1 files changed, 79 insertions, 50 deletions

diff --git a/jstests/ssl/ssl_ingress_conn_metrics.js b/jstests/ssl/ssl_ingress_conn_metrics.js
index 3ba574b2967..333d3015a90 100644
--- a/jstests/ssl/ssl_ingress_conn_metrics.js
+++ b/jstests/ssl/ssl_ingress_conn_metrics.js
@@ -20,14 +20,21 @@ if (determineSSLProvider() === "openssl" && detectDefaultTLSProtocol() !== "TLS1
 // openSSL is being used. This can be different on Windows/OSX implementations.
 let cipherSuite = "TLS_AES_256_GCM_SHA384";
 
-const tlsOptions = {
-    tlsMode: "requireTLS",
-    tlsCertificateKeyFile: "jstests/libs/server.pem",
-    tlsCAFile: "jstests/libs/ca.pem",
-    setParameter: {opensslCipherSuiteConfig: cipherSuite},
+const mongodOptions = (connectionHealthLoggingOn) => {
+    let options = {
+        tlsMode: "requireTLS",
+        tlsCertificateKeyFile: "jstests/libs/server.pem",
+        tlsCAFile: "jstests/libs/ca.pem",
+        setParameter: {
+            opensslCipherSuiteConfig: cipherSuite,
+            enableDetailedConnectionHealthMetricLogLines: connectionHealthLoggingOn
+        },
+    };
+
+    return options;
 };
 
-function testConn() {
+function testConn(mongod) {
     const mongo = runMongoProgram('mongo',
                                   '--host',
                                   'localhost',
@@ -43,49 +50,71 @@ function testConn() {
     return mongo === 0;
 }
 
-jsTestLog("Establishing connection to mongod");
-const mongod = MongoRunner.runMongod(Object.merge(tlsOptions));
-let ssNetworkMetrics = mongod.adminCommand({serverStatus: 1}).metrics.network;
-let initialHandshakeTimeMillis = ssNetworkMetrics.totalIngressTLSHandshakeTimeMillis;
-jsTestLog(`totalTLSHandshakeTimeMillis: ${initialHandshakeTimeMillis}`);
-checkLog.containsJson(mongod, 6723804, {durationMillis: Number(initialHandshakeTimeMillis)});
-assert.commandWorked(mongod.adminCommand({clearLog: 'global'}));
-assert.eq(1, ssNetworkMetrics.totalIngressTLSConnections, ssNetworkMetrics);
-
-// Get the logId that corresponds to the implementation of TLS being used.
-let logId;
-switch (determineSSLProvider()) {
-    case "openssl":
-        logId = 6723801;
-        break;
-    case "windows":
-        logId = 6723802;
-        // This cipher is chosen to represent the cipher negotiated by Windows Server 2019 by
-        // default.
-        cipherSuite = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384";
-        break;
-    case "apple":
-        logId = 6723803;
-        // We log only the cipher represented as its enum value in this code path. This corresponds
-        // to the hex value 0xC030 which maps to the cipher suite
-        // "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384". This cipher is chosen by OSX 12.1 by default.
-        cipherSuite = 49200;
-        break;
-    default:
-        assert(false, "Failed to determine that we are using a supported SSL provider");
-}
+let runTest = (connectionHealthLoggingOn) => {
+    jsTestLog("Establishing connection to mongod");
+    let mongod = MongoRunner.runMongod(Object.merge(mongodOptions(connectionHealthLoggingOn)));
+    let ssNetworkMetrics = mongod.adminCommand({serverStatus: 1}).metrics.network;
+    let initialHandshakeTimeMillis = ssNetworkMetrics.totalIngressTLSHandshakeTimeMillis;
+    jsTestLog(`totalTLSHandshakeTimeMillis: ${initialHandshakeTimeMillis}`);
+
+    if (connectionHealthLoggingOn) {
+        checkLog.containsJson(
+            mongod, 6723804, {durationMillis: Number(initialHandshakeTimeMillis)});
+    } else {
+        assert.eq(checkLog.checkContainsOnceJson(mongod, 6723804, {}), false);
+    }
+
+    assert.commandWorked(mongod.adminCommand({clearLog: 'global'}));
+    assert.eq(1, ssNetworkMetrics.totalIngressTLSConnections, ssNetworkMetrics);
+
+    // Get the logId that corresponds to the implementation of TLS being used.
+    let logId;
+    switch (determineSSLProvider()) {
+        case "openssl":
+            logId = 6723801;
+            break;
+        case "windows":
+            logId = 6723802;
+            // This cipher is chosen to represent the cipher negotiated by Windows Server 2019
+            // by default.
+            cipherSuite = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384";
+            break;
+        case "apple":
+            logId = 6723803;
+            // We log only the cipher represented as its enum value in this code path. This
+            // corresponds to the hex value 0xC030 which maps to the cipher suite
+            // "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384". This cipher is chosen by OSX 12.1 by
+            // default.
+            cipherSuite = 49200;
+            break;
+        default:
+            assert(false, "Failed to determine that we are using a supported SSL provider");
+    }
+
+    // Start a new connection to check that 'durationMicros' is cumulatively measured in server
+    // status.
+    assert.soon(() => testConn(mongod), "Couldn't connect to mongod");
+    ssNetworkMetrics = mongod.adminCommand({serverStatus: 1}).metrics.network;
+    let totalTLSHandshakeTimeMillis = ssNetworkMetrics.totalIngressTLSHandshakeTimeMillis;
+    jsTestLog(`totalTLSHandshakeTimeMillis: ${totalTLSHandshakeTimeMillis}`);
+    let secondHandshakeDuration = totalTLSHandshakeTimeMillis - initialHandshakeTimeMillis;
+
+    if (connectionHealthLoggingOn) {
+        checkLog.containsJson(mongod, 6723804, {durationMillis: Number(secondHandshakeDuration)});
+        assert.soon(() => checkLog.checkContainsOnceJson(mongod, logId, {"cipher": cipherSuite}),
+                    "failed waiting for log line with negotiated cipher info");
+    } else {
+        assert.eq(checkLog.checkContainsOnceJson(mongod, 6723804, {}), false);
+        assert.eq(checkLog.checkContainsOnceJson(mongod, logId, {}), false);
+    }
+
+    assert.gt(totalTLSHandshakeTimeMillis, initialHandshakeTimeMillis);
+    assert.eq(2, ssNetworkMetrics.totalIngressTLSConnections, ssNetworkMetrics);
+
+    MongoRunner.stopMongod(mongod);
+};
 
-// Start a new connection to check that 'durationMicros' is cumulatively measured in server status.
-assert.soon(testConn, "Couldn't connect to mongod");
-ssNetworkMetrics = mongod.adminCommand({serverStatus: 1}).metrics.network;
-let totalTLSHandshakeTimeMillis = ssNetworkMetrics.totalIngressTLSHandshakeTimeMillis;
-jsTestLog(`totalTLSHandshakeTimeMillis: ${totalTLSHandshakeTimeMillis}`);
-let secondHandshakeDuration = totalTLSHandshakeTimeMillis - initialHandshakeTimeMillis;
-checkLog.containsJson(mongod, 6723804, {durationMillis: Number(secondHandshakeDuration)});
-assert.soon(() => checkLog.checkContainsOnceJson(mongod, logId, {"cipher": cipherSuite}),
-            "failed waiting for log line with negotiated cipher info");
-assert.gt(totalTLSHandshakeTimeMillis, initialHandshakeTimeMillis);
-assert.eq(2, ssNetworkMetrics.totalIngressTLSConnections, ssNetworkMetrics);
-
-MongoRunner.stopMongod(mongod);
+// Parameterized on turning connection health logging on/off.
+runTest(true);
+runTest(false);
 }());
\ No newline at end of file