diff options
author | Sara Golemon <sara.golemon@mongodb.com> | 2019-01-10 16:12:05 +0000 |
---|---|---|
committer | Sara Golemon <sara.golemon@mongodb.com> | 2019-01-12 03:11:23 +0000 |
commit | 2677ce10a8034e90c4dd24eb664e81d3316c30aa (patch) | |
tree | 9eb0ed17b94fbda910f428c418873a5ddb69bcf9 /src/mongo/util | |
parent | 19f8455248c54159339fbb07b4ffb8da8795e770 (diff) | |
download | mongo-2677ce10a8034e90c4dd24eb664e81d3316c30aa.tar.gz |
SERVER-38930 Switch new custom SCPs to use cpp_class method
Diffstat (limited to 'src/mongo/util')
-rw-r--r-- | src/mongo/util/net/ssl_parameters.cpp | 94 | ||||
-rw-r--r-- | src/mongo/util/net/ssl_parameters.h | 17 | ||||
-rw-r--r-- | src/mongo/util/net/ssl_parameters.idl | 12 | ||||
-rw-r--r-- | src/mongo/util/tcmalloc_parameters.idl | 17 | ||||
-rw-r--r-- | src/mongo/util/tcmalloc_set_parameter.cpp | 104 | ||||
-rw-r--r-- | src/mongo/util/tcmalloc_set_parameter.h | 51 |
6 files changed, 114 insertions, 181 deletions
diff --git a/src/mongo/util/net/ssl_parameters.cpp b/src/mongo/util/net/ssl_parameters.cpp index aafbb453268..74112b58cbe 100644 --- a/src/mongo/util/net/ssl_parameters.cpp +++ b/src/mongo/util/net/ssl_parameters.cpp @@ -39,6 +39,7 @@ #include "mongo/util/log.h" #include "mongo/util/net/ssl_options.h" #include "mongo/util/net/ssl_parameters.h" +#include "mongo/util/net/ssl_parameters_gen.h" namespace mongo { namespace { @@ -104,52 +105,23 @@ StatusWith<SSLParams::SSLModes> checkTLSModeTransition(T modeToString, } } // namespace -} // namespace mongo - -mongo::Status mongo::validateOpensslCipherConfig(const std::string&) { - if (!sslGlobalParams.sslCipherConfig.empty()) { - return {ErrorCodes::BadValue, - "opensslCipherConfig setParameter is incompatible with net.tls.tlsCipherConfig"}; - } - // Note that there is very little validation that we can do here. - // OpenSSL exposes no API to validate a cipher config string. The only way to figure out - // what a string maps to is to make an SSL_CTX object, set the string on it, then parse the - // resulting STACK_OF object. If provided an invalid entry in the string, it will silently - // ignore it. Because an entry in the string may map to multiple ciphers, or remove ciphers - // from the final set produced by the full string, we can't tell if any entry failed - // to parse. - return Status::OK(); -} - -mongo::Status mongo::validateDisableNonTLSConnectionLogging(const bool&) { - if (sslGlobalParams.disableNonSSLConnectionLoggingSet) { - return {ErrorCodes::BadValue, - "Error parsing command line: Multiple occurrences of option " - "disableNonTLSConnectionLogging"}; - } - return Status::OK(); -} -mongo::Status mongo::onUpdateDisableNonTLSConnectionLogging(const bool&) { - // disableNonSSLConnectionLogging is a write-once setting. - // Once we've updated it, we're not allowed to specify the set-param again. - // Record that update in a second bool value. - sslGlobalParams.disableNonSSLConnectionLoggingSet = true; - return Status::OK(); -} - -void mongo::appendSSLModeToBSON(OperationContext*, BSONObjBuilder* builder, StringData fieldName) { +void SSLModeServerParameter::append(OperationContext*, + BSONObjBuilder& builder, + const std::string& fieldName) { warning() << "Use of deprecared server parameter 'sslMode', please use 'tlsMode' instead."; - builder->append(fieldName, SSLParams::sslModeFormat(sslGlobalParams.sslMode.load())); + builder.append(fieldName, SSLParams::sslModeFormat(sslGlobalParams.sslMode.load())); } -void mongo::appendTLSModeToBSON(OperationContext*, BSONObjBuilder* builder, StringData fieldName) { - builder->append( +void TLSModeServerParameter::append(OperationContext*, + BSONObjBuilder& builder, + const std::string& fieldName) { + builder.append( fieldName, SSLParams::tlsModeFormat(static_cast<SSLParams::SSLModes>(sslGlobalParams.sslMode.load()))); } -mongo::Status mongo::setSSLModeFromString(StringData strMode) { +Status SSLModeServerParameter::setFromString(const std::string& strMode) { #ifndef MONGO_CONFIG_SSL return {ErrorCodes::IllegalOperation, "Unable to set sslMode, SSL support is not compiled into server"}; @@ -166,7 +138,7 @@ mongo::Status mongo::setSSLModeFromString(StringData strMode) { return Status::OK(); } -mongo::Status mongo::setTLSModeFromString(StringData strMode) { +Status TLSModeServerParameter::setFromString(const std::string& strMode) { #ifndef MONGO_CONFIG_SSL return {ErrorCodes::IllegalOperation, "Unable to set tlsMode, TLS support is not compiled into server"}; @@ -181,13 +153,13 @@ mongo::Status mongo::setTLSModeFromString(StringData strMode) { } -void mongo::appendClusterAuthModeToBSON(OperationContext*, - BSONObjBuilder* builder, - StringData fieldName) { - builder->append(fieldName, clusterAuthModeFormat()); +void ClusterAuthModeServerParameter::append(OperationContext*, + BSONObjBuilder& builder, + const std::string& fieldName) { + builder.append(fieldName, clusterAuthModeFormat()); } -mongo::Status mongo::setClusterAuthModeFromString(StringData strMode) { +Status ClusterAuthModeServerParameter::setFromString(const std::string& strMode) { #ifndef MONGO_CONFIG_SSL return {ErrorCodes::IllegalOperation, "Unable to set clusterAuthMode, SSL support is not compiled into server"}; @@ -227,3 +199,37 @@ mongo::Status mongo::setClusterAuthModeFromString(StringData strMode) { return Status::OK(); } + +} // namespace mongo + +mongo::Status mongo::validateOpensslCipherConfig(const std::string&) { + if (!sslGlobalParams.sslCipherConfig.empty()) { + return {ErrorCodes::BadValue, + "opensslCipherConfig setParameter is incompatible with net.tls.tlsCipherConfig"}; + } + // Note that there is very little validation that we can do here. + // OpenSSL exposes no API to validate a cipher config string. The only way to figure out + // what a string maps to is to make an SSL_CTX object, set the string on it, then parse the + // resulting STACK_OF object. If provided an invalid entry in the string, it will silently + // ignore it. Because an entry in the string may map to multiple ciphers, or remove ciphers + // from the final set produced by the full string, we can't tell if any entry failed + // to parse. + return Status::OK(); +} + +mongo::Status mongo::validateDisableNonTLSConnectionLogging(const bool&) { + if (sslGlobalParams.disableNonSSLConnectionLoggingSet) { + return {ErrorCodes::BadValue, + "Error parsing command line: Multiple occurrences of option " + "disableNonTLSConnectionLogging"}; + } + return Status::OK(); +} + +mongo::Status mongo::onUpdateDisableNonTLSConnectionLogging(const bool&) { + // disableNonSSLConnectionLogging is a write-once setting. + // Once we've updated it, we're not allowed to specify the set-param again. + // Record that update in a second bool value. + sslGlobalParams.disableNonSSLConnectionLoggingSet = true; + return Status::OK(); +} diff --git a/src/mongo/util/net/ssl_parameters.h b/src/mongo/util/net/ssl_parameters.h index e88c3908382..c0089be45c5 100644 --- a/src/mongo/util/net/ssl_parameters.h +++ b/src/mongo/util/net/ssl_parameters.h @@ -32,11 +32,8 @@ #include <string> #include "mongo/base/status.h" -#include "mongo/base/string_data.h" -#include "mongo/bson/bsonobjbuilder.h" namespace mongo { -class OperationContext; /** * Validation callback for setParameter 'opensslCipherConfig'. @@ -53,18 +50,4 @@ Status validateDisableNonTLSConnectionLogging(const bool&); */ Status onUpdateDisableNonTLSConnectionLogging(const bool&); -/** - * Callbacks for setParameter 'sslMode' - */ -void appendSSLModeToBSON(OperationContext*, BSONObjBuilder*, StringData); -void appendTLSModeToBSON(OperationContext*, BSONObjBuilder*, StringData); -Status setSSLModeFromString(StringData); -Status setTLSModeFromString(StringData); - -/** - * Callbacks for setParameter 'clusterAuthMode' - */ -void appendClusterAuthModeToBSON(OperationContext*, BSONObjBuilder*, StringData); -Status setClusterAuthModeFromString(StringData); - } // namespace mongo diff --git a/src/mongo/util/net/ssl_parameters.idl b/src/mongo/util/net/ssl_parameters.idl index a276c52b94c..3f1ea51c49d 100644 --- a/src/mongo/util/net/ssl_parameters.idl +++ b/src/mongo/util/net/ssl_parameters.idl @@ -32,9 +32,6 @@ global: - "mongo/util/net/ssl_options.h" - "mongo/util/net/ssl_parameters.h" -imports: - - "mongo/idl/basic_types.idl" - server_parameters: opensslDiffieHellmanParameters: description: "OpenSSL Diffie-Hellman parameters" @@ -69,17 +66,14 @@ server_parameters: sslMode: description: "Transition from allowSSL to preferSSL, or from preferSSL to requireSSL" set_at: runtime - append_bson: "appendSSLModeToBSON" - from_string: "setSSLModeFromString" + cpp_class: SSLModeServerParameter tlsMode: description: "Transition from allowTLS to preferTLS, or from preferTLS to requireTLS" set_at: runtime - append_bson: "appendTLSModeToBSON" - from_string: "setTLSModeFromString" + cpp_class: TLSModeServerParameter clusterAuthMode: description: "Transition from sendKeyFile to sendX509, or sendX509 to x509 clusterAuthModes" set_at: runtime - append_bson: "appendClusterAuthModeToBSON" - from_string: "setClusterAuthModeFromString" + cpp_class: ClusterAuthModeServerParameter diff --git a/src/mongo/util/tcmalloc_parameters.idl b/src/mongo/util/tcmalloc_parameters.idl index 6ddb0392ba2..fef57969460 100644 --- a/src/mongo/util/tcmalloc_parameters.idl +++ b/src/mongo/util/tcmalloc_parameters.idl @@ -29,26 +29,23 @@ global: cpp_namespace: "mongo" cpp_includes: - - "mongo/util/tcmalloc_set_parameter.h" - -imports: - - "mongo/idl/basic_types.idl" + - "mongo/config.h" server_parameters: tcmallocMaxTotalThreadCacheBytes: description: "Configure tcmalloc's max_total_thread_cache_bytes" set_at: [startup, runtime] - append_bson: "tcmallocMaxTotalThreadCacheBytesServerParameterAppendBSON" - from_bson: "tcmallocMaxTotalThreadCacheBytesServerParameterSetFromBSON" - from_string: "tcmallocMaxTotalThreadCacheBytesServerParameterFromString" + cpp_class: + name: TCMallocMaxTotalThreadCacheBytesServerParameter + override_set: true tcmallocAggressiveMemoryDecommit: description: "Configure tcmalloc's aggressive_memory_decommit" set_at: [startup, runtime] - append_bson: "tcmallocAggressiveMemoryDecommitServerParameterAppendBSON" - from_bson: "tcmallocAggressiveMemoryDecommitServerParameterSetFromBSON" - from_string: "tcmallocAggressiveMemoryDecommitServerParameterFromString" + cpp_class: + name: TCMallocAggressiveMemoryDecommitServerParameter + override_set: true heapProfilingEnabled: description: "Enable Heap Profiling" diff --git a/src/mongo/util/tcmalloc_set_parameter.cpp b/src/mongo/util/tcmalloc_set_parameter.cpp index 1ad73e7dfc4..7155ec26415 100644 --- a/src/mongo/util/tcmalloc_set_parameter.cpp +++ b/src/mongo/util/tcmalloc_set_parameter.cpp @@ -42,35 +42,45 @@ #include "mongo/base/init.h" #include "mongo/base/parse_number.h" #include "mongo/base/status.h" +#include "mongo/base/status_with.h" #include "mongo/db/jsobj.h" #include "mongo/db/server_parameters.h" #include "mongo/util/mongoutils/str.h" #include "mongo/util/processinfo.h" -#include "mongo/util/tcmalloc_set_parameter.h" +#include "mongo/util/tcmalloc_parameters_gen.h" namespace mongo { namespace { +constexpr auto kMaxTotalThreadCacheBytesPropertyName = "tcmalloc.max_total_thread_cache_bytes"_sd; +constexpr auto kAggressiveMemoryDecommitPropertyName = "tcmalloc.aggressive_memory_decommit"_sd; -void tcmallocServerParameterAppendBSON(StringData tcmallocPropertyName, - OperationContext* opCtx, - BSONObjBuilder* b, - StringData name) { +StatusWith<size_t> getProperty(StringData propname) { size_t value; - if (MallocExtension::instance()->GetNumericProperty(tcmallocPropertyName.toString().c_str(), - &value)) { - b->appendNumber(name, value); + if (!MallocExtension::instance()->GetNumericProperty(propname.toString().c_str(), &value)) { + return {ErrorCodes::InternalError, + str::stream() << "Failed to retreive tcmalloc prop: " << propname}; } + return value; } -Status tcmallocServerParameterSetFromBSON(StringData tcmallocPropertyName, - const BSONElement& newValueElement) { +Status setProperty(StringData propname, size_t value) { + if (!RUNNING_ON_VALGRIND) { + if (!MallocExtension::instance()->SetNumericProperty(propname.toString().c_str(), value)) { + return {ErrorCodes::InternalError, + str::stream() << "Failed to set internal tcmalloc property " << propname}; + } + } + return Status::OK(); +} + +StatusWith<size_t> validateTCMallocValue(StringData name, const BSONElement& newValueElement) { if (!newValueElement.isNumber()) { - return Status(ErrorCodes::TypeMismatch, - str::stream() << "Expected server parameter " << newValueElement.fieldName() - << " to have numeric type, but found " - << newValueElement.toString(false) - << " of type " - << typeName(newValueElement.type())); + return {ErrorCodes::TypeMismatch, + str::stream() << "Expected server parameter " << name + << " to have numeric type, but found " + << newValueElement.toString(false) + << " of type " + << typeName(newValueElement.type())}; } long long valueAsLongLong = newValueElement.safeNumberLong(); if (valueAsLongLong < 0 || @@ -78,49 +88,43 @@ Status tcmallocServerParameterSetFromBSON(StringData tcmallocPropertyName, return Status( ErrorCodes::BadValue, str::stream() << "Value " << newValueElement.toString(false) << " is out of range for " - << newValueElement.fieldName() + << name << "; expected a value between 0 and " << std::min<unsigned long long>(std::numeric_limits<size_t>::max(), std::numeric_limits<long long>::max())); } - if (!RUNNING_ON_VALGRIND) { - if (!MallocExtension::instance()->SetNumericProperty( - tcmallocPropertyName.toString().c_str(), static_cast<size_t>(valueAsLongLong))) { - return Status(ErrorCodes::InternalError, - str::stream() << "Failed to set internal tcmalloc property " - << tcmallocPropertyName); - } - } - return Status::OK(); -} - -Status tcmallocServerParameterFromString(StringData tcmallocPropertyName, StringData str) { - long long valueAsLongLong; - Status status = parseNumberFromString(str, &valueAsLongLong); - if (!status.isOK()) { - return status; - } - BSONObjBuilder builder; - // The name of the field is irrelevant in setFromBSON, only its value - builder.append("ignored", valueAsLongLong); - return tcmallocServerParameterSetFromBSON(tcmallocPropertyName, builder.done().firstElement()); + return static_cast<size_t>(valueAsLongLong); } } // namespace -#define DEFINE_TCMALLOC_FUNCTION(XX, YY) \ - Status XX##ServerParameterFromString(StringData str) { \ - return tcmallocServerParameterFromString(YY, str); \ - } \ - Status XX##ServerParameterSetFromBSON(const BSONElement& element) { \ - return tcmallocServerParameterSetFromBSON(YY, element); \ - } \ - void XX##ServerParameterAppendBSON( \ - OperationContext* opCtx, BSONObjBuilder* b, StringData name) { \ - tcmallocServerParameterAppendBSON(YY, opCtx, b, name); \ +#define TCMALLOC_SP_METHODS(cls) \ + void TCMalloc##cls##ServerParameter::append( \ + OperationContext*, BSONObjBuilder& b, const std::string& name) { \ + auto swValue = getProperty(k##cls##PropertyName); \ + if (swValue.isOK()) { \ + b.appendNumber(name, swValue.getValue()); \ + } \ + } \ + Status TCMalloc##cls##ServerParameter::set(const BSONElement& newValueElement) { \ + auto swValue = validateTCMallocValue(name(), newValueElement); \ + if (!swValue.isOK()) { \ + return swValue.getStatus(); \ + } \ + return setProperty(k##cls##PropertyName, swValue.getValue()); \ + } \ + Status TCMalloc##cls##ServerParameter::setFromString(const std::string& str) { \ + size_t value; \ + Status status = parseNumberFromString(str, &value); \ + if (!status.isOK()) { \ + return status; \ + } \ + return setProperty(k##cls##PropertyName, value); \ } -TCMALLOC_PARAMETER_LIST(DEFINE_TCMALLOC_FUNCTION); +TCMALLOC_SP_METHODS(MaxTotalThreadCacheBytes) +TCMALLOC_SP_METHODS(AggressiveMemoryDecommit) +#undef TCMALLOC_SP_METHODS namespace { @@ -141,7 +145,7 @@ MONGO_INITIALIZER_GENERAL(TcmallocConfigurationDefaults, (systemMemorySizeMB / 8) * 1024 * 1024; // 1/8 of system memory in bytes size_t cacheSize = std::min(defaultTcMallocCacheSize, derivedTcMallocCacheSize); - return tcmallocMaxTotalThreadCacheBytesServerParameterFromString(std::to_string(cacheSize)); + return setProperty(kMaxTotalThreadCacheBytesPropertyName, cacheSize); } } // namespace diff --git a/src/mongo/util/tcmalloc_set_parameter.h b/src/mongo/util/tcmalloc_set_parameter.h index d1b5fe66ee6..e69de29bb2d 100644 --- a/src/mongo/util/tcmalloc_set_parameter.h +++ b/src/mongo/util/tcmalloc_set_parameter.h @@ -1,51 +0,0 @@ -/** - * Copyright (C) 2018-present MongoDB, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the Server Side Public License, version 1, - * as published by MongoDB, Inc. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * Server Side Public License for more details. - * - * You should have received a copy of the Server Side Public License - * along with this program. If not, see - * <http://www.mongodb.com/licensing/server-side-public-license>. - * - * As a special exception, the copyright holders give permission to link the - * code of portions of this program with the OpenSSL library under certain - * conditions as described in each individual source file and distribute - * linked combinations including the program with the OpenSSL library. You - * must comply with the Server Side Public License in all respects for - * all of the code used other than as permitted herein. If you modify file(s) - * with this exception, you may extend this exception to your version of the - * file(s), but you are not obligated to do so. If you do not wish to do so, - * delete this exception statement from your version. If you delete this - * exception statement from all source files in the program, then also delete - * it in the license file. - */ -#pragma once - -#include "mongo/base/status.h" -#include "mongo/base/string_data.h" -#include "mongo/bson/bsonobjbuilder.h" -#include "mongo/db/operation_context.h" - -namespace mongo { - -#define TCMALLOC_PARAMETER_LIST(DECL_TCMALLOC_FUNCTIONS) \ - DECL_TCMALLOC_FUNCTIONS(tcmallocMaxTotalThreadCacheBytes, \ - "tcmalloc.max_total_thread_cache_bytes"_sd) \ - DECL_TCMALLOC_FUNCTIONS(tcmallocAggressiveMemoryDecommit, \ - "tcmalloc.aggressive_memory_decommit"_sd) - -#define DECLARE_TCMALLOC_FUNCTION(XX, YY) \ - Status XX##ServerParameterFromString(StringData str); \ - Status XX##ServerParameterSetFromBSON(const BSONElement& newValueElement); \ - void XX##ServerParameterAppendBSON(OperationContext* opCtx, BSONObjBuilder* b, StringData name); - -TCMALLOC_PARAMETER_LIST(DECLARE_TCMALLOC_FUNCTION); - -} // namespace mongo |