diff options
author | Adam Midvidy <amidvidy@gmail.com> | 2015-07-22 17:17:33 -0400 |
---|---|---|
committer | Adam Midvidy <amidvidy@gmail.com> | 2015-07-22 17:59:37 -0400 |
commit | 23982c4d0b11b445c54f0ec4ad58edbd837fe7e4 (patch) | |
tree | 4254a47e62b99cebe98474b2e738408700442a95 /src/mongo/executor/network_interface_asio.cpp | |
parent | fe00e70070c62affa94e07218aa1836b3632265e (diff) | |
download | mongo-23982c4d0b11b445c54f0ec4ad58edbd837fe7e4.tar.gz |
SERVER-19221 implement async SSL in NetworkInterfaceASIO
Diffstat (limited to 'src/mongo/executor/network_interface_asio.cpp')
-rw-r--r-- | src/mongo/executor/network_interface_asio.cpp | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/src/mongo/executor/network_interface_asio.cpp b/src/mongo/executor/network_interface_asio.cpp index 3b6acdd6083..9ef278971af 100644 --- a/src/mongo/executor/network_interface_asio.cpp +++ b/src/mongo/executor/network_interface_asio.cpp @@ -34,17 +34,32 @@ #include <utility> +#include "mongo/config.h" #include "mongo/stdx/chrono.h" #include "mongo/stdx/memory.h" #include "mongo/util/log.h" #include "mongo/util/net/sock.h" +#include "mongo/util/net/ssl_manager.h" + namespace mongo { namespace executor { NetworkInterfaceASIO::NetworkInterfaceASIO() : _io_service(), _resolver(_io_service), _state(State::kReady), _isExecutorRunnable(false) { _connPool = stdx::make_unique<ConnectionPool>(kMessagingPortKeepOpen); + +#ifdef MONGO_CONFIG_SSL + if (getSSLManager()) { + // We use sslv23, which corresponds to OpenSSLs SSLv23_method, for compatibility with older + // versions of OpenSSL. This mirrors the call to SSL_CTX_new in ssl_manager.cpp. In + // initAsyncSSLContext we explicitly disable all protocols other than TLSv1, TLSv1.1, + // and TLSv1.2. + _sslContext.emplace(asio::ssl::context::sslv23); + uassertStatusOK( + getSSLManager()->initSSLContext(_sslContext->native_handle(), getSSLGlobalParams())); + } +#endif } std::string NetworkInterfaceASIO::getDiagnosticString() { |