLE IF EXISTS state_forward_extremities; DROP TABLE IF EXISTS state_forward_extremities;

View File

@ -12,14 +12,9 @@
* See the License for the specific language governing permissions and * See the License for the specific language governing permissions and
* limitations under the License. * limitations under the License.
*/ */
CREATE TABLE IF NOT EXISTS server_tls_certificates(
server_name TEXT, -- Server name. -- we used to create a table called server_tls_certificates, but this is no
fingerprint TEXT, -- Certificate fingerprint. -- longer used, and is removed in delta 54.
from_server TEXT, -- Which key server the certificate was fetched from.
ts_added_ms BIGINT, -- When the certifcate was added.
tls_certificate bytea, -- DER encoded x509 certificate.
UNIQUE (server_name, fingerprint)
);
CREATE TABLE IF NOT EXISTS server_signature_keys( CREATE TABLE IF NOT EXISTS server_signature_keys(
server_name TEXT, -- Server name. server_name TEXT, -- Server name.