Revert "SERVER-51599: Allow creating an SSLConnectionContext from in-memory certificates"

This reverts commit 8b195f11cbb144685baa20486b497528c8dde667.
author: sviatlana_zuiko <sviatlana.zuiko@mongodb.com> 2020-11-13 10:20:02 +0300
committer: Evergreen Agent <no-reply@evergreen.mongodb.com> 2020-11-13 10:39:59 +0000
commit: 796ee2ee8b8a7bb146bfa7a45eafb4b075a55372 (patch)
tree: 7b4337f39b4b8eb7186ef2bb2be645313fc9430b /src/mongo/util/net/ssl_manager.h
parent: 6675536b77436eccddc54d6b3513ecb862cf381c (diff)
download: mongo-796ee2ee8b8a7bb146bfa7a45eafb4b075a55372.tar.gz
1 files changed, 0 insertions, 55 deletions
diff --git a/src/mongo/util/net/ssl_manager.h b/src/mongo/util/net/ssl_manager.h
index 7004ad4892c..ab8447c439f 100644
--- a/src/mongo/util/net/ssl_manager.h
+++ b/src/mongo/util/net/ssl_manager.h
@@ -40,7 +40,6 @@
 #include "mongo/base/string_data.h"
 #include "mongo/bson/bsonobj.h"
 #include "mongo/db/service_context.h"
-#include "mongo/logv2/attribute_storage.h"
 #include "mongo/platform/atomic_word.h"
 #include "mongo/util/decorable.h"
 #include "mongo/util/net/sock.h"
@@ -78,7 +77,6 @@ Status validateDisableNonTLSConnectionLogging(const bool&);
 #ifdef MONGO_CONFIG_SSL
 namespace mongo {
 struct SSLParams;
-struct TransientSSLParams;
 
 #if MONGO_CONFIG_SSL_PROVIDER == MONGO_CONFIG_SSL_PROVIDER_OPENSSL
 typedef SSL_CTX* SSLContextType;
@@ -166,28 +164,6 @@ struct CertInformationToLog {
     std::vector<char> thumbprint;
     Date_t validityNotBefore;
     Date_t validityNotAfter;
-    // If the certificate was loaded from file, this is the file name. If empty,
-    // it means the certificate came from memory payload.
-    std::optional<std::string> keyFile;
-    // If the certificate targets a particular cluster, this is cluster URI. If empty,
-    // it means the certificate is the default one for the local cluster.
-    std::optional<std::string> targetClusterURI;
-
-    logv2::DynamicAttributes getDynamicAttributes() const {
-        logv2::DynamicAttributes attrs;
-        attrs.add("subject", subject);
-        attrs.add("issuer", issuer);
-        attrs.add("thumbprint", StringData(hexblob::encode(thumbprint.data(), thumbprint.size())));
-        attrs.add("notValidBefore", validityNotBefore);
-        attrs.add("notValidAfter", validityNotAfter);
-        if (keyFile) {
-            attrs.add("keyFile", StringData(*keyFile));
-        }
-        if (targetClusterURI) {
-            attrs.add("targetClusterURI", StringData(*targetClusterURI));
-        }
-        return attrs;
-    }
 };
 
 struct CRLInformationToLog {
@@ -204,10 +180,6 @@ struct SSLInformationToLog {
 
 class SSLManagerInterface : public Decorable<SSLManagerInterface> {
 public:
-    /**
-     * Creates an instance of SSLManagerInterface.
-     * Note: as we normally have one instance of the manager, it cannot take TransientSSLParams.
-     */
     static std::shared_ptr<SSLManagerInterface> create(const SSLParams& params, bool isServer);
 
     virtual ~SSLManagerInterface();
@@ -260,17 +232,6 @@ public:
         ERR_error_string_n(code, msg, msglen);
         return msg;
     }
-
-    /**
-     * Utility class to capture a temporary string with SSL error message in DynamicAttributes.
-     */
-    struct CaptureSSLErrorInAttrs {
-        CaptureSSLErrorInAttrs(logv2::DynamicAttributes& attrs)
-            : _captured(getSSLErrorMessage(ERR_get_error())) {
-            attrs.add("error", _captured);
-        }
-        std::string _captured;
-    };
 #endif
 
     /**
@@ -291,7 +252,6 @@ public:
      */
     virtual Status initSSLContext(SSLContextType context,
                                   const SSLParams& params,
-                                  const TransientSSLParams& transientParams,
                                   ConnectionDirection direction) = 0;
 
     /**
@@ -430,20 +390,5 @@ void recordTLSVersion(TLSVersion version, const HostAndPort& hostForLogging);
 void tlsEmitWarningExpiringClientCertificate(const SSLX509Name& peer);
 void tlsEmitWarningExpiringClientCertificate(const SSLX509Name& peer, Days days);
 
-/**
- * Logs the SSL information by dispatching to either logCert() or logCRL().
- */
-void logSSLInfo(const SSLInformationToLog& info,
-                const int logNumPEM = 4913010,
-                const int logNumCluster = 4913011,
-                const int logNumCrl = 4913012);
-
-/**
- * Logs the certificate.
- * @param certType human-readable description of the certificate type.
- */
-void logCert(const CertInformationToLog& cert, StringData certType, const int logNum);
-void logCRL(const CRLInformationToLog& crl, const int logNum);
-
 }  // namespace mongo
 #endif  // #ifdef MONGO_CONFIG_SSL
author	sviatlana_zuiko <sviatlana.zuiko@mongodb.com>	2020-11-13 10:20:02 +0300
committer	Evergreen Agent <no-reply@evergreen.mongodb.com>	2020-11-13 10:39:59 +0000
commit	796ee2ee8b8a7bb146bfa7a45eafb4b075a55372 (patch)
tree	7b4337f39b4b8eb7186ef2bb2be645313fc9430b /src/mongo/util/net/ssl_manager.h
parent	6675536b77436eccddc54d6b3513ecb862cf381c (diff)
download	mongo-796ee2ee8b8a7bb146bfa7a45eafb4b075a55372.tar.gz