diff options
author | Jonathan Reams <jbreams@mongodb.com> | 2016-12-08 16:06:17 -0500 |
---|---|---|
committer | Jonathan Reams <jbreams@mongodb.com> | 2016-12-14 17:12:51 -0500 |
commit | db285e7c7b8026617e33b43713df26c49b476d20 (patch) | |
tree | ff9b265a903b1208d8d5da4787ff49d265ac507d | |
parent | 128ddb98e3e23787bdb7984b1e8d2a87a81cdf78 (diff) | |
download | mongo-db285e7c7b8026617e33b43713df26c49b476d20.tar.gz |
SERVER-26944 Make Session decorable and move subsystem info into decorations
24 files changed, 65 insertions, 84 deletions
diff --git a/src/mongo/db/auth/SConscript b/src/mongo/db/auth/SConscript index 4334cb136a9..51f465a9702 100644 --- a/src/mongo/db/auth/SConscript +++ b/src/mongo/db/auth/SConscript @@ -47,7 +47,8 @@ env.Library('authcore', ['action_set.cpp', '$BUILD_DIR/mongo/db/ops/update_driver', '$BUILD_DIR/mongo/db/namespace_string', '$BUILD_DIR/mongo/db/service_context', - '$BUILD_DIR/mongo/util/md5']) + '$BUILD_DIR/mongo/util/md5', + '$BUILD_DIR/mongo/util/net/network']) env.Library('authcommon', ['internal_user_auth.cpp'], diff --git a/src/mongo/db/auth/authorization_manager_test.cpp b/src/mongo/db/auth/authorization_manager_test.cpp index 50f823f014a..144f43d2735 100644 --- a/src/mongo/db/auth/authorization_manager_test.cpp +++ b/src/mongo/db/auth/authorization_manager_test.cpp @@ -55,6 +55,11 @@ namespace mongo { namespace { +void setX509PeerInfo(const transport::SessionHandle& session, SSLPeerInfo info) { + auto& sslPeerInfo = SSLPeerInfo::forSession(session); + sslPeerInfo = info; +} + using std::vector; TEST(RoleParsingTest, BuildRoleBSON) { @@ -245,7 +250,7 @@ TEST_F(AuthorizationManagerTest, testLocalX509Authorization) { ServiceContextNoop serviceContext; transport::TransportLayerMock transportLayer{}; transport::SessionHandle session = transportLayer.createSession(); - transportLayer.setX509PeerInfo( + setX509PeerInfo( session, SSLPeerInfo("CN=mongodb.com", {RoleName("read", "test"), RoleName("readWrite", "test")})); ServiceContext::UniqueClient client = serviceContext.makeClient("testClient", session); @@ -279,7 +284,7 @@ TEST_F(AuthorizationManagerTest, testLocalX509AuthorizationInvalidUser) { ServiceContextNoop serviceContext; transport::TransportLayerMock transportLayer{}; transport::SessionHandle session = transportLayer.createSession(); - transportLayer.setX509PeerInfo( + setX509PeerInfo( session, SSLPeerInfo("CN=mongodb.com", {RoleName("read", "test"), RoleName("write", "test")})); ServiceContext::UniqueClient client = serviceContext.makeClient("testClient", session); @@ -294,7 +299,7 @@ TEST_F(AuthorizationManagerTest, testLocalX509AuthenticationNoAuthorization) { ServiceContextNoop serviceContext; transport::TransportLayerMock transportLayer{}; transport::SessionHandle session = transportLayer.createSession(); - transportLayer.setX509PeerInfo(session, {}); + setX509PeerInfo(session, {}); ServiceContext::UniqueClient client = serviceContext.makeClient("testClient", session); ServiceContext::UniqueOperationContext txn = client->makeOperationContext(); diff --git a/src/mongo/db/auth/authz_manager_external_state.cpp b/src/mongo/db/auth/authz_manager_external_state.cpp index ed5f0fe6bfd..c81c6d1324f 100644 --- a/src/mongo/db/auth/authz_manager_external_state.cpp +++ b/src/mongo/db/auth/authz_manager_external_state.cpp @@ -42,10 +42,11 @@ AuthzManagerExternalState::~AuthzManagerExternalState() = default; bool AuthzManagerExternalState::shouldUseRolesFromConnection(OperationContext* txn, const UserName& userName) { - return txn && txn->getClient() && txn->getClient()->session() && - txn->getClient()->session()->getX509PeerInfo().subjectName == userName.getUser() && - userName.getDB() == "$external" && - !txn->getClient()->session()->getX509PeerInfo().roles.empty(); + if (!txn || !txn->getClient() || !txn->getClient()->session()) + return false; + auto& sslPeerInfo = SSLPeerInfo::forSession(txn->getClient()->session()); + return sslPeerInfo.subjectName == userName.getUser() && userName.getDB() == "$external" && + !sslPeerInfo.roles.empty(); } diff --git a/src/mongo/db/auth/authz_manager_external_state_local.cpp b/src/mongo/db/auth/authz_manager_external_state_local.cpp index a55c734b353..30bed6ee33f 100644 --- a/src/mongo/db/auth/authz_manager_external_state_local.cpp +++ b/src/mongo/db/auth/authz_manager_external_state_local.cpp @@ -161,7 +161,8 @@ Status AuthzManagerExternalStateLocal::getUserDescription(OperationContext* txn, } else { // We are able to artifically construct the external user from the request BSONArrayBuilder userRoles; - for (const RoleName& role : txn->getClient()->session()->getX509PeerInfo().roles) { + auto& sslPeerInfo = SSLPeerInfo::forSession(txn->getClient()->session()); + for (const RoleName& role : sslPeerInfo.roles) { userRoles << BSON("role" << role.getRole() << "db" << role.getDB()); } *result = BSON("_id" << userName.getUser() << "user" << userName.getUser() << "db" diff --git a/src/mongo/db/auth/authz_manager_external_state_s.cpp b/src/mongo/db/auth/authz_manager_external_state_s.cpp index 5332da3a1ad..68a68a7b009 100644 --- a/src/mongo/db/auth/authz_manager_external_state_s.cpp +++ b/src/mongo/db/auth/authz_manager_external_state_s.cpp @@ -156,7 +156,8 @@ Status AuthzManagerExternalStateMongos::getUserDescription(OperationContext* txn // Obtain privilege information from the config servers for all roles acquired from the X509 // certificate. BSONArrayBuilder userRolesBuilder; - for (const RoleName& role : txn->getClient()->session()->getX509PeerInfo().roles) { + auto& sslPeerInfo = SSLPeerInfo::forSession(txn->getClient()->session()); + for (const RoleName& role : sslPeerInfo.roles) { userRolesBuilder.append(BSON(AuthorizationManager::ROLE_NAME_FIELD_NAME << role.getRole() << AuthorizationManager::ROLE_DB_FIELD_NAME diff --git a/src/mongo/db/commands/authentication_commands.cpp b/src/mongo/db/commands/authentication_commands.cpp index f6fcc301b05..d1374799c1d 100644 --- a/src/mongo/db/commands/authentication_commands.cpp +++ b/src/mongo/db/commands/authentication_commands.cpp @@ -167,10 +167,9 @@ bool CmdAuthenticate::run(OperationContext* txn, mechanism = "MONGODB-CR"; } UserName user; + auto& sslPeerInfo = SSLPeerInfo::forSession(txn->getClient()->session()); if (mechanism == "MONGODB-X509" && !cmdObj.hasField("user")) { - Client* client = txn->getClient(); - auto clientName = client->session()->getX509PeerInfo().subjectName; - user = UserName(clientName, dbname); + user = UserName(sslPeerInfo.subjectName, dbname); } else { user = UserName(cmdObj.getStringField("user"), dbname); } @@ -322,7 +321,7 @@ Status CmdAuthenticate::_authenticateX509(OperationContext* txn, Client* client = Client::getCurrent(); AuthorizationSession* authorizationSession = AuthorizationSession::get(client); - auto clientName = client->session()->getX509PeerInfo().subjectName; + auto clientName = SSLPeerInfo::forSession(client->session()).subjectName; if (!getSSLManager()->getSSLConfiguration().hasCA) { return Status(ErrorCodes::AuthenticationFailed, diff --git a/src/mongo/db/repl/replication_info.cpp b/src/mongo/db/repl/replication_info.cpp index d655ccfa73b..0e04866b15c 100644 --- a/src/mongo/db/repl/replication_info.cpp +++ b/src/mongo/db/repl/replication_info.cpp @@ -303,7 +303,8 @@ public: if (parameter) parameter->append(txn, result, "automationServiceDescriptor"); - txn->getClient()->session()->getCompressorManager().serverNegotiate(cmdObj, &result); + MessageCompressorManager::forSession(txn->getClient()->session()) + .serverNegotiate(cmdObj, &result); return true; } diff --git a/src/mongo/s/commands/cluster_is_master_cmd.cpp b/src/mongo/s/commands/cluster_is_master_cmd.cpp index fade2fdb73f..566660ea92d 100644 --- a/src/mongo/s/commands/cluster_is_master_cmd.cpp +++ b/src/mongo/s/commands/cluster_is_master_cmd.cpp @@ -121,7 +121,8 @@ public: if (parameter) parameter->append(txn, result, "automationServiceDescriptor"); - txn->getClient()->session()->getCompressorManager().serverNegotiate(cmdObj, &result); + MessageCompressorManager::forSession(txn->getClient()->session()) + .serverNegotiate(cmdObj, &result); return true; } diff --git a/src/mongo/transport/SConscript b/src/mongo/transport/SConscript index 1307514466e..b8a12cfa695 100644 --- a/src/mongo/transport/SConscript +++ b/src/mongo/transport/SConscript @@ -110,6 +110,7 @@ env.Library( ], LIBDEPS=[ '$BUILD_DIR/mongo/base', + '$BUILD_DIR/mongo/util/decorable', '$BUILD_DIR/mongo/util/options_parser/options_parser', '$BUILD_DIR/third_party/shim_snappy', ] diff --git a/src/mongo/transport/message_compressor_manager.cpp b/src/mongo/transport/message_compressor_manager.cpp index 78fa19ad8a3..132cee33421 100644 --- a/src/mongo/transport/message_compressor_manager.cpp +++ b/src/mongo/transport/message_compressor_manager.cpp @@ -37,6 +37,7 @@ #include "mongo/bson/bsonobj.h" #include "mongo/bson/bsonobjbuilder.h" #include "mongo/transport/message_compressor_registry.h" +#include "mongo/transport/session.h" #include "mongo/util/log.h" #include "mongo/util/net/message.h" @@ -69,6 +70,9 @@ struct CompressionHeader { return sizeof(originalOpCode) + sizeof(uncompressedSize) + sizeof(compressorId); } }; + +const transport::Session::Decoration<MessageCompressorManager> getForSession = + transport::Session::declareDecoration<MessageCompressorManager>(); } // namespace MessageCompressorManager::MessageCompressorManager() @@ -246,4 +250,9 @@ void MessageCompressorManager::serverNegotiate(const BSONObj& input, BSONObjBuil } } +MessageCompressorManager& MessageCompressorManager::forSession( + const transport::SessionHandle& session) { + return getForSession(session.get()); +} + } // namespace mongo diff --git a/src/mongo/transport/message_compressor_manager.h b/src/mongo/transport/message_compressor_manager.h index 7af084996db..0ccfc332f38 100644 --- a/src/mongo/transport/message_compressor_manager.h +++ b/src/mongo/transport/message_compressor_manager.h @@ -31,6 +31,7 @@ #include "mongo/base/disallow_copying.h" #include "mongo/base/status_with.h" #include "mongo/transport/message_compressor_base.h" +#include "mongo/transport/session.h" #include <vector> @@ -113,6 +114,8 @@ public: */ StatusWith<Message> decompressMessage(const Message& msg); + static MessageCompressorManager& forSession(const transport::SessionHandle& session); + private: std::vector<MessageCompressorBase*> _negotiated; MessageCompressorRegistry* _registry; diff --git a/src/mongo/transport/service_entry_point_test_suite.cpp b/src/mongo/transport/service_entry_point_test_suite.cpp index 5d2945919e3..c9fcf9886f6 100644 --- a/src/mongo/transport/service_entry_point_test_suite.cpp +++ b/src/mongo/transport/service_entry_point_test_suite.cpp @@ -131,11 +131,6 @@ void ServiceEntryPointTestSuite::MockTLHarness::asyncWait(Ticket&& ticket, return _asyncWait(std::move(ticket), std::move(callback)); } -SSLPeerInfo ServiceEntryPointTestSuite::MockTLHarness::getX509PeerInfo( - const ConstSessionHandle& session) const { - return SSLPeerInfo("mock", stdx::unordered_set<RoleName>{}); -} - TransportLayer::Stats ServiceEntryPointTestSuite::MockTLHarness::sessionStats() { return Stats(); } diff --git a/src/mongo/transport/service_entry_point_test_suite.h b/src/mongo/transport/service_entry_point_test_suite.h index b8e6a2f4b19..62741124469 100644 --- a/src/mongo/transport/service_entry_point_test_suite.h +++ b/src/mongo/transport/service_entry_point_test_suite.h @@ -109,7 +109,6 @@ public: Date_t expiration = transport::Ticket::kNoExpirationDate) override; Status wait(transport::Ticket&& ticket) override; void asyncWait(transport::Ticket&& ticket, TicketCallback callback) override; - SSLPeerInfo getX509PeerInfo(const transport::ConstSessionHandle& session) const override; Stats sessionStats() override; void end(const transport::SessionHandle& session) override; diff --git a/src/mongo/transport/session.cpp b/src/mongo/transport/session.cpp index 2415c9dbb8f..17feaebdc96 100644 --- a/src/mongo/transport/session.cpp +++ b/src/mongo/transport/session.cpp @@ -53,10 +53,6 @@ Ticket Session::sinkMessage(const Message& message, Date_t expiration) { return getTransportLayer()->sinkMessage(shared_from_this(), message, expiration); } -SSLPeerInfo Session::getX509PeerInfo() const { - return getTransportLayer()->getX509PeerInfo(shared_from_this()); -} - void Session::replaceTags(TagMask tags) { _tags = tags; } @@ -65,9 +61,5 @@ Session::TagMask Session::getTags() const { return _tags; } -MessageCompressorManager& Session::getCompressorManager() { - return _messageCompressorManager; -} - } // namespace transport } // namespace mongo diff --git a/src/mongo/transport/session.h b/src/mongo/transport/session.h index 3d81543a7cc..e82cd3d8faf 100644 --- a/src/mongo/transport/session.h +++ b/src/mongo/transport/session.h @@ -31,17 +31,14 @@ #include <memory> #include "mongo/base/disallow_copying.h" -#include "mongo/transport/message_compressor_manager.h" #include "mongo/transport/session_id.h" #include "mongo/transport/ticket.h" +#include "mongo/util/decorable.h" #include "mongo/util/net/hostandport.h" #include "mongo/util/net/message.h" #include "mongo/util/time_support.h" namespace mongo { - -struct SSLPeerInfo; - namespace transport { class TransportLayer; @@ -54,7 +51,7 @@ using ConstSessionHandle = std::shared_ptr<const Session>; * This type contains data needed to associate Messages with connections * (on the transport side) and Messages with Client objects (on the database side). */ -class Session : public std::enable_shared_from_this<Session> { +class Session : public std::enable_shared_from_this<Session>, public Decorable<Session> { MONGO_DISALLOW_COPYING(Session); public: @@ -107,11 +104,6 @@ public: Date_t expiration = Ticket::kNoExpirationDate); /** - * Return the X509 peer information for this connection (SSL only). - */ - virtual SSLPeerInfo getX509PeerInfo() const; - - /** * Return the remote host for this session. */ virtual const HostAndPort& remote() const = 0; @@ -132,11 +124,6 @@ public: */ virtual TagMask getTags() const; - /** - * Get the compressor manager for this session. - */ - virtual MessageCompressorManager& getCompressorManager(); - protected: /** * Construct a new session. @@ -147,7 +134,6 @@ private: const Id _id; TagMask _tags; - MessageCompressorManager _messageCompressorManager; }; } // namespace transport diff --git a/src/mongo/transport/transport_layer.h b/src/mongo/transport/transport_layer.h index f2c82c678a2..5c811c3988b 100644 --- a/src/mongo/transport/transport_layer.h +++ b/src/mongo/transport/transport_layer.h @@ -148,12 +148,6 @@ public: virtual void asyncWait(Ticket&& ticket, TicketCallback callback) = 0; /** - * Return the stored X509 peer information for this session. If the session does not - * exist in this TransportLayer, returns a default constructed object. - */ - virtual SSLPeerInfo getX509PeerInfo(const ConstSessionHandle& session) const = 0; - - /** * Returns the number of sessions currently open in the transport layer. */ virtual Stats sessionStats() = 0; diff --git a/src/mongo/transport/transport_layer_legacy.cpp b/src/mongo/transport/transport_layer_legacy.cpp index a3b9c7306b0..1896e205b45 100644 --- a/src/mongo/transport/transport_layer_legacy.cpp +++ b/src/mongo/transport/transport_layer_legacy.cpp @@ -41,11 +41,13 @@ #include "mongo/db/service_context.h" #include "mongo/db/stats/counters.h" #include "mongo/stdx/functional.h" +#include "mongo/transport/message_compressor_manager.h" #include "mongo/transport/service_entry_point.h" #include "mongo/util/assert_util.h" #include "mongo/util/log.h" #include "mongo/util/net/abstract_message_port.h" #include "mongo/util/net/socket_exception.h" +#include "mongo/util/net/ssl_types.h" namespace mongo { namespace transport { @@ -142,7 +144,7 @@ TransportLayerLegacy::~TransportLayerLegacy() = default; Ticket TransportLayerLegacy::sourceMessage(const SessionHandle& session, Message* message, Date_t expiration) { - auto& compressorMgr = session->getCompressorManager(); + auto& compressorMgr = MessageCompressorManager::forSession(session); auto sourceCb = [message, &compressorMgr](AbstractMessagingPort* amp) -> Status { if (!amp->recv(*message)) { return {ErrorCodes::HostUnreachable, "Recv failed"}; @@ -165,11 +167,6 @@ Ticket TransportLayerLegacy::sourceMessage(const SessionHandle& session, stdx::make_unique<LegacyTicket>(std::move(legacySession), expiration, std::move(sourceCb))); } -SSLPeerInfo TransportLayerLegacy::getX509PeerInfo(const ConstSessionHandle& session) const { - auto legacySession = checked_pointer_cast<const LegacySession>(session); - return legacySession->conn()->sslPeerInfo.value_or(SSLPeerInfo()); -} - TransportLayer::Stats TransportLayerLegacy::sessionStats() { Stats stats; { @@ -186,7 +183,7 @@ TransportLayer::Stats TransportLayerLegacy::sessionStats() { Ticket TransportLayerLegacy::sinkMessage(const SessionHandle& session, const Message& message, Date_t expiration) { - auto& compressorMgr = session->getCompressorManager(); + auto& compressorMgr = MessageCompressorManager::forSession(session); auto sinkCb = [&message, &compressorMgr](AbstractMessagingPort* amp) -> Status { try { networkCounter.hitLogical(0, message.size()); @@ -315,10 +312,11 @@ Status TransportLayerLegacy::_runTicket(Ticket ticket) { #ifdef MONGO_CONFIG_SSL // If we didn't have an X509 subject name, see if we have one now - if (!conn->sslPeerInfo) { + auto& sslPeerInfo = SSLPeerInfo::forSession(legacyTicket->getSession()); + if (sslPeerInfo.subjectName.empty()) { auto info = conn->amp->getX509PeerInfo(); - if (info.subjectName != "") { - conn->sslPeerInfo = info; + if (!info.subjectName.empty()) { + sslPeerInfo = info; } } #endif diff --git a/src/mongo/transport/transport_layer_legacy.h b/src/mongo/transport/transport_layer_legacy.h index 6ef7b73a7c1..e7d7c773150 100644 --- a/src/mongo/transport/transport_layer_legacy.h +++ b/src/mongo/transport/transport_layer_legacy.h @@ -79,8 +79,6 @@ public: Status wait(Ticket&& ticket) override; void asyncWait(Ticket&& ticket, TicketCallback callback) override; - SSLPeerInfo getX509PeerInfo(const ConstSessionHandle& session) const override; - Stats sessionStats() override; void end(const SessionHandle& session) override; @@ -169,8 +167,6 @@ private: TagMask _tags; - MessageCompressorManager _messageCompressorManager; - std::unique_ptr<Connection> _connection; // A handle to this session's entry in the TL's session list diff --git a/src/mongo/transport/transport_layer_manager.cpp b/src/mongo/transport/transport_layer_manager.cpp index 6ca73193804..093cef55c37 100644 --- a/src/mongo/transport/transport_layer_manager.cpp +++ b/src/mongo/transport/transport_layer_manager.cpp @@ -64,10 +64,6 @@ void TransportLayerManager::asyncWait(Ticket&& ticket, TicketCallback callback) return getTicketTransportLayer(ticket)->asyncWait(std::move(ticket), std::move(callback)); } -SSLPeerInfo TransportLayerManager::getX509PeerInfo(const ConstSessionHandle& session) const { - return session->getX509PeerInfo(); -} - template <typename Callable> void TransportLayerManager::_foreach(Callable&& cb) { { diff --git a/src/mongo/transport/transport_layer_manager.h b/src/mongo/transport/transport_layer_manager.h index d477fa9b75c..3faefdcf482 100644 --- a/src/mongo/transport/transport_layer_manager.h +++ b/src/mongo/transport/transport_layer_manager.h @@ -64,8 +64,6 @@ public: Status wait(Ticket&& ticket) override; void asyncWait(Ticket&& ticket, TicketCallback callback) override; - SSLPeerInfo getX509PeerInfo(const ConstSessionHandle& session) const override; - Stats sessionStats() override; void end(const SessionHandle& session) override; diff --git a/src/mongo/transport/transport_layer_mock.cpp b/src/mongo/transport/transport_layer_mock.cpp index 67cf2519b83..6dfd6083757 100644 --- a/src/mongo/transport/transport_layer_mock.cpp +++ b/src/mongo/transport/transport_layer_mock.cpp @@ -89,15 +89,6 @@ void TransportLayerMock::asyncWait(Ticket&& ticket, TicketCallback callback) { callback(Status::OK()); } -SSLPeerInfo TransportLayerMock::getX509PeerInfo(const ConstSessionHandle& session) const { - return _sessions.at(session->id()).peerInfo; -} - - -void TransportLayerMock::setX509PeerInfo(const SessionHandle& session, SSLPeerInfo peerInfo) { - _sessions[session->id()].peerInfo = std::move(peerInfo); -} - TransportLayer::Stats TransportLayerMock::sessionStats() { return Stats(); } diff --git a/src/mongo/transport/transport_layer_mock.h b/src/mongo/transport/transport_layer_mock.h index 34d6f3c451c..f0dea0a90b6 100644 --- a/src/mongo/transport/transport_layer_mock.h +++ b/src/mongo/transport/transport_layer_mock.h @@ -61,9 +61,6 @@ public: Status wait(Ticket&& ticket) override; void asyncWait(Ticket&& ticket, TicketCallback callback) override; - SSLPeerInfo getX509PeerInfo(const ConstSessionHandle& session) const override; - void setX509PeerInfo(const SessionHandle& session, SSLPeerInfo peerInfo); - Stats sessionStats() override; SessionHandle createSession(); diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp index 14df948c858..6c31c58ce34 100644 --- a/src/mongo/util/net/ssl_manager.cpp +++ b/src/mongo/util/net/ssl_manager.cpp @@ -45,6 +45,7 @@ #include "mongo/config.h" #include "mongo/platform/atomic_word.h" #include "mongo/stdx/memory.h" +#include "mongo/transport/session.h" #include "mongo/util/concurrency/mutex.h" #include "mongo/util/debug_util.h" #include "mongo/util/exit.h" @@ -54,6 +55,7 @@ #include "mongo/util/net/socket_exception.h" #include "mongo/util/net/ssl_expiration.h" #include "mongo/util/net/ssl_options.h" +#include "mongo/util/net/ssl_types.h" #include "mongo/util/scopeguard.h" #include "mongo/util/text.h" @@ -71,6 +73,16 @@ #endif namespace mongo { +namespace { + +const transport::Session::Decoration<SSLPeerInfo> peerInfoForSession = + transport::Session::declareDecoration<SSLPeerInfo>(); + +} // namespace + +SSLPeerInfo& SSLPeerInfo::forSession(const transport::SessionHandle& session) { + return peerInfoForSession(session.get()); +} SSLParams sslGlobalParams; @@ -354,6 +366,7 @@ void setupFIPS() { fassertFailedNoTrace(17089); #endif } + } // namespace // Global variable indicating if this is a server or a client instance diff --git a/src/mongo/util/net/ssl_types.h b/src/mongo/util/net/ssl_types.h index fc8f600625c..91a9df3ddbf 100644 --- a/src/mongo/util/net/ssl_types.h +++ b/src/mongo/util/net/ssl_types.h @@ -31,6 +31,7 @@ #include "mongo/db/auth/role_name.h" #include "mongo/stdx/unordered_set.h" +#include "mongo/transport/session.h" namespace mongo { @@ -45,6 +46,8 @@ struct SSLPeerInfo { std::string subjectName; stdx::unordered_set<RoleName> roles; + + static SSLPeerInfo& forSession(const transport::SessionHandle& session); }; } // namespace mongo |