From 6b410a2639ebad76b28cb9076eee04f68ba972dd Mon Sep 17 00:00:00 2001
From: Theodore Tsirpanis <teo@tsirpanis.gr>
Date: Fri, 13 Sep 2024 19:25:25 +0300
Subject: [PATCH] Remove `rest.ignore_ssl_validation` config option.

---
 tiledb/api/c_api/config/config_api_external.h |  3 ---
 tiledb/sm/cpp_api/config.h                    |  3 ---
 tiledb/sm/filesystem/ssl_config.cc            | 16 ----------------
 tiledb/sm/filesystem/ssl_config.h             |  5 -----
 tiledb/sm/rest/curl.cc                        |  2 +-
 5 files changed, 1 insertion(+), 28 deletions(-)

diff --git a/tiledb/api/c_api/config/config_api_external.h b/tiledb/api/c_api/config/config_api_external.h
index 4a4551bebbb..a8043336b1b 100644
--- a/tiledb/api/c_api/config/config_api_external.h
+++ b/tiledb/api/c_api/config/config_api_external.h
@@ -711,9 +711,6 @@ TILEDB_EXPORT void tiledb_config_free(tiledb_config_t** config) TILEDB_NOEXCEPT;
  *    If true, incomplete queries received from server are automatically
  *    resubmitted before returning to user control. <br>
  *    **Default**: "true"
- * - `rest.ignore_ssl_validation` <br>
- *    Have curl ignore ssl peer and host validation for REST server. <br>
- *    **Default**: false
  * - `rest.creation_access_credentials_name` <br>
  *    The name of the registered access key to use for creation of the REST
  *    server. <br>
diff --git a/tiledb/sm/cpp_api/config.h b/tiledb/sm/cpp_api/config.h
index 08c410658ea..1423dd6e3d7 100644
--- a/tiledb/sm/cpp_api/config.h
+++ b/tiledb/sm/cpp_api/config.h
@@ -885,9 +885,6 @@ class Config {
    *    If true, incomplete queries received from server are automatically
    *    resubmitted before returning to user control. <br>
    *    **Default**: "true"
-   * - `rest.ignore_ssl_validation` <br>
-   *    Have curl ignore ssl peer and host validation for REST server. <br>
-   *    **Default**: false
    * - `rest.creation_access_credentials_name` <br>
    *    The name of the registered access key to use for creation of the REST
    *    server. <br>
diff --git a/tiledb/sm/filesystem/ssl_config.cc b/tiledb/sm/filesystem/ssl_config.cc
index 7cedaefaf39..22e6da735b1 100644
--- a/tiledb/sm/filesystem/ssl_config.cc
+++ b/tiledb/sm/filesystem/ssl_config.cc
@@ -109,20 +109,4 @@ S3SSLConfig::S3SSLConfig(const Config& cfg)
   }
 }
 
-RestSSLConfig::RestSSLConfig(const Config& cfg)
-    : SSLConfig(cfg) {
-  // Only override what was found in `ssl.verify` if
-  // `rest.ignore_ssl_verification` is non-default (i.e., true, the naming here
-  // is backwards from all the other ssl verification key names)
-  auto skip_verify = cfg.get<bool>("rest.ignore_ssl_validation");
-  if (skip_verify.has_value() && skip_verify.value()) {
-    LOG_WARN(
-        "The 'rest.ignore_ssl_validation = false' configuration option "
-        "has been replaced with 'ssl.verify = true'. Make sure that you update "
-        "your configuration because 'rest.ignore_ssl_validation' will "
-        "eventually be removed.");
-    verify_ = false;
-  }
-}
-
 }  // namespace tiledb::sm
diff --git a/tiledb/sm/filesystem/ssl_config.h b/tiledb/sm/filesystem/ssl_config.h
index 3687fb07015..e7e32392037 100644
--- a/tiledb/sm/filesystem/ssl_config.h
+++ b/tiledb/sm/filesystem/ssl_config.h
@@ -73,11 +73,6 @@ class S3SSLConfig : public SSLConfig {
   S3SSLConfig(const Config& cfg);
 };
 
-class RestSSLConfig : public SSLConfig {
- public:
-  RestSSLConfig(const Config& cfg);
-};
-
 }  // namespace tiledb::sm
 
 #endif  // TILEDB_SSL_CONFIG_H
diff --git a/tiledb/sm/rest/curl.cc b/tiledb/sm/rest/curl.cc
index 921fce0db19..eab883e7f84 100644
--- a/tiledb/sm/rest/curl.cc
+++ b/tiledb/sm/rest/curl.cc
@@ -277,7 +277,7 @@ Status Curl::init(
     return LOG_STATUS(Status_RestError(
         "Error initializing libcurl; failed to set CURLOPT_HEADERDATA"));
 
-  SSLConfig ssl_cfg = RestSSLConfig(*config_);
+  SSLConfig ssl_cfg(*config_);
 
   if (ssl_cfg.verify() == false) {
     curl_easy_setopt(curl_.get(), CURLOPT_SSL_VERIFYHOST, 0);