diff options
author | Spencer Jackson <spencer.jackson@mongodb.com> | 2015-12-14 13:48:05 -0500 |
---|---|---|
committer | Spencer Jackson <spencer.jackson@mongodb.com> | 2015-12-15 11:18:46 -0500 |
commit | 30585ab4b4d84c74a555f40a0a75cd83254a4d8f (patch) | |
tree | 2cc95ab8b089f3cb1f47e2f337185135b1e0203a | |
parent | d66acd141e9f788a3bc3de96cbe332efbcc250e0 (diff) | |
download | mongo-30585ab4b4d84c74a555f40a0a75cd83254a4d8f.tar.gz |
SERVER-21890 Allow realm to be set in SSPI shell
(cherry picked from commit 4b37c81ddfd33f550f2f42e1a14a56e427620db4)
-rw-r--r-- | src/mongo/client/sasl_sspi.cpp | 3 | ||||
-rw-r--r-- | src/mongo/client/sasl_sspi_options.cpp | 7 | ||||
-rw-r--r-- | src/mongo/client/sasl_sspi_options.h | 5 |
3 files changed, 15 insertions, 0 deletions
diff --git a/src/mongo/client/sasl_sspi.cpp b/src/mongo/client/sasl_sspi.cpp index a9635320dd0..c1ee9fce981 100644 --- a/src/mongo/client/sasl_sspi.cpp +++ b/src/mongo/client/sasl_sspi.cpp @@ -222,6 +222,9 @@ int sspiClientMechNew(void* glob_context, } pcctx->nameToken = toWideString(cparams->service) + L'/' + toWideString(canonName.c_str()); + if (!saslSSPIGlobalParams.realmOverride.empty()) { + pcctx->nameToken += L'@' + toWideString(saslSSPIGlobalParams.realmOverride.c_str()); + } *conn_context = pcctx.release(); diff --git a/src/mongo/client/sasl_sspi_options.cpp b/src/mongo/client/sasl_sspi_options.cpp index f392f5b5412..c63a3f408ba 100644 --- a/src/mongo/client/sasl_sspi_options.cpp +++ b/src/mongo/client/sasl_sspi_options.cpp @@ -51,6 +51,10 @@ Status addSASLSSPIOptions(moe::OptionSection* options) { "DNS resolution strategy to use for hostname canonicalization. " "May be one of: {none, forward, forwardAndReverse}") .setDefault(moe::Value(std::string("none"))); + sspiOptions.addOptionChaining("security.sspiRealmOverride", + "sspiRealmOverride", + moe::String, + "Override the detected realm with the provided string").hidden(); return options->addSection(sspiOptions); } @@ -69,6 +73,9 @@ Status storeSASLSSPIOptions(const moe::Environment& params) { "Unrecognized sspiHostnameCanonicalization option"); } } + if (params.count("security.sspiRealmOverride")) { + saslSSPIGlobalParams.realmOverride = params["security.sspiRealmOverride"].as<std::string>(); + } return Status::OK(); } diff --git a/src/mongo/client/sasl_sspi_options.h b/src/mongo/client/sasl_sspi_options.h index e0dca3516ec..c32dc54bacc 100644 --- a/src/mongo/client/sasl_sspi_options.h +++ b/src/mongo/client/sasl_sspi_options.h @@ -28,6 +28,8 @@ #pragma once +#include <string> + #include "mongo/util/net/hostname_canonicalization.h" namespace mongo { @@ -44,6 +46,9 @@ namespace moe = mongo::optionenvironment; struct SASLSSPIGlobalParams { // HostnameCanonicalizationMode to use for resolving SASL hostname into the SPN's hostname HostnameCanonicalizationMode canonicalization = HostnameCanonicalizationMode::kNone; + + // Override the automatically detected realm + std::string realmOverride; }; extern SASLSSPIGlobalParams saslSSPIGlobalParams; |