diff options
| author | Ben Caimano <ben.caimano@10gen.com> | 2021-03-19 17:43:30 +0000 |
|---|---|---|
| committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2021-03-19 18:13:11 +0000 |
| commit | 4e410825f29880ff9502d41e3874b9ec8cef49cd (patch) | |
| tree | db99929e198cea36e3c167da546e38042874cbcb | |
| parent | e0c02385a21c388365b8908ebe33aaeeda3725e0 (diff) | |
| download | mongo-4e410825f29880ff9502d41e3874b9ec8cef49cd.tar.gz | |
SERVER-24912 Audit setting ClientMetadata as its own event
| -rw-r--r-- | src/mongo/db/audit.cpp | 4 | ||||
| -rw-r--r-- | src/mongo/db/audit.h | 5 | ||||
| -rw-r--r-- | src/mongo/db/repl/replication_info.cpp | 3 | ||||
| -rw-r--r-- | src/mongo/embedded/SConscript | 1 | ||||
| -rw-r--r-- | src/mongo/embedded/embedded_ismaster.cpp | 2 | ||||
| -rw-r--r-- | src/mongo/s/commands/cluster_hello_cmd.cpp | 5 | ||||
| -rw-r--r-- | src/mongo/transport/service_entry_point_impl.cpp | 5 |
7 files changed, 23 insertions, 2 deletions
diff --git a/src/mongo/db/audit.cpp b/src/mongo/db/audit.cpp index 08b811dc3f2..512e8692e69 100644 --- a/src/mongo/db/audit.cpp +++ b/src/mongo/db/audit.cpp @@ -36,6 +36,10 @@ namespace audit { ImpersonatedClientAttrs::ImpersonatedClientAttrs(Client* client) {} +void logClientMetadata(Client* client) { + invariant(client); +} + void logAuthentication(Client* client, const AuthenticateEvent&) { invariant(client); } diff --git a/src/mongo/db/audit.h b/src/mongo/db/audit.h index bb24e80e087..914184c49b3 100644 --- a/src/mongo/db/audit.h +++ b/src/mongo/db/audit.h @@ -88,6 +88,11 @@ public: }; /** + * Logs the metadata for a client connection once it is finalized. + */ +void logClientMetadata(Client* client); + +/** * AuthenticateEvent is a opaque view into a finished authentication handshake. * * This object is only valid within its initial stack context. diff --git a/src/mongo/db/repl/replication_info.cpp b/src/mongo/db/repl/replication_info.cpp index 79d74e4329d..1bae39415cf 100644 --- a/src/mongo/db/repl/replication_info.cpp +++ b/src/mongo/db/repl/replication_info.cpp @@ -37,6 +37,7 @@ #include "mongo/bson/util/bson_extract.h" #include "mongo/client/connpool.h" #include "mongo/client/dbclient_connection.h" +#include "mongo/db/audit.h" #include "mongo/db/client.h" #include "mongo/db/commands/server_status.h" #include "mongo/db/commands/test_commands_enabled.h" @@ -298,6 +299,8 @@ public: auto client = opCtx->getClient(); if (ClientMetadata::tryFinalize(client)) { + audit::logClientMetadata(client); + // If we are the first hello, then set split horizon parameters. auto sniName = client->getSniNameForSession(); SplitHorizon::setParameters(client, std::move(sniName)); diff --git a/src/mongo/embedded/SConscript b/src/mongo/embedded/SConscript index b9eec500f88..dfca96b673d 100644 --- a/src/mongo/embedded/SConscript +++ b/src/mongo/embedded/SConscript @@ -77,6 +77,7 @@ env.Library( '$BUILD_DIR/mongo/base', ], LIBDEPS_PRIVATE=[ + '$BUILD_DIR/mongo/db/audit', '$BUILD_DIR/mongo/db/auth/auth', '$BUILD_DIR/mongo/db/catalog/catalog_impl', '$BUILD_DIR/mongo/db/command_can_run_here', diff --git a/src/mongo/embedded/embedded_ismaster.cpp b/src/mongo/embedded/embedded_ismaster.cpp index 35568085720..5964b9e0781 100644 --- a/src/mongo/embedded/embedded_ismaster.cpp +++ b/src/mongo/embedded/embedded_ismaster.cpp @@ -30,6 +30,7 @@ #include "mongo/platform/basic.h" +#include "mongo/db/audit.h" #include "mongo/db/commands.h" #include "mongo/db/ops/write_ops.h" #include "mongo/rpc/metadata/client_metadata.h" @@ -72,6 +73,7 @@ public: auto metaElem = cmdObj[kMetadataDocumentName]; ClientMetadata::setFromMetadata(opCtx->getClient(), metaElem); ClientMetadata::tryFinalize(opCtx->getClient()); + audit::logClientMetadata(opCtx->getClient()); result.appendBool("ismaster", true); diff --git a/src/mongo/s/commands/cluster_hello_cmd.cpp b/src/mongo/s/commands/cluster_hello_cmd.cpp index bc28fd4ed60..c2ad55c4ba7 100644 --- a/src/mongo/s/commands/cluster_hello_cmd.cpp +++ b/src/mongo/s/commands/cluster_hello_cmd.cpp @@ -32,6 +32,7 @@ #include "mongo/base/string_data.h" #include "mongo/bson/util/bson_extract.h" +#include "mongo/db/audit.h" #include "mongo/db/client.h" #include "mongo/db/commands.h" #include "mongo/db/commands/test_commands_enabled.h" @@ -106,7 +107,9 @@ public: waitInHello.pauseWhileSet(opCtx); auto client = opCtx->getClient(); - ClientMetadata::tryFinalize(client); + if (ClientMetadata::tryFinalize(client)) { + audit::logClientMetadata(client); + } // If a client is following the awaitable hello protocol, maxAwaitTimeMS should be // present if and only if topologyVersion is present in the request. diff --git a/src/mongo/transport/service_entry_point_impl.cpp b/src/mongo/transport/service_entry_point_impl.cpp index 111dfd4bbd3..92d80da802e 100644 --- a/src/mongo/transport/service_entry_point_impl.cpp +++ b/src/mongo/transport/service_entry_point_impl.cpp @@ -163,6 +163,7 @@ void ServiceEntryPointImpl::startSession(transport::SessionHandle session) { auto clientName = "conn{}"_format(session->id()); auto client = _svcCtx->makeClient(clientName, session); + auto uuid = client->getUUID(); const bool quiet = serverGlobalParams.quiet.load(); @@ -193,12 +194,13 @@ void ServiceEntryPointImpl::startSession(transport::SessionHandle session) { LOGV2(22943, "Connection accepted", "remote"_attr = session->remote(), + "uuid"_attr = uuid.toString(), "connectionId"_attr = session->id(), "connectionCount"_attr = connectionCount); } auto ssmIt = *maybeSsmIt; - ssmIt->setCleanupHook([this, ssmIt, quiet, session = std::move(session)] { + ssmIt->setCleanupHook([this, ssmIt, quiet, session = std::move(session), uuid] { size_t connectionCount; auto remote = session->remote(); { @@ -212,6 +214,7 @@ void ServiceEntryPointImpl::startSession(transport::SessionHandle session) { LOGV2(22944, "Connection ended", "remote"_attr = remote, + "uuid"_attr = uuid.toString(), "connectionId"_attr = session->id(), "connectionCount"_attr = connectionCount); } |