SERVER-26944 Make Session decorable and move subsystem info into decorations

author: Jonathan Reams <jbreams@mongodb.com> 2016-12-08 16:06:17 -0500
committer: Jonathan Reams <jbreams@mongodb.com> 2016-12-14 17:12:51 -0500
commit: db285e7c7b8026617e33b43713df26c49b476d20 (patch)
tree: ff9b265a903b1208d8d5da4787ff49d265ac507d
parent: 128ddb98e3e23787bdb7984b1e8d2a87a81cdf78 (diff)
download: mongo-db285e7c7b8026617e33b43713df26c49b476d20.tar.gz
24 files changed, 65 insertions, 84 deletions
diff --git a/src/mongo/db/auth/SConscript b/src/mongo/db/auth/SConscript
index 4334cb136a9..51f465a9702 100644
--- a/src/mongo/db/auth/SConscript
+++ b/src/mongo/db/auth/SConscript
@@ -47,7 +47,8 @@ env.Library('authcore', ['action_set.cpp',
                      '$BUILD_DIR/mongo/db/ops/update_driver',
                      '$BUILD_DIR/mongo/db/namespace_string',
                      '$BUILD_DIR/mongo/db/service_context',
-                     '$BUILD_DIR/mongo/util/md5'])
+                     '$BUILD_DIR/mongo/util/md5',
+                     '$BUILD_DIR/mongo/util/net/network'])
 
 env.Library('authcommon',
             ['internal_user_auth.cpp'],
diff --git a/src/mongo/db/auth/authorization_manager_test.cpp b/src/mongo/db/auth/authorization_manager_test.cpp
index 50f823f014a..144f43d2735 100644
--- a/src/mongo/db/auth/authorization_manager_test.cpp
+++ b/src/mongo/db/auth/authorization_manager_test.cpp
@@ -55,6 +55,11 @@
 namespace mongo {
 namespace {
 
+void setX509PeerInfo(const transport::SessionHandle& session, SSLPeerInfo info) {
+    auto& sslPeerInfo = SSLPeerInfo::forSession(session);
+    sslPeerInfo = info;
+}
+
 using std::vector;
 
 TEST(RoleParsingTest, BuildRoleBSON) {
@@ -245,7 +250,7 @@ TEST_F(AuthorizationManagerTest, testLocalX509Authorization) {
     ServiceContextNoop serviceContext;
     transport::TransportLayerMock transportLayer{};
     transport::SessionHandle session = transportLayer.createSession();
-    transportLayer.setX509PeerInfo(
+    setX509PeerInfo(
         session,
         SSLPeerInfo("CN=mongodb.com", {RoleName("read", "test"), RoleName("readWrite", "test")}));
     ServiceContext::UniqueClient client = serviceContext.makeClient("testClient", session);
@@ -279,7 +284,7 @@ TEST_F(AuthorizationManagerTest, testLocalX509AuthorizationInvalidUser) {
     ServiceContextNoop serviceContext;
     transport::TransportLayerMock transportLayer{};
     transport::SessionHandle session = transportLayer.createSession();
-    transportLayer.setX509PeerInfo(
+    setX509PeerInfo(
         session,
         SSLPeerInfo("CN=mongodb.com", {RoleName("read", "test"), RoleName("write", "test")}));
     ServiceContext::UniqueClient client = serviceContext.makeClient("testClient", session);
@@ -294,7 +299,7 @@ TEST_F(AuthorizationManagerTest, testLocalX509AuthenticationNoAuthorization) {
     ServiceContextNoop serviceContext;
     transport::TransportLayerMock transportLayer{};
     transport::SessionHandle session = transportLayer.createSession();
-    transportLayer.setX509PeerInfo(session, {});
+    setX509PeerInfo(session, {});
     ServiceContext::UniqueClient client = serviceContext.makeClient("testClient", session);
     ServiceContext::UniqueOperationContext txn = client->makeOperationContext();
 
diff --git a/src/mongo/db/auth/authz_manager_external_state.cpp b/src/mongo/db/auth/authz_manager_external_state.cpp
index ed5f0fe6bfd..c81c6d1324f 100644
--- a/src/mongo/db/auth/authz_manager_external_state.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state.cpp
@@ -42,10 +42,11 @@ AuthzManagerExternalState::~AuthzManagerExternalState() = default;
 
 bool AuthzManagerExternalState::shouldUseRolesFromConnection(OperationContext* txn,
                                                              const UserName& userName) {
-    return txn && txn->getClient() && txn->getClient()->session() &&
-        txn->getClient()->session()->getX509PeerInfo().subjectName == userName.getUser() &&
-        userName.getDB() == "$external" &&
-        !txn->getClient()->session()->getX509PeerInfo().roles.empty();
+    if (!txn || !txn->getClient() || !txn->getClient()->session())
+        return false;
+    auto& sslPeerInfo = SSLPeerInfo::forSession(txn->getClient()->session());
+    return sslPeerInfo.subjectName == userName.getUser() && userName.getDB() == "$external" &&
+        !sslPeerInfo.roles.empty();
 }
 
 
diff --git a/src/mongo/db/auth/authz_manager_external_state_local.cpp b/src/mongo/db/auth/authz_manager_external_state_local.cpp
index a55c734b353..30bed6ee33f 100644
--- a/src/mongo/db/auth/authz_manager_external_state_local.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_local.cpp
@@ -161,7 +161,8 @@ Status AuthzManagerExternalStateLocal::getUserDescription(OperationContext* txn,
     } else {
         // We are able to artifically construct the external user from the request
         BSONArrayBuilder userRoles;
-        for (const RoleName& role : txn->getClient()->session()->getX509PeerInfo().roles) {
+        auto& sslPeerInfo = SSLPeerInfo::forSession(txn->getClient()->session());
+        for (const RoleName& role : sslPeerInfo.roles) {
             userRoles << BSON("role" << role.getRole() << "db" << role.getDB());
         }
         *result = BSON("_id" << userName.getUser() << "user" << userName.getUser() << "db"
diff --git a/src/mongo/db/auth/authz_manager_external_state_s.cpp b/src/mongo/db/auth/authz_manager_external_state_s.cpp
index 5332da3a1ad..68a68a7b009 100644
--- a/src/mongo/db/auth/authz_manager_external_state_s.cpp
+++ b/src/mongo/db/auth/authz_manager_external_state_s.cpp
@@ -156,7 +156,8 @@ Status AuthzManagerExternalStateMongos::getUserDescription(OperationContext* txn
         // Obtain privilege information from the config servers for all roles acquired from the X509
         // certificate.
         BSONArrayBuilder userRolesBuilder;
-        for (const RoleName& role : txn->getClient()->session()->getX509PeerInfo().roles) {
+        auto& sslPeerInfo = SSLPeerInfo::forSession(txn->getClient()->session());
+        for (const RoleName& role : sslPeerInfo.roles) {
             userRolesBuilder.append(BSON(AuthorizationManager::ROLE_NAME_FIELD_NAME
                                          << role.getRole()
                                          << AuthorizationManager::ROLE_DB_FIELD_NAME
diff --git a/src/mongo/db/commands/authentication_commands.cpp b/src/mongo/db/commands/authentication_commands.cpp
index f6fcc301b05..d1374799c1d 100644
--- a/src/mongo/db/commands/authentication_commands.cpp
+++ b/src/mongo/db/commands/authentication_commands.cpp
@@ -167,10 +167,9 @@ bool CmdAuthenticate::run(OperationContext* txn,
         mechanism = "MONGODB-CR";
     }
     UserName user;
+    auto& sslPeerInfo = SSLPeerInfo::forSession(txn->getClient()->session());
     if (mechanism == "MONGODB-X509" && !cmdObj.hasField("user")) {
-        Client* client = txn->getClient();
-        auto clientName = client->session()->getX509PeerInfo().subjectName;
-        user = UserName(clientName, dbname);
+        user = UserName(sslPeerInfo.subjectName, dbname);
     } else {
         user = UserName(cmdObj.getStringField("user"), dbname);
     }
@@ -322,7 +321,7 @@ Status CmdAuthenticate::_authenticateX509(OperationContext* txn,
 
     Client* client = Client::getCurrent();
     AuthorizationSession* authorizationSession = AuthorizationSession::get(client);
-    auto clientName = client->session()->getX509PeerInfo().subjectName;
+    auto clientName = SSLPeerInfo::forSession(client->session()).subjectName;
 
     if (!getSSLManager()->getSSLConfiguration().hasCA) {
         return Status(ErrorCodes::AuthenticationFailed,
diff --git a/src/mongo/db/repl/replication_info.cpp b/src/mongo/db/repl/replication_info.cpp
index d655ccfa73b..0e04866b15c 100644
--- a/src/mongo/db/repl/replication_info.cpp
+++ b/src/mongo/db/repl/replication_info.cpp
@@ -303,7 +303,8 @@ public:
         if (parameter)
             parameter->append(txn, result, "automationServiceDescriptor");
 
-        txn->getClient()->session()->getCompressorManager().serverNegotiate(cmdObj, &result);
+        MessageCompressorManager::forSession(txn->getClient()->session())
+            .serverNegotiate(cmdObj, &result);
 
         return true;
     }
diff --git a/src/mongo/s/commands/cluster_is_master_cmd.cpp b/src/mongo/s/commands/cluster_is_master_cmd.cpp
index fade2fdb73f..566660ea92d 100644
--- a/src/mongo/s/commands/cluster_is_master_cmd.cpp
+++ b/src/mongo/s/commands/cluster_is_master_cmd.cpp
@@ -121,7 +121,8 @@ public:
         if (parameter)
             parameter->append(txn, result, "automationServiceDescriptor");
 
-        txn->getClient()->session()->getCompressorManager().serverNegotiate(cmdObj, &result);
+        MessageCompressorManager::forSession(txn->getClient()->session())
+            .serverNegotiate(cmdObj, &result);
 
         return true;
     }
diff --git a/src/mongo/transport/SConscript b/src/mongo/transport/SConscript
index 1307514466e..b8a12cfa695 100644
--- a/src/mongo/transport/SConscript
+++ b/src/mongo/transport/SConscript
@@ -110,6 +110,7 @@ env.Library(
     ],
     LIBDEPS=[
         '$BUILD_DIR/mongo/base',
+        '$BUILD_DIR/mongo/util/decorable',
         '$BUILD_DIR/mongo/util/options_parser/options_parser',
         '$BUILD_DIR/third_party/shim_snappy',
     ]
diff --git a/src/mongo/transport/message_compressor_manager.cpp b/src/mongo/transport/message_compressor_manager.cpp
index 78fa19ad8a3..132cee33421 100644
--- a/src/mongo/transport/message_compressor_manager.cpp
+++ b/src/mongo/transport/message_compressor_manager.cpp
@@ -37,6 +37,7 @@
 #include "mongo/bson/bsonobj.h"
 #include "mongo/bson/bsonobjbuilder.h"
 #include "mongo/transport/message_compressor_registry.h"
+#include "mongo/transport/session.h"
 #include "mongo/util/log.h"
 #include "mongo/util/net/message.h"
 
@@ -69,6 +70,9 @@ struct CompressionHeader {
         return sizeof(originalOpCode) + sizeof(uncompressedSize) + sizeof(compressorId);
     }
 };
+
+const transport::Session::Decoration<MessageCompressorManager> getForSession =
+    transport::Session::declareDecoration<MessageCompressorManager>();
 }  // namespace
 
 MessageCompressorManager::MessageCompressorManager()
@@ -246,4 +250,9 @@ void MessageCompressorManager::serverNegotiate(const BSONObj& input, BSONObjBuil
     }
 }
 
+MessageCompressorManager& MessageCompressorManager::forSession(
+    const transport::SessionHandle& session) {
+    return getForSession(session.get());
+}
+
 }  // namespace mongo
diff --git a/src/mongo/transport/message_compressor_manager.h b/src/mongo/transport/message_compressor_manager.h
index 7af084996db..0ccfc332f38 100644
--- a/src/mongo/transport/message_compressor_manager.h
+++ b/src/mongo/transport/message_compressor_manager.h
@@ -31,6 +31,7 @@
 #include "mongo/base/disallow_copying.h"
 #include "mongo/base/status_with.h"
 #include "mongo/transport/message_compressor_base.h"
+#include "mongo/transport/session.h"
 
 #include <vector>
 
@@ -113,6 +114,8 @@ public:
      */
     StatusWith<Message> decompressMessage(const Message& msg);
 
+    static MessageCompressorManager& forSession(const transport::SessionHandle& session);
+
 private:
     std::vector<MessageCompressorBase*> _negotiated;
     MessageCompressorRegistry* _registry;
diff --git a/src/mongo/transport/service_entry_point_test_suite.cpp b/src/mongo/transport/service_entry_point_test_suite.cpp
index 5d2945919e3..c9fcf9886f6 100644
--- a/src/mongo/transport/service_entry_point_test_suite.cpp
+++ b/src/mongo/transport/service_entry_point_test_suite.cpp
@@ -131,11 +131,6 @@ void ServiceEntryPointTestSuite::MockTLHarness::asyncWait(Ticket&& ticket,
     return _asyncWait(std::move(ticket), std::move(callback));
 }
 
-SSLPeerInfo ServiceEntryPointTestSuite::MockTLHarness::getX509PeerInfo(
-    const ConstSessionHandle& session) const {
-    return SSLPeerInfo("mock", stdx::unordered_set<RoleName>{});
-}
-
 TransportLayer::Stats ServiceEntryPointTestSuite::MockTLHarness::sessionStats() {
     return Stats();
 }
diff --git a/src/mongo/transport/service_entry_point_test_suite.h b/src/mongo/transport/service_entry_point_test_suite.h
index b8e6a2f4b19..62741124469 100644
--- a/src/mongo/transport/service_entry_point_test_suite.h
+++ b/src/mongo/transport/service_entry_point_test_suite.h
@@ -109,7 +109,6 @@ public:
             Date_t expiration = transport::Ticket::kNoExpirationDate) override;
         Status wait(transport::Ticket&& ticket) override;
         void asyncWait(transport::Ticket&& ticket, TicketCallback callback) override;
-        SSLPeerInfo getX509PeerInfo(const transport::ConstSessionHandle& session) const override;
 
         Stats sessionStats() override;
         void end(const transport::SessionHandle& session) override;
diff --git a/src/mongo/transport/session.cpp b/src/mongo/transport/session.cpp
index 2415c9dbb8f..17feaebdc96 100644
--- a/src/mongo/transport/session.cpp
+++ b/src/mongo/transport/session.cpp
@@ -53,10 +53,6 @@ Ticket Session::sinkMessage(const Message& message, Date_t expiration) {
     return getTransportLayer()->sinkMessage(shared_from_this(), message, expiration);
 }
 
-SSLPeerInfo Session::getX509PeerInfo() const {
-    return getTransportLayer()->getX509PeerInfo(shared_from_this());
-}
-
 void Session::replaceTags(TagMask tags) {
     _tags = tags;
 }
@@ -65,9 +61,5 @@ Session::TagMask Session::getTags() const {
     return _tags;
 }
 
-MessageCompressorManager& Session::getCompressorManager() {
-    return _messageCompressorManager;
-}
-
 }  // namespace transport
 }  // namespace mongo
diff --git a/src/mongo/transport/session.h b/src/mongo/transport/session.h
index 3d81543a7cc..e82cd3d8faf 100644
--- a/src/mongo/transport/session.h
+++ b/src/mongo/transport/session.h
@@ -31,17 +31,14 @@
 #include <memory>
 
 #include "mongo/base/disallow_copying.h"
-#include "mongo/transport/message_compressor_manager.h"
 #include "mongo/transport/session_id.h"
 #include "mongo/transport/ticket.h"
+#include "mongo/util/decorable.h"
 #include "mongo/util/net/hostandport.h"
 #include "mongo/util/net/message.h"
 #include "mongo/util/time_support.h"
 
 namespace mongo {
-
-struct SSLPeerInfo;
-
 namespace transport {
 
 class TransportLayer;
@@ -54,7 +51,7 @@ using ConstSessionHandle = std::shared_ptr<const Session>;
  * This type contains data needed to associate Messages with connections
  * (on the transport side) and Messages with Client objects (on the database side).
  */
-class Session : public std::enable_shared_from_this<Session> {
+class Session : public std::enable_shared_from_this<Session>, public Decorable<Session> {
     MONGO_DISALLOW_COPYING(Session);
 
 public:
@@ -107,11 +104,6 @@ public:
                                Date_t expiration = Ticket::kNoExpirationDate);
 
     /**
-     * Return the X509 peer information for this connection (SSL only).
-     */
-    virtual SSLPeerInfo getX509PeerInfo() const;
-
-    /**
      * Return the remote host for this session.
      */
     virtual const HostAndPort& remote() const = 0;
@@ -132,11 +124,6 @@ public:
      */
     virtual TagMask getTags() const;
 
-    /**
-     * Get the compressor manager for this session.
-     */
-    virtual MessageCompressorManager& getCompressorManager();
-
 protected:
     /**
      * Construct a new session.
@@ -147,7 +134,6 @@ private:
     const Id _id;
 
     TagMask _tags;
-    MessageCompressorManager _messageCompressorManager;
 };
 
 }  // namespace transport
diff --git a/src/mongo/transport/transport_layer.h b/src/mongo/transport/transport_layer.h
index f2c82c678a2..5c811c3988b 100644
--- a/src/mongo/transport/transport_layer.h
+++ b/src/mongo/transport/transport_layer.h
@@ -148,12 +148,6 @@ public:
     virtual void asyncWait(Ticket&& ticket, TicketCallback callback) = 0;
 
     /**
-     * Return the stored X509 peer information for this session. If the session does not
-     * exist in this TransportLayer, returns a default constructed object.
-     */
-    virtual SSLPeerInfo getX509PeerInfo(const ConstSessionHandle& session) const = 0;
-
-    /**
      * Returns the number of sessions currently open in the transport layer.
      */
     virtual Stats sessionStats() = 0;
diff --git a/src/mongo/transport/transport_layer_legacy.cpp b/src/mongo/transport/transport_layer_legacy.cpp
index a3b9c7306b0..1896e205b45 100644
--- a/src/mongo/transport/transport_layer_legacy.cpp
+++ b/src/mongo/transport/transport_layer_legacy.cpp
@@ -41,11 +41,13 @@
 #include "mongo/db/service_context.h"
 #include "mongo/db/stats/counters.h"
 #include "mongo/stdx/functional.h"
+#include "mongo/transport/message_compressor_manager.h"
 #include "mongo/transport/service_entry_point.h"
 #include "mongo/util/assert_util.h"
 #include "mongo/util/log.h"
 #include "mongo/util/net/abstract_message_port.h"
 #include "mongo/util/net/socket_exception.h"
+#include "mongo/util/net/ssl_types.h"
 
 namespace mongo {
 namespace transport {
@@ -142,7 +144,7 @@ TransportLayerLegacy::~TransportLayerLegacy() = default;
 Ticket TransportLayerLegacy::sourceMessage(const SessionHandle& session,
                                            Message* message,
                                            Date_t expiration) {
-    auto& compressorMgr = session->getCompressorManager();
+    auto& compressorMgr = MessageCompressorManager::forSession(session);
     auto sourceCb = [message, &compressorMgr](AbstractMessagingPort* amp) -> Status {
         if (!amp->recv(*message)) {
             return {ErrorCodes::HostUnreachable, "Recv failed"};
@@ -165,11 +167,6 @@ Ticket TransportLayerLegacy::sourceMessage(const SessionHandle& session,
         stdx::make_unique<LegacyTicket>(std::move(legacySession), expiration, std::move(sourceCb)));
 }
 
-SSLPeerInfo TransportLayerLegacy::getX509PeerInfo(const ConstSessionHandle& session) const {
-    auto legacySession = checked_pointer_cast<const LegacySession>(session);
-    return legacySession->conn()->sslPeerInfo.value_or(SSLPeerInfo());
-}
-
 TransportLayer::Stats TransportLayerLegacy::sessionStats() {
     Stats stats;
     {
@@ -186,7 +183,7 @@ TransportLayer::Stats TransportLayerLegacy::sessionStats() {
 Ticket TransportLayerLegacy::sinkMessage(const SessionHandle& session,
                                          const Message& message,
                                          Date_t expiration) {
-    auto& compressorMgr = session->getCompressorManager();
+    auto& compressorMgr = MessageCompressorManager::forSession(session);
     auto sinkCb = [&message, &compressorMgr](AbstractMessagingPort* amp) -> Status {
         try {
             networkCounter.hitLogical(0, message.size());
@@ -315,10 +312,11 @@ Status TransportLayerLegacy::_runTicket(Ticket ticket) {
 
 #ifdef MONGO_CONFIG_SSL
     // If we didn't have an X509 subject name, see if we have one now
-    if (!conn->sslPeerInfo) {
+    auto& sslPeerInfo = SSLPeerInfo::forSession(legacyTicket->getSession());
+    if (sslPeerInfo.subjectName.empty()) {
         auto info = conn->amp->getX509PeerInfo();
-        if (info.subjectName != "") {
-            conn->sslPeerInfo = info;
+        if (!info.subjectName.empty()) {
+            sslPeerInfo = info;
         }
     }
 #endif
diff --git a/src/mongo/transport/transport_layer_legacy.h b/src/mongo/transport/transport_layer_legacy.h
index 6ef7b73a7c1..e7d7c773150 100644
--- a/src/mongo/transport/transport_layer_legacy.h
+++ b/src/mongo/transport/transport_layer_legacy.h
@@ -79,8 +79,6 @@ public:
     Status wait(Ticket&& ticket) override;
     void asyncWait(Ticket&& ticket, TicketCallback callback) override;
 
-    SSLPeerInfo getX509PeerInfo(const ConstSessionHandle& session) const override;
-
     Stats sessionStats() override;
 
     void end(const SessionHandle& session) override;
@@ -169,8 +167,6 @@ private:
 
         TagMask _tags;
 
-        MessageCompressorManager _messageCompressorManager;
-
         std::unique_ptr<Connection> _connection;
 
         // A handle to this session's entry in the TL's session list
diff --git a/src/mongo/transport/transport_layer_manager.cpp b/src/mongo/transport/transport_layer_manager.cpp
index 6ca73193804..093cef55c37 100644
--- a/src/mongo/transport/transport_layer_manager.cpp
+++ b/src/mongo/transport/transport_layer_manager.cpp
@@ -64,10 +64,6 @@ void TransportLayerManager::asyncWait(Ticket&& ticket, TicketCallback callback)
     return getTicketTransportLayer(ticket)->asyncWait(std::move(ticket), std::move(callback));
 }
 
-SSLPeerInfo TransportLayerManager::getX509PeerInfo(const ConstSessionHandle& session) const {
-    return session->getX509PeerInfo();
-}
-
 template <typename Callable>
 void TransportLayerManager::_foreach(Callable&& cb) {
     {
diff --git a/src/mongo/transport/transport_layer_manager.h b/src/mongo/transport/transport_layer_manager.h
index d477fa9b75c..3faefdcf482 100644
--- a/src/mongo/transport/transport_layer_manager.h
+++ b/src/mongo/transport/transport_layer_manager.h
@@ -64,8 +64,6 @@ public:
     Status wait(Ticket&& ticket) override;
     void asyncWait(Ticket&& ticket, TicketCallback callback) override;
 
-    SSLPeerInfo getX509PeerInfo(const ConstSessionHandle& session) const override;
-
     Stats sessionStats() override;
 
     void end(const SessionHandle& session) override;
diff --git a/src/mongo/transport/transport_layer_mock.cpp b/src/mongo/transport/transport_layer_mock.cpp
index 67cf2519b83..6dfd6083757 100644
--- a/src/mongo/transport/transport_layer_mock.cpp
+++ b/src/mongo/transport/transport_layer_mock.cpp
@@ -89,15 +89,6 @@ void TransportLayerMock::asyncWait(Ticket&& ticket, TicketCallback callback) {
     callback(Status::OK());
 }
 
-SSLPeerInfo TransportLayerMock::getX509PeerInfo(const ConstSessionHandle& session) const {
-    return _sessions.at(session->id()).peerInfo;
-}
-
-
-void TransportLayerMock::setX509PeerInfo(const SessionHandle& session, SSLPeerInfo peerInfo) {
-    _sessions[session->id()].peerInfo = std::move(peerInfo);
-}
-
 TransportLayer::Stats TransportLayerMock::sessionStats() {
     return Stats();
 }
diff --git a/src/mongo/transport/transport_layer_mock.h b/src/mongo/transport/transport_layer_mock.h
index 34d6f3c451c..f0dea0a90b6 100644
--- a/src/mongo/transport/transport_layer_mock.h
+++ b/src/mongo/transport/transport_layer_mock.h
@@ -61,9 +61,6 @@ public:
     Status wait(Ticket&& ticket) override;
     void asyncWait(Ticket&& ticket, TicketCallback callback) override;
 
-    SSLPeerInfo getX509PeerInfo(const ConstSessionHandle& session) const override;
-    void setX509PeerInfo(const SessionHandle& session, SSLPeerInfo peerInfo);
-
     Stats sessionStats() override;
 
     SessionHandle createSession();
diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp
index 14df948c858..6c31c58ce34 100644
--- a/src/mongo/util/net/ssl_manager.cpp
+++ b/src/mongo/util/net/ssl_manager.cpp
@@ -45,6 +45,7 @@
 #include "mongo/config.h"
 #include "mongo/platform/atomic_word.h"
 #include "mongo/stdx/memory.h"
+#include "mongo/transport/session.h"
 #include "mongo/util/concurrency/mutex.h"
 #include "mongo/util/debug_util.h"
 #include "mongo/util/exit.h"
@@ -54,6 +55,7 @@
 #include "mongo/util/net/socket_exception.h"
 #include "mongo/util/net/ssl_expiration.h"
 #include "mongo/util/net/ssl_options.h"
+#include "mongo/util/net/ssl_types.h"
 #include "mongo/util/scopeguard.h"
 #include "mongo/util/text.h"
 
@@ -71,6 +73,16 @@
 #endif
 
 namespace mongo {
+namespace {
+
+const transport::Session::Decoration<SSLPeerInfo> peerInfoForSession =
+    transport::Session::declareDecoration<SSLPeerInfo>();
+
+}  // namespace
+
+SSLPeerInfo& SSLPeerInfo::forSession(const transport::SessionHandle& session) {
+    return peerInfoForSession(session.get());
+}
 
 SSLParams sslGlobalParams;
 
@@ -354,6 +366,7 @@ void setupFIPS() {
     fassertFailedNoTrace(17089);
 #endif
 }
+
 }  // namespace
 
 // Global variable indicating if this is a server or a client instance
diff --git a/src/mongo/util/net/ssl_types.h b/src/mongo/util/net/ssl_types.h
index fc8f600625c..91a9df3ddbf 100644
--- a/src/mongo/util/net/ssl_types.h
+++ b/src/mongo/util/net/ssl_types.h
@@ -31,6 +31,7 @@
 
 #include "mongo/db/auth/role_name.h"
 #include "mongo/stdx/unordered_set.h"
+#include "mongo/transport/session.h"
 
 namespace mongo {
 
@@ -45,6 +46,8 @@ struct SSLPeerInfo {
 
     std::string subjectName;
     stdx::unordered_set<RoleName> roles;
+
+    static SSLPeerInfo& forSession(const transport::SessionHandle& session);
 };
 
 }  // namespace mongo
author	Jonathan Reams <jbreams@mongodb.com>	2016-12-08 16:06:17 -0500
committer	Jonathan Reams <jbreams@mongodb.com>	2016-12-14 17:12:51 -0500
commit	db285e7c7b8026617e33b43713df26c49b476d20 (patch)
tree	ff9b265a903b1208d8d5da4787ff49d265ac507d
parent	128ddb98e3e23787bdb7984b1e8d2a87a81cdf78 (diff)
download	mongo-db285e7c7b8026617e33b43713df26c49b476d20.tar.gz