diff options
author | Andreas Nilsson <andreas.nilsson@10gen.com> | 2013-11-14 16:14:50 +0000 |
---|---|---|
committer | Andreas Nilsson <andreas.nilsson@10gen.com> | 2013-11-14 19:11:40 +0000 |
commit | 9030cdfa8707c06b3f8ad9dfb635c2244abcc84e (patch) | |
tree | 5859d75e8fbe4b7128fa2c944a9c10fce2556863 | |
parent | f85ceb17b37210eef71e8113162c41368bfd5c12 (diff) | |
download | mongo-9030cdfa8707c06b3f8ad9dfb635c2244abcc84e.tar.gz |
SERVER-11431 Change sslMode with setParameter command
-rw-r--r-- | src/mongo/db/commands/parameters.cpp | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/src/mongo/db/commands/parameters.cpp b/src/mongo/db/commands/parameters.cpp index 1e860659ff3..cfca569ad0c 100644 --- a/src/mongo/db/commands/parameters.cpp +++ b/src/mongo/db/commands/parameters.cpp @@ -36,6 +36,7 @@ #include "mongo/db/server_parameters.h" #include "mongo/db/storage_options.h" #include "mongo/util/mongoutils/str.h" +#include "mongo/util/net/ssl_options.h" namespace mongo { @@ -231,6 +232,68 @@ namespace mongo { } } logLevelSetting; + class SSLModeSetting : public ServerParameter { + public: + SSLModeSetting() : ServerParameter(ServerParameterSet::getGlobal(), "sslMode") {} + + std::string sslModeStr() { + switch (sslGlobalParams.sslMode.load()) { + case SSLGlobalParams::SSLMode_noSSL: + return "noSSL"; + case SSLGlobalParams::SSLMode_acceptSSL: + return "acceptSSL"; + case SSLGlobalParams::SSLMode_sendAcceptSSL: + return "sendAcceptSSL"; + case SSLGlobalParams::SSLMode_sslOnly: + return "sslOnly"; + default: + return "undefined"; + } + } + + virtual void append(BSONObjBuilder& b, const std::string& name) { + b << name << sslModeStr(); + } + + virtual Status set(const BSONElement& newValueElement) { + try { + return setFromString(newValueElement.String()); + } + catch (MsgAssertionException msg) { + return Status(ErrorCodes::BadValue, mongoutils::str::stream() << + "Invalid value for sslMode via setParameter command: " + << newValueElement); + } + + } + + virtual Status setFromString(const std::string& str) { +#ifndef MONGO_SSL + return Status(ErrorCodes::IllegalOperation, mongoutils::str::stream() << + "Unable to set sslMode, SSL support is not compiled into server"); +#endif + if (str != "sendAcceptSSL" && str != "sslOnly") { + return Status(ErrorCodes::BadValue, mongoutils::str::stream() << + "Invalid value for sslMode via setParameter command: " + << str); + } + + int oldMode = sslGlobalParams.sslMode.load(); + if (str == "sendAcceptSSL" && oldMode == SSLGlobalParams::SSLMode_acceptSSL) { + sslGlobalParams.sslMode.store(SSLGlobalParams::SSLMode_sendAcceptSSL); + } + else if (str == "sslOnly" && oldMode == SSLGlobalParams::SSLMode_sendAcceptSSL) { + sslGlobalParams.sslMode.store(SSLGlobalParams::SSLMode_sslOnly); + } + else { + return Status(ErrorCodes::BadValue, mongoutils::str::stream() << + "Illegal state transition for sslMode, attempt to change from " + << sslModeStr() << " to " << str); + } + return Status::OK(); + } + } sslModeSetting; + ExportedServerParameter<bool> QuietSetting( ServerParameterSet::getGlobal(), "quiet", &serverGlobalParams.quiet, |