Remove deprecated feature flags (#6566)

Remove deprecated feature flags. Fixes #6559
2023-01-23 20:56:15 -05:00 · 2023-01-23 20:56:15 -05:00 · aae4175186
parent cee636b47d
commit aae4175186
11 changed files with 35 additions and 124 deletions
--- a/features/featureflag_string.go
+++ b/features/featureflag_string.go
@ -9,45 +9,23 @@ func _() {
 	// Re-run the stringer command to generate them again.
 	var x [1]struct{}
 	_ = x[unused-0]
-	_ = x[PrecertificateRevocation-1]
-	_ = x[StripDefaultSchemePort-2]
-	_ = x[NonCFSSLSigner-3]
-	_ = x[StoreIssuerInfo-4]
-	_ = x[StreamlineOrderAndAuthzs-5]
-	_ = x[V1DisableNewValidations-6]
-	_ = x[ExpirationMailerDontLookTwice-7]
-	_ = x[OldTLSInbound-8]
-	_ = x[OldTLSOutbound-9]
-	_ = x[ROCSPStage1-10]
-	_ = x[ROCSPStage2-11]
-	_ = x[ROCSPStage3-12]
-	_ = x[GetAuthzReadOnly-13]
-	_ = x[GetAuthzUseIndex-14]
-	_ = x[CheckFailedAuthorizationsFirst-15]
-	_ = x[FasterNewOrdersRateLimit-16]
-	_ = x[AllowV1Registration-17]
-	_ = x[RestrictRSAKeySizes-18]
-	_ = x[AllowReRevocation-19]
-	_ = x[MozRevocationReasons-20]
-	_ = x[SHA1CSRs-21]
-	_ = x[RejectDuplicateCSRExtensions-22]
-	_ = x[StoreRevokerInfo-23]
-	_ = x[CAAValidationMethods-24]
-	_ = x[CAAAccountURI-25]
-	_ = x[EnforceMultiVA-26]
-	_ = x[MultiVAFullResults-27]
-	_ = x[MandatoryPOSTAsGET-28]
-	_ = x[ECDSAForAll-29]
-	_ = x[ServeRenewalInfo-30]
-	_ = x[AllowUnrecognizedFeatures-31]
-	_ = x[ROCSPStage6-32]
-	_ = x[ROCSPStage7-33]
-	_ = x[ExpirationMailerUsesJoin-34]
+	_ = x[StoreRevokerInfo-1]
+	_ = x[CAAValidationMethods-2]
+	_ = x[CAAAccountURI-3]
+	_ = x[EnforceMultiVA-4]
+	_ = x[MultiVAFullResults-5]
+	_ = x[MandatoryPOSTAsGET-6]
+	_ = x[ECDSAForAll-7]
+	_ = x[ServeRenewalInfo-8]
+	_ = x[AllowUnrecognizedFeatures-9]
+	_ = x[ROCSPStage6-10]
+	_ = x[ROCSPStage7-11]
+	_ = x[ExpirationMailerUsesJoin-12]
 }

-const _FeatureFlag_name = "unusedPrecertificateRevocationStripDefaultSchemePortNonCFSSLSignerStoreIssuerInfoStreamlineOrderAndAuthzsV1DisableNewValidationsExpirationMailerDontLookTwiceOldTLSInboundOldTLSOutboundROCSPStage1ROCSPStage2ROCSPStage3GetAuthzReadOnlyGetAuthzUseIndexCheckFailedAuthorizationsFirstFasterNewOrdersRateLimitAllowV1RegistrationRestrictRSAKeySizesAllowReRevocationMozRevocationReasonsSHA1CSRsRejectDuplicateCSRExtensionsStoreRevokerInfoCAAValidationMethodsCAAAccountURIEnforceMultiVAMultiVAFullResultsMandatoryPOSTAsGETECDSAForAllServeRenewalInfoAllowUnrecognizedFeaturesROCSPStage6ROCSPStage7ExpirationMailerUsesJoin"
+const _FeatureFlag_name = "unusedStoreRevokerInfoCAAValidationMethodsCAAAccountURIEnforceMultiVAMultiVAFullResultsMandatoryPOSTAsGETECDSAForAllServeRenewalInfoAllowUnrecognizedFeaturesROCSPStage6ROCSPStage7ExpirationMailerUsesJoin"

-var _FeatureFlag_index = [...]uint16{0, 6, 30, 52, 66, 81, 105, 128, 157, 170, 184, 195, 206, 217, 233, 249, 279, 303, 322, 341, 358, 378, 386, 414, 430, 450, 463, 477, 495, 513, 524, 540, 565, 576, 587, 611}
+var _FeatureFlag_index = [...]uint8{0, 6, 22, 42, 55, 69, 87, 105, 116, 132, 157, 168, 179, 203}

 func (i FeatureFlag) String() string {
 	if i < 0 || i >= FeatureFlag(len(_FeatureFlag_index)-1) {
--- a/features/features.go
+++ b/features/features.go
@ -13,28 +13,6 @@ type FeatureFlag int
 const (
 	unused FeatureFlag = iota // unused is used for testing
 	//   Deprecated features, these can be removed once stripped from production configs
-	PrecertificateRevocation
-	StripDefaultSchemePort
-	NonCFSSLSigner
-	StoreIssuerInfo
-	StreamlineOrderAndAuthzs
-	V1DisableNewValidations
-	ExpirationMailerDontLookTwice
-	OldTLSInbound
-	OldTLSOutbound
-	ROCSPStage1
-	ROCSPStage2
-	ROCSPStage3
-	GetAuthzReadOnly
-	GetAuthzUseIndex
-	CheckFailedAuthorizationsFirst
-	FasterNewOrdersRateLimit
-	AllowV1Registration
-	RestrictRSAKeySizes
-	AllowReRevocation
-	MozRevocationReasons
-	SHA1CSRs
-	RejectDuplicateCSRExtensions
 	StoreRevokerInfo

 	//   Currently in-use features
@ -79,41 +57,19 @@ const (

 // List of features and their default value, protected by fMu
 var features = map[FeatureFlag]bool{
-	unused:                         false,
-	CAAValidationMethods:           false,
-	CAAAccountURI:                  false,
-	EnforceMultiVA:                 false,
-	MultiVAFullResults:             false,
-	MandatoryPOSTAsGET:             false,
-	AllowV1Registration:            true,
-	V1DisableNewValidations:        false,
-	PrecertificateRevocation:       false,
-	StripDefaultSchemePort:         false,
-	StoreIssuerInfo:                false,
-	StoreRevokerInfo:               false,
-	RestrictRSAKeySizes:            false,
-	FasterNewOrdersRateLimit:       false,
-	NonCFSSLSigner:                 false,
-	ECDSAForAll:                    false,
-	StreamlineOrderAndAuthzs:       false,
-	ServeRenewalInfo:               false,
-	GetAuthzReadOnly:               false,
-	GetAuthzUseIndex:               false,
-	CheckFailedAuthorizationsFirst: false,
-	AllowReRevocation:              false,
-	MozRevocationReasons:           false,
-	OldTLSOutbound:                 true,
-	OldTLSInbound:                  true,
-	SHA1CSRs:                       true,
-	AllowUnrecognizedFeatures:      false,
-	ExpirationMailerDontLookTwice:  false,
-	RejectDuplicateCSRExtensions:   false,
-	ROCSPStage1:                    false,
-	ROCSPStage2:                    false,
-	ROCSPStage3:                    false,
-	ROCSPStage6:                    false,
-	ROCSPStage7:                    false,
-	ExpirationMailerUsesJoin:       false,
+	unused:                    false,
+	CAAValidationMethods:      false,
+	CAAAccountURI:             false,
+	EnforceMultiVA:            false,
+	MultiVAFullResults:        false,
+	MandatoryPOSTAsGET:        false,
+	StoreRevokerInfo:          false,
+	ECDSAForAll:               false,
+	ServeRenewalInfo:          false,
+	AllowUnrecognizedFeatures: false,
+	ROCSPStage6:               false,
+	ROCSPStage7:               false,
+	ExpirationMailerUsesJoin:  false,
 }

 var fMu = new(sync.RWMutex)
--- a/goodkey/good_key_test.go
+++ b/goodkey/good_key_test.go
@ -10,7 +10,6 @@ import (
 	"math/big"
 	"testing"

-	"github.com/letsencrypt/boulder/features"
 	sapb "github.com/letsencrypt/boulder/sa/proto"
 	"github.com/letsencrypt/boulder/test"
 	"google.golang.org/grpc"
@ -290,12 +289,8 @@ func TestDBBlocklistReject(t *testing.T) {
 }

 func TestRSAStrangeSize(t *testing.T) {
-	err := features.Set(map[string]bool{"RestrictRSAKeySizes": true})
-	test.AssertNotError(t, err, "failed to set features")
-	defer features.Reset()
-
 	k := &rsa.PublicKey{N: big.NewInt(10)}
-	err = testingPolicy.GoodKey(context.Background(), k)
+	err := testingPolicy.GoodKey(context.Background(), k)
 	test.AssertError(t, err, "expected GoodKey to fail")
 	test.AssertEquals(t, err.Error(), "key size not supported: 4")
 }
--- a/test/config-next/expiration-mailer.json
+++ b/test/config-next/expiration-mailer.json
@ -31,8 +31,7 @@
    "SMTPTrustedRootFile": "test/mail-test-srv/minica.pem",
    "frequency": "1h",
    "features": {
-      "ExpirationMailerUsesJoin": true,
-      "ExpirationMailerDontLookTwice": true
+      "ExpirationMailerUsesJoin": true
    }
  },

--- a/test/config-next/ra.json
+++ b/test/config-next/ra.json
@ -93,7 +93,6 @@
    },
    "features": {
      "StoreRevokerInfo": true,
-      "StreamlineOrderAndAuthzs": true,
      "ROCSPStage7": true
    },
    "ctLogs": {
--- a/test/config-next/wfe2.json
+++ b/test/config-next/wfe2.json
@ -87,7 +87,7 @@
    "authorizationLifetimeDays": 30,
    "pendingAuthorizationLifetimeDays": 7,
    "features": {
-      "PrecertificateRevocation": true,
+      "MandatoryPOSTAsGET": true,
      "ServeRenewalInfo": true
    }
  },
--- a/test/config/ca-a.json
+++ b/test/config/ca-a.json
@ -140,9 +140,7 @@
    "ocspLogMaxLength": 4000,
    "ocspLogPeriod": "500ms",
    "ecdsaAllowListFilename": "test/config/ecdsaAllowList.yml",
-    "features": {
-      "RejectDuplicateCSRExtensions": true
-    }
+    "features": {}
  },

  "pa": {
--- a/test/config/ca-b.json
+++ b/test/config/ca-b.json
@ -140,9 +140,7 @@
    "ocspLogMaxLength": 4000,
    "ocspLogPeriod": "500ms",
    "ecdsaAllowListFilename": "test/config/ecdsaAllowList.yml",
-    "features": {
-      "RejectDuplicateCSRExtensions": true
-    }
+    "features": {}
  },

  "pa": {
--- a/test/config/ra.json
+++ b/test/config/ra.json
@ -61,13 +61,7 @@
      ]
    },
    "features": {
-      "StoreRevokerInfo": true,
-      "RestrictRSAKeySizes": true,
-      "StreamlineOrderAndAuthzs": true,
-      "AllowReRevocation": true,
-      "MozRevocationReasons": true,
-      "SHA1CSRs": false,
-      "RejectDuplicateCSRExtensions": true
+      "StoreRevokerInfo": true
    },
    "ctLogs": {
      "stagger": "500ms",
--- a/test/config/sa.json
+++ b/test/config/sa.json
@ -46,10 +46,7 @@
      }
    },
    "features": {
-      "FasterNewOrdersRateLimit": true,
-      "StoreRevokerInfo": true,
-      "GetAuthzReadOnly": true,
-      "GetAuthzUseIndex": true
+      "StoreRevokerInfo": true
    }
  },

--- a/test/config/wfe2.json
+++ b/test/config/wfe2.json
@ -71,10 +71,7 @@
    "staleTimeout": "5m",
    "authorizationLifetimeDays": 30,
    "pendingAuthorizationLifetimeDays": 7,
-    "features": {
-      "PrecertificateRevocation": true,
-      "StripDefaultSchemePort": true
-    }
+    "features": {}
  },

  "syslog": {