summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/mongo/db/logical_session_id_helpers.cpp4
-rw-r--r--src/mongo/db/logical_session_id_helpers.h2
-rw-r--r--src/mongo/db/logical_session_id_test.cpp11
-rw-r--r--src/mongo/db/sessions_collection.cpp10
4 files changed, 26 insertions, 1 deletions
diff --git a/src/mongo/db/logical_session_id_helpers.cpp b/src/mongo/db/logical_session_id_helpers.cpp
index 7f89ca518df..32f743d0e42 100644
--- a/src/mongo/db/logical_session_id_helpers.cpp
+++ b/src/mongo/db/logical_session_id_helpers.cpp
@@ -55,6 +55,10 @@ SHA256Block getLogicalSessionUserDigestForLoggedInUser(const OperationContext* o
const auto user = AuthorizationSession::get(client)->getSingleUser();
invariant(user);
+ uassert(ErrorCodes::BadValue,
+ "Username too long to use with logical sessions",
+ user->getName().getFullName().length() < kMaximumUserNameLengthForLogicalSessions);
+
return user->getDigest();
} else {
return kNoAuthDigest;
diff --git a/src/mongo/db/logical_session_id_helpers.h b/src/mongo/db/logical_session_id_helpers.h
index 9735706330b..7e08503432b 100644
--- a/src/mongo/db/logical_session_id_helpers.h
+++ b/src/mongo/db/logical_session_id_helpers.h
@@ -36,6 +36,8 @@
namespace mongo {
+constexpr size_t kMaximumUserNameLengthForLogicalSessions = 10000;
+
/**
* Get the currently logged in user's UID digest.
*/
diff --git a/src/mongo/db/logical_session_id_test.cpp b/src/mongo/db/logical_session_id_test.cpp
index 403b5e1bfe0..c2e0bf17105 100644
--- a/src/mongo/db/logical_session_id_test.cpp
+++ b/src/mongo/db/logical_session_id_test.cpp
@@ -334,5 +334,16 @@ TEST_F(LogicalSessionIdTest, InitializeOperationSessionInfo_SupportsDocLockingFa
ErrorCodes::IllegalOperation);
}
+TEST_F(LogicalSessionIdTest, ConstructorFromClientWithTooLongName) {
+ auto id = UUID::gen();
+
+ addSimpleUser(UserName(std::string(kMaximumUserNameLengthForLogicalSessions + 1, 'x'), "test"));
+
+ LogicalSessionFromClient req;
+ req.setId(id);
+
+ ASSERT_THROWS(makeLogicalSessionId(req, _opCtx.get()), AssertionException);
+}
+
} // namespace
} // namespace mongo
diff --git a/src/mongo/db/sessions_collection.cpp b/src/mongo/db/sessions_collection.cpp
index ec0d2f43a8b..49644651e23 100644
--- a/src/mongo/db/sessions_collection.cpp
+++ b/src/mongo/db/sessions_collection.cpp
@@ -48,6 +48,14 @@ namespace mongo {
namespace {
+// This batch size is chosen to ensure that we don't form requests larger than the 16mb limit.
+// Especially for refreshes, the updates we send include the full user name (user@db), and user
+// names can be quite large (we enforce a max 10k limit for usernames used with sessions).
+//
+// At 1000 elements, a 16mb payload gives us a budget of 16000 bytes per user, which we should
+// comfortably be able to stay under, even with 10k user names.
+constexpr size_t kMaxBatchSize = 1000;
+
BSONObj lsidQuery(const LogicalSessionId& lsid) {
return BSON(LogicalSessionRecord::kIdFieldName << lsid.toBSON());
}
@@ -94,7 +102,7 @@ Status runBulkGeneric(TFactory makeT, AddLineFn addLine, SendFn sendBatch, const
for (const auto& item : items) {
addLine(*thing, item);
- if (++i >= write_ops::kMaxWriteBatchSize) {
+ if (++i >= kMaxBatchSize) {
auto res = sendLocalBatch();
if (!res.isOK()) {
return res;
View Lorry Controller Status