SERVER-33158 Shrink LogicalSession refresh batches

The batches created by the LogicalSessionCache can exceed the 16mb bson
size limit for bson on the wire.  This will cause the refresh step to
fail, preventing logical sessions from ever being synced to the global
collection.

This happens because we don't explicitly size our batches (we were
relying on the write_cmd item batch limit, rather than a byte limit).
Previously the write_cmd batch limit had been 1000 items, which allowed
for 16k per record.  The new limit is 100k, which gives a 160 byte
budget we can exceed with very large user names (as we sync the lsid
+ the user@db name).

By forcing a new 10k limit on username sizes used with logical sessions
we can then ensure that a lower 1k limit will always be safe.

4 files changed, 26 insertions, 1 deletions

diff --git a/src/mongo/db/logical_session_id_helpers.cpp b/src/mongo/db/logical_session_id_helpers.cpp
index 7f89ca518df..32f743d0e42 100644
--- a/src/mongo/db/logical_session_id_helpers.cpp
+++ b/src/mongo/db/logical_session_id_helpers.cpp
@@ -55,6 +55,10 @@ SHA256Block getLogicalSessionUserDigestForLoggedInUser(const OperationContext* o
         const auto user = AuthorizationSession::get(client)->getSingleUser();
         invariant(user);
 
+        uassert(ErrorCodes::BadValue,
+                "Username too long to use with logical sessions",
+                user->getName().getFullName().length() < kMaximumUserNameLengthForLogicalSessions);
+
         return user->getDigest();
     } else {
         return kNoAuthDigest;
diff --git a/src/mongo/db/logical_session_id_helpers.h b/src/mongo/db/logical_session_id_helpers.h
index 9735706330b..7e08503432b 100644
--- a/src/mongo/db/logical_session_id_helpers.h
+++ b/src/mongo/db/logical_session_id_helpers.h
@@ -36,6 +36,8 @@
 
 namespace mongo {
 
+constexpr size_t kMaximumUserNameLengthForLogicalSessions = 10000;
+
 /**
  * Get the currently logged in user's UID digest.
  */
diff --git a/src/mongo/db/logical_session_id_test.cpp b/src/mongo/db/logical_session_id_test.cpp
index 403b5e1bfe0..c2e0bf17105 100644
--- a/src/mongo/db/logical_session_id_test.cpp
+++ b/src/mongo/db/logical_session_id_test.cpp
@@ -334,5 +334,16 @@ TEST_F(LogicalSessionIdTest, InitializeOperationSessionInfo_SupportsDocLockingFa
         ErrorCodes::IllegalOperation);
 }
 
+TEST_F(LogicalSessionIdTest, ConstructorFromClientWithTooLongName) {
+    auto id = UUID::gen();
+
+    addSimpleUser(UserName(std::string(kMaximumUserNameLengthForLogicalSessions + 1, 'x'), "test"));
+
+    LogicalSessionFromClient req;
+    req.setId(id);
+
+    ASSERT_THROWS(makeLogicalSessionId(req, _opCtx.get()), AssertionException);
+}
+
 }  // namespace
 }  // namespace mongo
diff --git a/src/mongo/db/sessions_collection.cpp b/src/mongo/db/sessions_collection.cpp
index ec0d2f43a8b..49644651e23 100644
--- a/src/mongo/db/sessions_collection.cpp
+++ b/src/mongo/db/sessions_collection.cpp
@@ -48,6 +48,14 @@ namespace mongo {
 
 namespace {
 
+// This batch size is chosen to ensure that we don't form requests larger than the 16mb limit.
+// Especially for refreshes, the updates we send include the full user name (user@db), and user
+// names can be quite large (we enforce a max 10k limit for usernames used with sessions).
+//
+// At 1000 elements, a 16mb payload gives us a budget of 16000 bytes per user, which we should
+// comfortably be able to stay under, even with 10k user names.
+constexpr size_t kMaxBatchSize = 1000;
+
 BSONObj lsidQuery(const LogicalSessionId& lsid) {
     return BSON(LogicalSessionRecord::kIdFieldName << lsid.toBSON());
 }
@@ -94,7 +102,7 @@ Status runBulkGeneric(TFactory makeT, AddLineFn addLine, SendFn sendBatch, const
     for (const auto& item : items) {
         addLine(*thing, item);
 
-        if (++i >= write_ops::kMaxWriteBatchSize) {
+        if (++i >= kMaxBatchSize) {
             auto res = sendLocalBatch();
             if (!res.isOK()) {
                 return res;