Revert "Begin process of removing singleton use by StringMatcher (#32… (#32902)

Revert "Begin process of removing singleton use by StringMatcher (#32829)"

This reverts commit b7818b0.

Signed-off-by: Ryan Northey <[email protected]>

Author: phlax

contrib/postgres_proxy/filters/network/test/postgres_integration_test.cc

@@ -295,8 +295,7 @@ class UpstreamSSLBaseIntegrationTest : public PostgresBaseIntegrationTest {
     // The tls transport socket will be inserted into fake_upstream when
     // Envoy's upstream starttls transport socket is converted to secure mode.
     std::unique_ptr<Ssl::ContextManager> tls_context_manager =
-        std::make_unique<Extensions::TransportSockets::Tls::ContextManagerImpl>(
-            server_factory_context_);
+        std::make_unique<Extensions::TransportSockets::Tls::ContextManagerImpl>(timeSystem());
 
     envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext downstream_tls_context;
 
@@ -528,8 +527,7 @@ class UpstreamAndDownstreamSSLIntegrationTest : public UpstreamSSLBaseIntegratio
     // The tls transport socket will be inserted into fake_upstream when
     // Envoy's upstream starttls transport socket is converted to secure mode.
     std::unique_ptr<Ssl::ContextManager> tls_context_manager =
-        std::make_unique<Extensions::TransportSockets::Tls::ContextManagerImpl>(
-            server_factory_context_);
+        std::make_unique<Extensions::TransportSockets::Tls::ContextManagerImpl>(timeSystem());
 
     envoy::extensions::transport_sockets::tls::v3::UpstreamTlsContext upstream_tls_context;
 

envoy/server/factory_context.h

@@ -36,11 +36,6 @@
 #include "source/common/protobuf/protobuf.h"
 
 namespace Envoy {
-
-namespace Regex {
-class Engine;
-}
-
 namespace Server {
 namespace Configuration {
 
@@ -134,11 +129,6 @@ class CommonFactoryContext {
    * @return ServerLifecycleNotifier& the lifecycle notifier for the server.
    */
   virtual ServerLifecycleNotifier& lifecycleNotifier() PURE;
-
-  /**
-   * @return the server regex engine.
-   */
-  virtual Regex::Engine& regexEngine() PURE;
 };
 
 /**

envoy/server/instance.h

@@ -253,11 +253,6 @@ class Instance {
    */
   virtual Configuration::StatsConfig& statsConfig() PURE;
 
-  /**
-   * @return the server regex engine.
-   */
-  virtual Regex::Engine& regexEngine() PURE;
-
   /**
    * @return envoy::config::bootstrap::v3::Bootstrap& the servers bootstrap configuration.
    */

envoy/ssl/context_manager.h

@@ -10,13 +10,6 @@
 #include "envoy/stats/scope.h"
 
 namespace Envoy {
-
-namespace Server {
-namespace Configuration {
-class CommonFactoryContext;
-} // namespace Configuration
-} // namespace Server
-
 namespace Ssl {
 
 // Opaque type defined and used by the ``ServerContext``.
@@ -80,8 +73,7 @@ using ContextManagerPtr = std::unique_ptr<ContextManager>;
 class ContextManagerFactory : public Config::UntypedFactory {
 public:
   ~ContextManagerFactory() override = default;
-  virtual ContextManagerPtr
-  createContextManager(Server::Configuration::CommonFactoryContext& factory_context) PURE;
+  virtual ContextManagerPtr createContextManager(TimeSource& time_source) PURE;
 
   // There could be only one factory thus the name is static.
   std::string name() const override { return "ssl_context_manager"; }

mobile/library/common/extensions/cert_validator/platform_bridge/config.cc

@@ -9,7 +9,7 @@ namespace Tls {
 
 CertValidatorPtr PlatformBridgeCertValidatorFactory::createCertValidator(
     const Envoy::Ssl::CertificateValidationContextConfig* config, SslStats& stats,
-    Server::Configuration::CommonFactoryContext& /*context*/) {
+    TimeSource& /*time_source*/) {
   return std::make_unique<PlatformBridgeCertValidator>(config, stats);
 }
 

mobile/library/common/extensions/cert_validator/platform_bridge/config.h

@@ -15,9 +15,8 @@ namespace Tls {
 class PlatformBridgeCertValidatorFactory : public CertValidatorFactory,
                                            public Config::TypedFactory {
 public:
-  CertValidatorPtr
-  createCertValidator(const Envoy::Ssl::CertificateValidationContextConfig* config, SslStats& stats,
-                      Server::Configuration::CommonFactoryContext& context) override;
+  CertValidatorPtr createCertValidator(const Envoy::Ssl::CertificateValidationContextConfig* config,
+                                       SslStats& stats, TimeSource& time_source) override;
 
   std::string name() const override {
     return "envoy_mobile.cert_validator.platform_bridge_cert_validator";

mobile/test/common/integration/BUILD

@@ -184,7 +184,6 @@ envoy_cc_test_library(
         "@envoy//source/exe:process_wide_lib",
         "@envoy//test/integration:autonomous_upstream_lib",
         "@envoy//test/integration:utility_lib",
-        "@envoy//test/mocks/server:server_factory_context_mocks",
         "@envoy//test/mocks/server:transport_socket_factory_context_mocks",
         "@envoy//test/test_common:environment_lib",
         "@envoy_build_config//:extension_registry",
@@ -214,7 +213,6 @@ envoy_cc_test_library(
         "@envoy//source/exe:process_wide_lib",
         "@envoy//test/integration:autonomous_upstream_lib",
         "@envoy//test/integration:utility_lib",
-        "@envoy//test/mocks/server:server_factory_context_mocks",
         "@envoy//test/mocks/server:transport_socket_factory_context_mocks",
         "@envoy//test/test_common:environment_lib",
         "@envoy_api//envoy/extensions/transport_sockets/tls/v3:pkg_cc_proto",

mobile/test/common/integration/test_server.cc

@@ -25,7 +25,7 @@ namespace Envoy {
 Network::DownstreamTransportSocketFactoryPtr TestServer::createQuicUpstreamTlsContext(
     testing::NiceMock<Server::Configuration::MockTransportSocketFactoryContext>& factory_context) {
   envoy::extensions::transport_sockets::tls::v3::DownstreamTlsContext tls_context;
-  Extensions::TransportSockets::Tls::ContextManagerImpl context_manager{server_factory_context_};
+  Extensions::TransportSockets::Tls::ContextManagerImpl context_manager{time_system_};
   tls_context.mutable_common_tls_context()->add_alpn_protocols("h3");
   envoy::extensions::transport_sockets::tls::v3::TlsCertificate* certs =
       tls_context.mutable_common_tls_context()->add_tls_certificates();

mobile/test/common/integration/test_server.h

@@ -8,7 +8,6 @@
 
 #include "envoy/extensions/transport_sockets/quic/v3/quic_transport.pb.h"
 #include "test/integration/autonomous_upstream.h"
-#include "test/mocks/server/server_factory_context.h"
 #include "test/mocks/server/transport_socket_factory_context.h"
 #include "test/integration/server.h"
 
@@ -27,7 +26,6 @@ enum class TestServerType {
 class TestServer : public ListenerHooks {
 private:
   testing::NiceMock<Server::Configuration::MockTransportSocketFactoryContext> factory_context_;
-  testing::NiceMock<Server::Configuration::MockServerFactoryContext> server_factory_context_;
   Stats::IsolatedStoreImpl stats_store_;
   Event::GlobalTimeSystem time_system_;
   Api::ApiPtr api_;
@@ -37,7 +35,7 @@ class TestServer : public ListenerHooks {
   Thread::SkipAsserts skip_asserts_;
   ProcessWide process_wide;
   Thread::MutexBasicLockable lock;
-  Extensions::TransportSockets::Tls::ContextManagerImpl context_manager_{server_factory_context_};
+  Extensions::TransportSockets::Tls::ContextManagerImpl context_manager_{time_system_};
   std::unique_ptr<bazel::tools::cpp::runfiles::Runfiles> runfiles_;
 
   // Either test_server_ will be set for test_server_type is a proxy, otherwise upstream_ will be

mobile/test/common/integration/xds_test_server.h

@@ -7,7 +7,6 @@
 
 #include "test/integration/fake_upstream.h"
 #include "test/integration/server.h"
-#include "test/mocks/server/server_factory_context.h"
 #include "test/mocks/server/transport_socket_factory_context.h"
 #include "test/test_common/test_time.h"
 
@@ -37,7 +36,6 @@ class XdsTestServer {
 
 private:
   testing::NiceMock<Server::Configuration::MockTransportSocketFactoryContext> factory_context_;
-  testing::NiceMock<Server::Configuration::MockServerFactoryContext> server_factory_context_;
   Stats::IsolatedStoreImpl stats_store_;
   Event::GlobalTimeSystem time_system_;
   Api::ApiPtr api_;
@@ -46,7 +44,7 @@ class XdsTestServer {
   Event::DispatcherPtr dispatcher_;
   FakeUpstreamConfig upstream_config_;
   Thread::MutexBasicLockable lock_;
-  Extensions::TransportSockets::Tls::ContextManagerImpl context_manager_{server_factory_context_};
+  Extensions::TransportSockets::Tls::ContextManagerImpl context_manager_{time_system_};
   std::unique_ptr<bazel::tools::cpp::runfiles::Runfiles> runfiles_;
   std::unique_ptr<FakeUpstream> xds_upstream_;
   FakeHttpConnectionPtr xds_connection_;

mobile/test/common/integration/xds_test_server_interface.cc

@@ -12,10 +12,6 @@ static std::weak_ptr<Envoy::XdsTestServer> weak_test_server_;
 static std::shared_ptr<Envoy::XdsTestServer> testServer() { return weak_test_server_.lock(); }
 
 void initXdsServer() {
-  // This is called via JNI from kotlin tests, and Envoy doesn't consider it a test thread
-  // which triggers some failures of `ASSERT_IS_MAIN_OR_TEST_THREAD()`.
-  Envoy::Thread::SkipAsserts skip;
-
   Envoy::ExtensionRegistry::registerFactories();
   strong_test_server_ = std::make_shared<Envoy::XdsTestServer>();
   weak_test_server_ = strong_test_server_;

source/common/common/matchers.cc

@@ -201,10 +201,9 @@ bool PathMatcher::match(const absl::string_view path) const {
   return matcher_.match(Http::PathUtil::removeQueryAndFragment(path));
 }
 
-StringMatcherPtr getExtensionStringMatcher(const ::xds::core::v3::TypedExtensionConfig& config,
-                                           ThreadLocal::SlotAllocator& tls, Api::Api& api) {
+StringMatcherPtr getExtensionStringMatcher(const ::xds::core::v3::TypedExtensionConfig& config) {
   auto factory = Config::Utility::getAndCheckFactory<StringMatcherExtensionFactory>(config, false);
-  return factory->createStringMatcher(config.typed_config(), tls, api);
+  return factory->createStringMatcher(config.typed_config());
 }
 
 } // namespace Matchers

source/common/common/matchers.h

@@ -86,36 +86,24 @@ class UniversalStringMatcher : public StringMatcher {
   bool match(absl::string_view) const override { return true; }
 };
 
-StringMatcherPtr getExtensionStringMatcher(const ::xds::core::v3::TypedExtensionConfig& config,
-                                           ThreadLocal::SlotAllocator& tls, Api::Api& api);
+StringMatcherPtr getExtensionStringMatcher(const ::xds::core::v3::TypedExtensionConfig& config);
 
 template <class StringMatcherType = envoy::type::matcher::v3::StringMatcher>
-class PrivateStringMatcherImpl : public ValueMatcher, public StringMatcher {
+class StringMatcherImpl : public ValueMatcher, public StringMatcher {
 public:
-  // TODO(ggreenway): convert all but the first parameter into
-  // `Server::Configuration::CommonFactoryContext`.
-  explicit PrivateStringMatcherImpl(const StringMatcherType& matcher, Regex::Engine* regex_engine,
-                                    ThreadLocal::SlotAllocator* tls, Api::Api* api)
-      : matcher_(matcher) {
+  explicit StringMatcherImpl(const StringMatcherType& matcher) : matcher_(matcher) {
     if (matcher.match_pattern_case() == StringMatcherType::MatchPatternCase::kSafeRegex) {
       if (matcher.ignore_case()) {
         ExceptionUtil::throwEnvoyException("ignore_case has no effect for safe_regex.");
       }
-      if (regex_engine != nullptr) {
-        regex_ = Regex::Utility::parseRegex(matcher_.safe_regex(), *regex_engine);
-      } else {
-        // TODO(ggreenway): remove this branch when we always have an engine. This is only
-        // needed to make tests not complain about dereferencing a null pointer, even though
-        // the reference isn't actually used.
-        regex_ = Regex::Utility::parseRegex(matcher_.safe_regex());
-      }
+      regex_ = Regex::Utility::parseRegex(matcher_.safe_regex());
     } else if (matcher.match_pattern_case() == StringMatcherType::MatchPatternCase::kContains) {
       if (matcher_.ignore_case()) {
         // Cache the lowercase conversion of the Contains matcher for future use
         lowercase_contains_match_ = absl::AsciiStrToLower(matcher_.contains());
       }
     } else {
-      initialize(matcher, tls, api);
+      initialize(matcher);
     }
   }
 
@@ -155,13 +143,11 @@ class PrivateStringMatcherImpl : public ValueMatcher, public StringMatcher {
   // overloading to only handle that case for type `envoy::type::matcher::v3::StringMatcher` to
   // prevent compilation errors on use of `kCustom`.
 
-  void initialize(const xds::type::matcher::v3::StringMatcher&, ThreadLocal::SlotAllocator*,
-                  Api::Api*) {}
+  void initialize(const xds::type::matcher::v3::StringMatcher&) {}
 
-  void initialize(const envoy::type::matcher::v3::StringMatcher& matcher,
-                  ThreadLocal::SlotAllocator* tls, Api::Api* api) {
+  void initialize(const envoy::type::matcher::v3::StringMatcher& matcher) {
     if (matcher.has_custom()) {
-      custom_ = getExtensionStringMatcher(matcher.custom(), *tls, *api);
+      custom_ = getExtensionStringMatcher(matcher.custom());
     }
   }
 
@@ -207,34 +193,9 @@ class PrivateStringMatcherImpl : public ValueMatcher, public StringMatcher {
   StringMatcherPtr custom_;
 };
 
-// Temporarily create two separate types with different constructors, inheriting from the same
-// implementation, to make it easier to find and replace all usage of the old one.
-// TODO(ggreenway): delete these two extra classes, make `PrivateStringMatcherImpl` back into
-// `StringMatcherImpl`.
-template <class StringMatcherType = envoy::type::matcher::v3::StringMatcher>
-class StringMatcherImplWithContext : public PrivateStringMatcherImpl<StringMatcherType> {
-public:
-  explicit StringMatcherImplWithContext(const StringMatcherType& matcher,
-                                        Server::Configuration::CommonFactoryContext& context)
-      : PrivateStringMatcherImpl<StringMatcherType>(matcher, &context.regexEngine(),
-                                                    &context.threadLocal(), &context.api()) {}
-};
-
-template <class StringMatcherType = envoy::type::matcher::v3::StringMatcher>
-class StringMatcherImpl : public PrivateStringMatcherImpl<StringMatcherType> {
-public:
-  explicit StringMatcherImpl(const StringMatcherType& matcher)
-      : PrivateStringMatcherImpl<StringMatcherType>(
-            matcher, Regex::EngineSingleton::getExisting(),
-            InjectableSingleton<ThreadLocal::SlotAllocator>::getExisting(),
-            InjectableSingleton<Api::Api>::getExisting()) {}
-};
-
 class StringMatcherExtensionFactory : public Config::TypedFactory {
 public:
-  // TODO(ggreenway): Convert all but first parameter to `CommonFactoryContext`.
-  virtual StringMatcherPtr createStringMatcher(const ProtobufWkt::Any& config,
-                                               ThreadLocal::SlotAllocator& tls, Api::Api& api) PURE;
+  virtual StringMatcherPtr createStringMatcher(const ProtobufWkt::Any& config) PURE;
 
   std::string category() const override { return "envoy.string_matcher"; }
 };

source/common/common/regex.h

@@ -79,16 +79,6 @@ class Utility {
 
     return EngineSingleton::get().matcher(matcher.regex());
   }
-
-  template <class RegexMatcherType>
-  static CompiledMatcherPtr parseRegex(const RegexMatcherType& matcher, Engine& engine) {
-    // Fallback deprecated engine type in regex matcher.
-    if (matcher.has_google_re2()) {
-      return std::make_unique<CompiledGoogleReMatcher>(matcher);
-    }
-
-    return engine.matcher(matcher.regex());
-  }
 };
 
 } // namespace Regex

source/common/tls/cert_validator/default_validator.cc

@@ -44,8 +44,8 @@ namespace Tls {
 
 DefaultCertValidator::DefaultCertValidator(
     const Envoy::Ssl::CertificateValidationContextConfig* config, SslStats& stats,
-    Server::Configuration::CommonFactoryContext& context)
-    : config_(config), stats_(stats), context_(context) {
+    TimeSource& time_source)
+    : config_(config), stats_(stats), time_source_(time_source) {
   if (config_ != nullptr) {
     allow_untrusted_certificate_ = config_->trustChainVerification() ==
                                    envoy::extensions::transport_sockets::tls::v3::
@@ -155,7 +155,7 @@ int DefaultCertValidator::initializeSslContexts(std::vector<SSL_CTX*> contexts,
     if (!cert_validation_config->subjectAltNameMatchers().empty()) {
       for (const envoy::extensions::transport_sockets::tls::v3::SubjectAltNameMatcher& matcher :
            cert_validation_config->subjectAltNameMatchers()) {
-        auto san_matcher = createStringSanMatcher(matcher, context_);
+        auto san_matcher = createStringSanMatcher(matcher);
         if (san_matcher == nullptr) {
           throwEnvoyExceptionOrPanic(
               absl::StrCat("Failed to create string SAN matcher of type ", matcher.san_type()));
@@ -548,19 +548,18 @@ Envoy::Ssl::CertificateDetailsPtr DefaultCertValidator::getCaCertInformation() c
   if (ca_cert_ == nullptr) {
     return nullptr;
   }
-  return Utility::certificateDetails(ca_cert_.get(), getCaFileName(), context_.timeSource());
+  return Utility::certificateDetails(ca_cert_.get(), getCaFileName(), time_source_);
 }
 
 absl::optional<uint32_t> DefaultCertValidator::daysUntilFirstCertExpires() const {
-  return Utility::getDaysUntilExpiration(ca_cert_.get(), context_.timeSource());
+  return Utility::getDaysUntilExpiration(ca_cert_.get(), time_source_);
 }
 
 class DefaultCertValidatorFactory : public CertValidatorFactory {
 public:
-  CertValidatorPtr
-  createCertValidator(const Envoy::Ssl::CertificateValidationContextConfig* config, SslStats& stats,
-                      Server::Configuration::CommonFactoryContext& context) override {
-    return std::make_unique<DefaultCertValidator>(config, stats, context);
+  CertValidatorPtr createCertValidator(const Envoy::Ssl::CertificateValidationContextConfig* config,
+                                       SslStats& stats, TimeSource& time_source) override {
+    return std::make_unique<DefaultCertValidator>(config, stats, time_source);
   }
 
   std::string name() const override { return "envoy.tls.cert_validator.default"; }

source/common/tls/cert_validator/default_validator.h

@@ -35,7 +35,7 @@ namespace Tls {
 class DefaultCertValidator : public CertValidator, Logger::Loggable<Logger::Id::connection> {
 public:
   DefaultCertValidator(const Envoy::Ssl::CertificateValidationContextConfig* config,
-                       SslStats& stats, Server::Configuration::CommonFactoryContext& context);
+                       SslStats& stats, TimeSource& time_source);
 
   ~DefaultCertValidator() override = default;
 
@@ -110,7 +110,7 @@ class DefaultCertValidator : public CertValidator, Logger::Loggable<Logger::Id::
 
   const Envoy::Ssl::CertificateValidationContextConfig* config_;
   SslStats& stats_;
-  Server::Configuration::CommonFactoryContext& context_;
+  TimeSource& time_source_;
 
   bool allow_untrusted_certificate_{false};
   bssl::UniquePtr<X509> ca_cert_;

source/common/tls/cert_validator/factory.h

@@ -21,7 +21,7 @@ class CertValidatorFactory : public Config::UntypedFactory {
 public:
   virtual CertValidatorPtr
   createCertValidator(const Envoy::Ssl::CertificateValidationContextConfig* config, SslStats& stats,
-                      Server::Configuration::CommonFactoryContext& context) PURE;
+                      TimeSource& time_source) PURE;
 
   std::string category() const override { return "envoy.tls.cert_validator"; }
 };