diff options
| author | Kashish Garg <kashish.garg@mongodb.com> | 2018-06-05 18:12:18 -0400 |
|---|---|---|
| committer | Kashish Garg <kashish.garg@mongodb.com> | 2018-06-05 18:16:00 -0400 |
| commit | b2edffeb92ee554da41f0c40784b889fcec9b173 (patch) | |
| tree | c10cf2c3d7282c7a3e77d87be42db63680b800b7 /src | |
| parent | efe230ec5259206130cb1d0b50911521ccdcdbd2 (diff) | |
| download | mongo-b2edffeb92ee554da41f0c40784b889fcec9b173.tar.gz | |
SERVER-35016 Adding commmon log for client/server certificate with LOG(1)
(cherry picked from commit 38f7aa5ad7aa3b7bf1b9ffa0dc28627083e2f8b8)
Diffstat (limited to 'src')
| -rw-r--r-- | src/mongo/util/net/ssl_manager.cpp | 22 | ||||
| -rw-r--r-- | src/mongo/util/net/ssl_manager_apple.cpp | 9 |
2 files changed, 21 insertions, 10 deletions
diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp index 24872cb2e4c..f98ac09edb3 100644 --- a/src/mongo/util/net/ssl_manager.cpp +++ b/src/mongo/util/net/ssl_manager.cpp @@ -25,6 +25,9 @@ * then also delete it in the license file. */ + +#define MONGO_LOG_DEFAULT_COMPONENT ::mongo::logger::LogComponent::kNetwork + #include "mongo/platform/basic.h" #include "mongo/util/net/ssl_manager.h" @@ -33,12 +36,14 @@ #include <string> #include <vector> +#include "mongo/base/init.h" #include "mongo/bson/bsonobjbuilder.h" #include "mongo/config.h" #include "mongo/db/server_parameters.h" #include "mongo/platform/overflow_arithmetic.h" #include "mongo/transport/session.h" #include "mongo/util/hex.h" +#include "mongo/util/log.h" #include "mongo/util/mongoutils/str.h" #include "mongo/util/net/ssl_options.h" #include "mongo/util/net/ssl_types.h" @@ -65,9 +70,9 @@ ExportedServerParameter<std::string, ServerParameterType::kStartupOnly> setDiffieHellmanParameterPEMFile(ServerParameterSet::getGlobal(), "opensslDiffieHellmanParameters", &sslGlobalParams.sslPEMTempDHParam); - } // namespace + SSLPeerInfo& SSLPeerInfo::forSession(const transport::SessionHandle& session) { return peerInfoForSession(session.get()); } @@ -146,6 +151,21 @@ std::string x509OidToShortName(const std::string& name) { #endif } // namespace +MONGO_INITIALIZER_WITH_PREREQUISITES(SSLManagerLogger, ("SSLManager", "GlobalLogManager")) +(InitializerContext*) { + if (!isSSLServer || (sslGlobalParams.sslMode.load() != SSLParams::SSLMode_disabled)) { + const auto& config = getSSLManager()->getSSLConfiguration(); + if (!config.clientSubjectName.empty()) { + LOG(1) << "Client Certificate Name: " << config.clientSubjectName; + } + if (!config.serverSubjectName.empty()) { + LOG(1) << "Server Certificate Name: " << config.serverSubjectName; + LOG(1) << "Server Certificate Expiration: " << config.serverCertificateExpirationDate; + } + } + return Status::OK(); +} + StatusWith<std::string> SSLX509Name::getOID(StringData oid) const { for (const auto& rdn : _entries) { for (const auto& entry : rdn) { diff --git a/src/mongo/util/net/ssl_manager_apple.cpp b/src/mongo/util/net/ssl_manager_apple.cpp index 01569048e24..7466c18fa6e 100644 --- a/src/mongo/util/net/ssl_manager_apple.cpp +++ b/src/mongo/util/net/ssl_manager_apple.cpp @@ -1422,15 +1422,6 @@ MONGO_INITIALIZER(SSLManager)(InitializerContext*) { stdx::lock_guard<SimpleMutex> lck(sslManagerMtx); if (!isSSLServer || (sslGlobalParams.sslMode.load() != SSLParams::SSLMode_disabled)) { theSSLManager = new SSLManagerApple(sslGlobalParams, isSSLServer); - const auto& config = theSSLManager->getSSLConfiguration(); - log() << "Secure Transport Initialized"; - if (!config.clientSubjectName.empty()) { - log() << "Client Certificate Name: " << config.clientSubjectName; - } - if (!config.serverSubjectName.empty()) { - log() << "Server Certificate Name: " << config.serverSubjectName; - log() << "Server Certificate Expiration: " << config.serverCertificateExpirationDate; - } } return Status::OK(); } |