Revert "SERVER-22411 Add stub implementation of ASIO SChannel integration"

This reverts commit ad223ea38846ceac92d7b5356add62e23e985537.

7 files changed, 6 insertions, 247 deletions

diff --git a/src/mongo/SConscript b/src/mongo/SConscript
index 71f10e87f76..0c6f230519c 100644
--- a/src/mongo/SConscript
+++ b/src/mongo/SConscript
@@ -255,7 +255,6 @@ config_header_substs = (
     ('@mongo_config_max_extended_alignment@', 'MONGO_CONFIG_MAX_EXTENDED_ALIGNMENT'),
     ('@mongo_config_optimized_build@', 'MONGO_CONFIG_OPTIMIZED_BUILD'),
     ('@mongo_config_ssl@', 'MONGO_CONFIG_SSL'),
-    ('@mongo_config_ssl_provider@', 'MONGO_CONFIG_SSL_PROVIDER'),
     ('@mongo_config_ssl_has_asn1_any_definitions@', 'MONGO_CONFIG_HAVE_ASN1_ANY_DEFINITIONS'),
     ('@mongo_config_has_ssl_set_ecdh_auto@', 'MONGO_CONFIG_HAS_SSL_SET_ECDH_AUTO'),
     ('@mongo_config_wiredtiger_enabled@', 'MONGO_CONFIG_WIREDTIGER_ENABLED'),
diff --git a/src/mongo/config.h.in b/src/mongo/config.h.in
index 5808477e11f..c4c65d366d6 100644
--- a/src/mongo/config.h.in
+++ b/src/mongo/config.h.in
@@ -28,10 +28,6 @@
 
 #pragma once
 
-// List of possible SSL providers
-#define SSL_PROVIDER_OPENSSL 1
-#define SSL_PROVIDER_WINDOWS 2
-
 // Define to target byte order (1234 vs 4321)
 @mongo_config_byte_order@
 
@@ -71,9 +67,6 @@
 // Defined if SSL support is enabled
 @mongo_config_ssl@
 
-// Defined if SSL support is enabled with chosen ssl provider
-@mongo_config_ssl_provider@
-
 // Defined if OpenSSL has SEQUENCE_ANY
 @mongo_config_ssl_has_asn1_any_definitions@
 
diff --git a/src/mongo/crypto/sha_block_tom.cpp b/src/mongo/crypto/sha_block_tom.cpp
index 4908f5ffe20..20e11d34ce8 100644
--- a/src/mongo/crypto/sha_block_tom.cpp
+++ b/src/mongo/crypto/sha_block_tom.cpp
@@ -35,10 +35,8 @@
 #include "mongo/util/assert_util.h"
 
 #ifdef MONGO_CONFIG_SSL
-#if MONGO_CONFIG_SSL_PROVIDER != SSL_PROVIDER_WINDOWS
 #error This file should not be included if compiling with SSL support
 #endif
-#endif
 
 #include "tomcrypt.h"
 
diff --git a/src/mongo/platform/windows_basic.h b/src/mongo/platform/windows_basic.h
index defe7b68b09..86e1396aefd 100644
--- a/src/mongo/platform/windows_basic.h
+++ b/src/mongo/platform/windows_basic.h
@@ -95,8 +95,6 @@
 
 #include <sspi.h>
 
-#include <schannel.h>
-
 #undef WIN32_NO_STATUS
 
 // Obtain a definition for the ntstatus type.
diff --git a/src/mongo/util/net/ssl_manager.h b/src/mongo/util/net/ssl_manager.h
index bc640dc4b88..ea02f94496c 100644
--- a/src/mongo/util/net/ssl_manager.h
+++ b/src/mongo/util/net/ssl_manager.h
@@ -43,11 +43,9 @@
 #include "mongo/util/net/ssl_types.h"
 #include "mongo/util/time_support.h"
 
-// SChannel implementation
-#if MONGO_CONFIG_SSL_PROVIDER == SSL_PROVIDER_OPENSSL
 #include <openssl/err.h>
 #include <openssl/ssl.h>
-#endif
+
 #endif  // #ifdef MONGO_CONFIG_SSL
 
 namespace mongo {
@@ -61,16 +59,6 @@ const std::string getSSLVersion(const std::string& prefix, const std::string& su
 namespace mongo {
 struct SSLParams;
 
-#if MONGO_CONFIG_SSL_PROVIDER == SSL_PROVIDER_OPENSSL
-typedef SSL_CTX* SSLContextType;
-typedef SSL* SSLConnectionType;
-#elif MONGO_CONFIG_SSL_PROVIDER == SSL_PROVIDER_WINDOWS
-typedef SCHANNEL_CRED* SSLContextType;
-typedef PCtxtHandle SSLConnectionType;
-#else
-#error "Unknown SSL Provider"
-#endif
-
 /**
  * Maintain per connection SSL state for the Sock class. Used by SSLManagerInterface to perform SSL
  * operations.
@@ -178,7 +166,7 @@ public:
      * acceptable on non-blocking connections are set. "direction" specifies whether the SSL_CTX
      * will be used to make outgoing connections or accept incoming connections.
      */
-    virtual Status initSSLContext(SSLContextType context,
+    virtual Status initSSLContext(SSL_CTX* context,
                                   const SSLParams& params,
                                   ConnectionDirection direction) = 0;
 
@@ -190,7 +178,7 @@ public:
      * X509 authorization will be returned.
      */
     virtual StatusWith<boost::optional<SSLPeerInfo>> parseAndValidatePeerCertificate(
-        SSLConnectionType ssl, const std::string& remoteHost) = 0;
+        SSL* ssl, const std::string& remoteHost) = 0;
 };
 
 // Access SSL functions through this instance.
diff --git a/src/mongo/util/net/ssl_manager_windows.cpp b/src/mongo/util/net/ssl_manager_windows.cpp
deleted file mode 100644
index 78128a6c663..00000000000
--- a/src/mongo/util/net/ssl_manager_windows.cpp
+++ /dev/null
@@ -1,209 +0,0 @@
-/**
- * Copyright (C) 2018 MongoDB Inc.
- *
- * This program is free software: you can redistribute it and/or  modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- *
- * As a special exception, the copyright holders give permission to link the
- * code of portions of this program with the OpenSSL library under certain
- * conditions as described in each individual source file and distribute
- * linked combinations including the program with the OpenSSL library. You
- * must comply with the GNU Affero General Public License in all respects
- * for all of the code used other than as permitted herein. If you modify
- * file(s) with this exception, you may extend this exception to your
- * version of the file(s), but you are not obligated to do so. If you do not
- * wish to do so, delete this exception statement from your version. If you
- * delete this exception statement from all source files in the program,
- * then also delete it in the license file.
- */
-
-#define MONGO_LOG_DEFAULT_COMPONENT ::mongo::logger::LogComponent::kNetwork
-
-#include "mongo/platform/basic.h"
-
-#include "mongo/util/net/ssl_manager.h"
-
-#include <asio.hpp>
-#include <asio/ssl.hpp>
-#include <boost/algorithm/string.hpp>
-#include <boost/date_time/posix_time/posix_time.hpp>
-#include <fstream>
-#include <iostream>
-#include <sstream>
-#include <stack>
-#include <string>
-#include <vector>
-
-#include "mongo/base/init.h"
-#include "mongo/base/initializer_context.h"
-#include "mongo/bson/bsonobjbuilder.h"
-#include "mongo/config.h"
-#include "mongo/db/server_parameters.h"
-#include "mongo/platform/atomic_word.h"
-#include "mongo/stdx/memory.h"
-#include "mongo/transport/session.h"
-#include "mongo/util/concurrency/mutex.h"
-#include "mongo/util/debug_util.h"
-#include "mongo/util/exit.h"
-#include "mongo/util/log.h"
-#include "mongo/util/mongoutils/str.h"
-#include "mongo/util/net/private/ssl_expiration.h"
-#include "mongo/util/net/sock.h"
-#include "mongo/util/net/socket_exception.h"
-#include "mongo/util/net/ssl_options.h"
-#include "mongo/util/net/ssl_types.h"
-#include "mongo/util/scopeguard.h"
-#include "mongo/util/text.h"
-#include "mongo/util/uuid.h"
-
-namespace mongo {
-
-namespace {
-
-SimpleMutex sslManagerMtx;
-SSLManagerInterface* theSSLManagerWindows = NULL;
-
-
-}  // namespace
-
-/**
- * Manage state for a SSL Connection. Used by the Socket class.
- */
-class SSLConnectionWindows : public SSLConnectionInterface {
-public:
-    ~SSLConnectionWindows();
-
-    std::string getSNIServerName() const final;
-};
-
-
-class SSLManagerWindows : public SSLManagerInterface {
-public:
-    explicit SSLManagerWindows(const SSLParams& params, bool isServer);
-
-    /**
-     * Initializes an OpenSSL context according to the provided settings. Only settings which are
-     * acceptable on non-blocking connections are set.
-     */
-    Status initSSLContext(SCHANNEL_CRED* cred,
-                          const SSLParams& params,
-                          ConnectionDirection direction) final;
-
-    virtual SSLConnectionInterface* connect(Socket* socket);
-
-    virtual SSLConnectionInterface* accept(Socket* socket, const char* initialBytes, int len);
-
-    virtual SSLPeerInfo parseAndValidatePeerCertificateDeprecated(
-        const SSLConnectionInterface* conn, const std::string& remoteHost);
-
-    StatusWith<boost::optional<SSLPeerInfo>> parseAndValidatePeerCertificate(
-        PCtxtHandle ssl, const std::string& remoteHost) final;
-
-
-    virtual const SSLConfiguration& getSSLConfiguration() const {
-        return _sslConfiguration;
-    }
-
-    virtual int SSL_read(SSLConnectionInterface* conn, void* buf, int num);
-
-    virtual int SSL_write(SSLConnectionInterface* conn, const void* buf, int num);
-
-    virtual int SSL_shutdown(SSLConnectionInterface* conn);
-
-private:
-    bool _weakValidation;
-    bool _allowInvalidCertificates;
-    bool _allowInvalidHostnames;
-    SSLConfiguration _sslConfiguration;
-};
-
-// Global variable indicating if this is a server or a client instance
-bool isSSLServer = false;
-
-MONGO_INITIALIZER(SSLManager)(InitializerContext*) {
-    stdx::lock_guard<SimpleMutex> lck(sslManagerMtx);
-    if (!isSSLServer || (sslGlobalParams.sslMode.load() != SSLParams::SSLMode_disabled)) {
-        theSSLManagerWindows = new SSLManagerWindows(sslGlobalParams, isSSLServer);
-    }
-
-    return Status::OK();
-}
-
-SSLConnectionWindows::~SSLConnectionWindows() {}
-
-std::string SSLConnectionWindows::getSNIServerName() const {
-    invariant(false);
-    return "";
-}
-
-std::unique_ptr<SSLManagerInterface> SSLManagerInterface::create(const SSLParams& params,
-                                                                 bool isServer) {
-    return stdx::make_unique<SSLManagerWindows>(params, isServer);
-}
-
-SSLManagerInterface* getSSLManager() {
-    stdx::lock_guard<SimpleMutex> lck(sslManagerMtx);
-    if (theSSLManagerWindows)
-        return theSSLManagerWindows;
-    return NULL;
-}
-
-SSLManagerWindows::SSLManagerWindows(const SSLParams& params, bool isServer)
-    : _weakValidation(params.sslWeakCertificateValidation),
-      _allowInvalidCertificates(params.sslAllowInvalidCertificates),
-      _allowInvalidHostnames(params.sslAllowInvalidHostnames) {}
-
-int SSLManagerWindows::SSL_read(SSLConnectionInterface* connInterface, void* buf, int num) {
-    invariant(false);
-    return 0;
-}
-
-int SSLManagerWindows::SSL_write(SSLConnectionInterface* connInterface, const void* buf, int num) {
-    invariant(false);
-    return 0;
-}
-
-int SSLManagerWindows::SSL_shutdown(SSLConnectionInterface* conn) {
-    invariant(false);
-    return 0;
-}
-
-Status SSLManagerWindows::initSSLContext(SCHANNEL_CRED* cred,
-                                         const SSLParams& params,
-                                         ConnectionDirection direction) {
-
-    return Status::OK();
-}
-
-SSLConnectionInterface* SSLManagerWindows::connect(Socket* socket) {
-    return nullptr;
-}
-
-SSLConnectionInterface* SSLManagerWindows::accept(Socket* socket,
-                                                  const char* initialBytes,
-                                                  int len) {
-    return nullptr;
-}
-
-SSLPeerInfo SSLManagerWindows::parseAndValidatePeerCertificateDeprecated(
-    const SSLConnectionInterface* conn, const std::string& remoteHost) {
-    return SSLPeerInfo();
-}
-
-StatusWith<boost::optional<SSLPeerInfo>> SSLManagerWindows::parseAndValidatePeerCertificate(
-    PCtxtHandle ssl, const std::string& remoteHost) {
-
-    return {boost::none};
-}
-
-
-}  // namespace mongo
diff --git a/src/mongo/util/version.cpp b/src/mongo/util/version.cpp
index 9536caf1516..41933e8c9ac 100644
--- a/src/mongo/util/version.cpp
+++ b/src/mongo/util/version.cpp
@@ -34,10 +34,8 @@
 #include "mongo/config.h"
 
 #ifdef MONGO_CONFIG_SSL
-#if MONGO_CONFIG_SSL_PROVIDER == SSL_PROVIDER_OPENSSL
 #include <openssl/crypto.h>
 #endif
-#endif
 
 #include <pcrecpp.h>
 
@@ -147,13 +145,7 @@ void VersionInfoInterface::appendBuildInfo(BSONObjBuilder* result) const {
 
     BSONObjBuilder opensslInfo(result->subobjStart("openssl"));
 #ifdef MONGO_CONFIG_SSL
-#if MONGO_CONFIG_SSL_PROVIDER == SSL_PROVIDER_OPENSSL
     opensslInfo << "running" << openSSLVersion() << "compiled" << OPENSSL_VERSION_TEXT;
-#elif MONGO_CONFIG_SSL_PROVIDER == SSL_PROVIDER_WINDOWS
-    opensslInfo << "Windows SChannel";
-#else
-#error "Unknown SSL Provider"
-#endif  // MONGO_CONFIG_SSL_PROVIDER
 #else
     opensslInfo << "running"
                 << "disabled"
@@ -176,9 +168,9 @@ void VersionInfoInterface::appendBuildInfo(BSONObjBuilder* result) const {
 }
 
 std::string VersionInfoInterface::openSSLVersion(StringData prefix, StringData suffix) const {
-#if !defined(MONGO_CONFIG_SSL) || MONGO_CONFIG_SSL_PROVIDER != SSL_PROVIDER_OPENSSL
+#ifndef MONGO_CONFIG_SSL
     return "";
-#elif MONGO_CONFIG_SSL_PROVIDER == SSL_PROVIDER_OPENSSL
+#else
     return prefix.toString() + SSLeay_version(SSLEAY_VERSION) + suffix;
 #endif
 }
@@ -190,7 +182,7 @@ void VersionInfoInterface::logTargetMinOS() const {
 void VersionInfoInterface::logBuildInfo() const {
     log() << "git version: " << gitVersion();
 
-#if defined(MONGO_CONFIG_SSL) && MONGO_CONFIG_SSL_PROVIDER == SSL_PROVIDER_OPENSSL
+#ifdef MONGO_CONFIG_SSL
     log() << openSSLVersion("OpenSSL version: ");
 #endif