diff options
-rw-r--r-- | jstests/ssl/ssl_cert_selector_apple.js | 3 | ||||
-rw-r--r-- | src/mongo/util/net/ssl_manager.cpp | 22 | ||||
-rw-r--r-- | src/mongo/util/net/ssl_manager_apple.cpp | 9 |
3 files changed, 23 insertions, 11 deletions
diff --git a/jstests/ssl/ssl_cert_selector_apple.js b/jstests/ssl/ssl_cert_selector_apple.js index 616badb5e07..2de17aea5f5 100644 --- a/jstests/ssl/ssl_cert_selector_apple.js +++ b/jstests/ssl/ssl_cert_selector_apple.js @@ -34,7 +34,8 @@ requireSSLProvider('apple', function() { sslMode: 'requireSSL', sslCertificateSelector: cert.selector, sslClusterCertificateSelector: cluster.selector, - waitForConnect: false + waitForConnect: false, + setParameter: {logLevel: '1'}, }; clearRawMongoProgramOutput(); const mongod = MongoRunner.runMongod(opts); diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp index 24872cb2e4c..f98ac09edb3 100644 --- a/src/mongo/util/net/ssl_manager.cpp +++ b/src/mongo/util/net/ssl_manager.cpp @@ -25,6 +25,9 @@ * then also delete it in the license file. */ + +#define MONGO_LOG_DEFAULT_COMPONENT ::mongo::logger::LogComponent::kNetwork + #include "mongo/platform/basic.h" #include "mongo/util/net/ssl_manager.h" @@ -33,12 +36,14 @@ #include <string> #include <vector> +#include "mongo/base/init.h" #include "mongo/bson/bsonobjbuilder.h" #include "mongo/config.h" #include "mongo/db/server_parameters.h" #include "mongo/platform/overflow_arithmetic.h" #include "mongo/transport/session.h" #include "mongo/util/hex.h" +#include "mongo/util/log.h" #include "mongo/util/mongoutils/str.h" #include "mongo/util/net/ssl_options.h" #include "mongo/util/net/ssl_types.h" @@ -65,9 +70,9 @@ ExportedServerParameter<std::string, ServerParameterType::kStartupOnly> setDiffieHellmanParameterPEMFile(ServerParameterSet::getGlobal(), "opensslDiffieHellmanParameters", &sslGlobalParams.sslPEMTempDHParam); - } // namespace + SSLPeerInfo& SSLPeerInfo::forSession(const transport::SessionHandle& session) { return peerInfoForSession(session.get()); } @@ -146,6 +151,21 @@ std::string x509OidToShortName(const std::string& name) { #endif } // namespace +MONGO_INITIALIZER_WITH_PREREQUISITES(SSLManagerLogger, ("SSLManager", "GlobalLogManager")) +(InitializerContext*) { + if (!isSSLServer || (sslGlobalParams.sslMode.load() != SSLParams::SSLMode_disabled)) { + const auto& config = getSSLManager()->getSSLConfiguration(); + if (!config.clientSubjectName.empty()) { + LOG(1) << "Client Certificate Name: " << config.clientSubjectName; + } + if (!config.serverSubjectName.empty()) { + LOG(1) << "Server Certificate Name: " << config.serverSubjectName; + LOG(1) << "Server Certificate Expiration: " << config.serverCertificateExpirationDate; + } + } + return Status::OK(); +} + StatusWith<std::string> SSLX509Name::getOID(StringData oid) const { for (const auto& rdn : _entries) { for (const auto& entry : rdn) { diff --git a/src/mongo/util/net/ssl_manager_apple.cpp b/src/mongo/util/net/ssl_manager_apple.cpp index 01569048e24..7466c18fa6e 100644 --- a/src/mongo/util/net/ssl_manager_apple.cpp +++ b/src/mongo/util/net/ssl_manager_apple.cpp @@ -1422,15 +1422,6 @@ MONGO_INITIALIZER(SSLManager)(InitializerContext*) { stdx::lock_guard<SimpleMutex> lck(sslManagerMtx); if (!isSSLServer || (sslGlobalParams.sslMode.load() != SSLParams::SSLMode_disabled)) { theSSLManager = new SSLManagerApple(sslGlobalParams, isSSLServer); - const auto& config = theSSLManager->getSSLConfiguration(); - log() << "Secure Transport Initialized"; - if (!config.clientSubjectName.empty()) { - log() << "Client Certificate Name: " << config.clientSubjectName; - } - if (!config.serverSubjectName.empty()) { - log() << "Server Certificate Name: " << config.serverSubjectName; - log() << "Server Certificate Expiration: " << config.serverCertificateExpirationDate; - } } return Status::OK(); } |