Revert "SERVER-22826 Support X509 Authorization"

This reverts commit d930f4832631eca7092ada4328d780f2b8d19d31.

11 files changed, 31 insertions, 50 deletions

diff --git a/src/mongo/transport/service_entry_point_test_suite.cpp b/src/mongo/transport/service_entry_point_test_suite.cpp
index c3814accc47..841851d5ccd 100644
--- a/src/mongo/transport/service_entry_point_test_suite.cpp
+++ b/src/mongo/transport/service_entry_point_test_suite.cpp
@@ -51,7 +51,6 @@
 #include "mongo/transport/transport_layer.h"
 #include "mongo/unittest/unittest.h"
 #include "mongo/util/net/message.h"
-#include "mongo/util/net/ssl_types.h"
 
 namespace mongo {
 
@@ -149,9 +148,8 @@ void ServiceEntryPointTestSuite::MockTLHarness::asyncWait(Ticket&& ticket,
     return _asyncWait(std::move(ticket), std::move(callback));
 }
 
-SSLPeerInfo ServiceEntryPointTestSuite::MockTLHarness::getX509PeerInfo(
-    const Session& session) const {
-    return SSLPeerInfo("mock", {});
+std::string ServiceEntryPointTestSuite::MockTLHarness::getX509SubjectName(const Session& session) {
+    return "mock";
 }
 
 void ServiceEntryPointTestSuite::MockTLHarness::registerTags(const Session& session) {}
diff --git a/src/mongo/transport/service_entry_point_test_suite.h b/src/mongo/transport/service_entry_point_test_suite.h
index 7f15d4723eb..2249c86b9bd 100644
--- a/src/mongo/transport/service_entry_point_test_suite.h
+++ b/src/mongo/transport/service_entry_point_test_suite.h
@@ -39,7 +39,6 @@
 namespace mongo {
 
 class ServiceEntryPoint;
-struct SSLPeerInfo;
 
 /**
  * Test class. Uses a mock TransportLayer to test that the ServiceEntryPoint
@@ -130,7 +129,7 @@ private:
             Date_t expiration = transport::Ticket::kNoExpirationDate) override;
         Status wait(transport::Ticket&& ticket) override;
         void asyncWait(transport::Ticket&& ticket, TicketCallback callback) override;
-        SSLPeerInfo getX509PeerInfo(const transport::Session& session) const override;
+        std::string getX509SubjectName(const transport::Session& session) override;
         void registerTags(const transport::Session& session) override;
         Stats sessionStats() override;
         void end(transport::Session& session) override;
diff --git a/src/mongo/transport/session.cpp b/src/mongo/transport/session.cpp
index 851f348edc0..b341cd97630 100644
--- a/src/mongo/transport/session.cpp
+++ b/src/mongo/transport/session.cpp
@@ -32,7 +32,6 @@
 
 #include "mongo/platform/atomic_word.h"
 #include "mongo/transport/transport_layer.h"
-#include "mongo/util/net/ssl_types.h"
 
 namespace mongo {
 namespace transport {
@@ -96,8 +95,8 @@ Ticket Session::sinkMessage(const Message& message, Date_t expiration) {
     return _tl->sinkMessage(*this, message, expiration);
 }
 
-SSLPeerInfo Session::getX509PeerInfo() const {
-    return _tl->getX509PeerInfo(*this);
+std::string Session::getX509SubjectName() const {
+    return _tl->getX509SubjectName(*this);
 }
 
 void Session::end() {
diff --git a/src/mongo/transport/session.h b/src/mongo/transport/session.h
index 76c2a975478..c7ec5cd28f0 100644
--- a/src/mongo/transport/session.h
+++ b/src/mongo/transport/session.h
@@ -37,9 +37,6 @@
 #include "mongo/util/time_support.h"
 
 namespace mongo {
-
-struct SSLPeerInfo;
-
 namespace transport {
 
 class TransportLayer;
@@ -105,9 +102,9 @@ public:
     }
 
     /**
-     * Return the X509 peer information for this connection (SSL only).
+     * Return the X509 subject name for this connection (SSL only).
      */
-    SSLPeerInfo getX509PeerInfo() const;
+    std::string getX509SubjectName() const;
 
     /**
      * Set this session's tags. This Session will register
diff --git a/src/mongo/transport/transport_layer.h b/src/mongo/transport/transport_layer.h
index c407eef1f0d..3634ec68de5 100644
--- a/src/mongo/transport/transport_layer.h
+++ b/src/mongo/transport/transport_layer.h
@@ -154,10 +154,10 @@ public:
     virtual void registerTags(const Session& session) = 0;
 
     /**
-     * Return the stored X509 peer information for this session. If the session does not
-     * exist in this TransportLayer, returns a default constructed object.
+     * Return the stored X509 subject name for this session. If the session does not
+     * exist in this TransportLayer, returns "".
      */
-    virtual SSLPeerInfo getX509PeerInfo(const Session& session) const = 0;
+    virtual std::string getX509SubjectName(const Session& session) = 0;
 
     /**
      * Returns the number of sessions currently open in the transport layer.
diff --git a/src/mongo/transport/transport_layer_legacy.cpp b/src/mongo/transport/transport_layer_legacy.cpp
index 1a719d66e93..3c004eb793f 100644
--- a/src/mongo/transport/transport_layer_legacy.cpp
+++ b/src/mongo/transport/transport_layer_legacy.cpp
@@ -117,16 +117,16 @@ Ticket TransportLayerLegacy::sourceMessage(Session& session, Message* message, D
     return Ticket(this, stdx::make_unique<LegacyTicket>(session, expiration, std::move(sourceCb)));
 }
 
-SSLPeerInfo TransportLayerLegacy::getX509PeerInfo(const Session& session) const {
+std::string TransportLayerLegacy::getX509SubjectName(const Session& session) {
     {
         stdx::lock_guard<stdx::mutex> lk(_connectionsMutex);
         auto conn = _connections.find(session.id());
         if (conn == _connections.end()) {
             // Return empty string if the session is not found
-            return SSLPeerInfo();
+            return "";
         }
 
-        return conn->second.sslPeerInfo.value_or(SSLPeerInfo());
+        return conn->second.x509SubjectName.value_or("");
     }
 }
 
@@ -274,10 +274,10 @@ Status TransportLayerLegacy::_runTicket(Ticket ticket) {
 
 #ifdef MONGO_CONFIG_SSL
         // If we didn't have an X509 subject name, see if we have one now
-        if (!conn->second.sslPeerInfo) {
-            auto info = amp->getX509PeerInfo();
-            if (info.subjectName != "") {
-                conn->second.sslPeerInfo = info;
+        if (!conn->second.x509SubjectName) {
+            auto name = amp->getX509SubjectName();
+            if (name != "") {
+                conn->second.x509SubjectName = name;
             }
         }
 #endif
diff --git a/src/mongo/transport/transport_layer_legacy.h b/src/mongo/transport/transport_layer_legacy.h
index 873da5a2123..7472212ffc9 100644
--- a/src/mongo/transport/transport_layer_legacy.h
+++ b/src/mongo/transport/transport_layer_legacy.h
@@ -79,7 +79,7 @@ public:
     void asyncWait(Ticket&& ticket, TicketCallback callback) override;
 
     void registerTags(const Session& session) override;
-    SSLPeerInfo getX509PeerInfo(const Session& session) const override;
+    std::string getX509SubjectName(const Session& session) override;
 
     Stats sessionStats() override;
 
@@ -150,7 +150,7 @@ private:
 
         const long long connectionId;
 
-        boost::optional<SSLPeerInfo> sslPeerInfo;
+        boost::optional<std::string> x509SubjectName;
         Session::TagMask tags;
         bool inUse;
         bool ended;
@@ -161,7 +161,7 @@ private:
     std::unique_ptr<Listener> _listener;
     stdx::thread _listenerThread;
 
-    mutable stdx::mutex _connectionsMutex;
+    stdx::mutex _connectionsMutex;
     std::unordered_map<Session::Id, Connection> _connections;
 
     void _endSession_inlock(decltype(_connections.begin()) conn);
diff --git a/src/mongo/transport/transport_layer_manager.cpp b/src/mongo/transport/transport_layer_manager.cpp
index 6fc191bf49f..e513155e5cd 100644
--- a/src/mongo/transport/transport_layer_manager.cpp
+++ b/src/mongo/transport/transport_layer_manager.cpp
@@ -33,7 +33,6 @@
 #include "mongo/base/status.h"
 #include "mongo/stdx/memory.h"
 #include "mongo/transport/session.h"
-#include "mongo/util/net/ssl_types.h"
 #include "mongo/util/time_support.h"
 #include <limits>
 
@@ -62,8 +61,8 @@ void TransportLayerManager::asyncWait(Ticket&& ticket, TicketCallback callback)
     return getTicketTransportLayer(ticket)->asyncWait(std::move(ticket), std::move(callback));
 }
 
-SSLPeerInfo TransportLayerManager::getX509PeerInfo(const Session& session) const {
-    return session.getX509PeerInfo();
+std::string TransportLayerManager::getX509SubjectName(const Session& session) {
+    return session.getX509SubjectName();
 }
 
 template <typename Callable>
diff --git a/src/mongo/transport/transport_layer_manager.h b/src/mongo/transport/transport_layer_manager.h
index 9648a0859f2..20d27d6571c 100644
--- a/src/mongo/transport/transport_layer_manager.h
+++ b/src/mongo/transport/transport_layer_manager.h
@@ -64,7 +64,7 @@ public:
     Status wait(Ticket&& ticket) override;
     void asyncWait(Ticket&& ticket, TicketCallback callback) override;
 
-    SSLPeerInfo getX509PeerInfo(const Session& session) const override;
+    std::string getX509SubjectName(const Session& session) override;
     void registerTags(const Session& session) override;
 
     Stats sessionStats() override;
diff --git a/src/mongo/transport/transport_layer_mock.cpp b/src/mongo/transport/transport_layer_mock.cpp
index 5b66c00bf91..e7fa76d2e9b 100644
--- a/src/mongo/transport/transport_layer_mock.cpp
+++ b/src/mongo/transport/transport_layer_mock.cpp
@@ -109,13 +109,8 @@ void TransportLayerMock::asyncWait(Ticket&& ticket, TicketCallback callback) {
     callback(Status::OK());
 }
 
-SSLPeerInfo TransportLayerMock::getX509PeerInfo(const Session& session) const {
-    return _sessions.at(session.id()).peerInfo;
-}
-
-
-void TransportLayerMock::setX509PeerInfo(const Session& session, SSLPeerInfo peerInfo) {
-    _sessions[session.id()].peerInfo = std::move(peerInfo);
+std::string TransportLayerMock::getX509SubjectName(const Session& session) {
+    return session.getX509SubjectName();
 }
 
 TransportLayer::Stats TransportLayerMock::sessionStats() {
@@ -129,16 +124,16 @@ Session* TransportLayerMock::createSession() {
         stdx::make_unique<Session>(HostAndPort(), HostAndPort(), this);
     Session::Id sessionId = session->id();
 
-    _sessions[sessionId] = Connection{std::move(session), SSLPeerInfo()};
+    _sessions[sessionId] = std::move(session);
 
-    return _sessions[sessionId].session.get();
+    return _sessions[sessionId].get();
 }
 
 Session* TransportLayerMock::get(Session::Id id) {
     if (!owns(id))
         return nullptr;
 
-    return _sessions[id].session.get();
+    return _sessions[id].get();
 }
 
 bool TransportLayerMock::owns(Session::Id id) {
@@ -152,7 +147,7 @@ void TransportLayerMock::end(Session& session) {
 void TransportLayerMock::endAllSessions(Session::TagMask tags) {
     auto it = _sessions.begin();
     while (it != _sessions.end()) {
-        end(*it->second.session.get());
+        end(*it->second.get());
         it++;
     }
 }
diff --git a/src/mongo/transport/transport_layer_mock.h b/src/mongo/transport/transport_layer_mock.h
index 10913f0cf96..38ab3eed0f1 100644
--- a/src/mongo/transport/transport_layer_mock.h
+++ b/src/mongo/transport/transport_layer_mock.h
@@ -36,7 +36,6 @@
 #include "mongo/transport/ticket_impl.h"
 #include "mongo/transport/transport_layer.h"
 #include "mongo/util/net/message.h"
-#include "mongo/util/net/ssl_types.h"
 #include "mongo/util/time_support.h"
 
 namespace mongo {
@@ -87,8 +86,7 @@ public:
     Status wait(Ticket&& ticket) override;
     void asyncWait(Ticket&& ticket, TicketCallback callback) override;
 
-    SSLPeerInfo getX509PeerInfo(const Session& session) const override;
-    void setX509PeerInfo(const Session& session, SSLPeerInfo peerInfo);
+    std::string getX509SubjectName(const Session& session) override;
     void registerTags(const Session& session) override;
 
     Stats sessionStats() override;
@@ -104,11 +102,7 @@ public:
     bool inShutdown() const;
 
 private:
-    struct Connection {
-        std::unique_ptr<Session> session;
-        SSLPeerInfo peerInfo;
-    };
-    std::unordered_map<Session::Id, Connection> _sessions;
+    std::unordered_map<Session::Id, std::unique_ptr<Session>> _sessions;
     bool _shutdown;
 };