diff options
| author | Misha Tyulenev <misha@mongodb.com> | 2018-06-01 11:36:16 -0400 |
|---|---|---|
| committer | Jack Mulrow <jack.mulrow@mongodb.com> | 2018-06-07 15:13:27 -0400 |
| commit | 6ac3162f47fd9e114c0a43f3f92ba1b7aa468bcd (patch) | |
| tree | 5948ef2a95d8c92dc50c5ab4305728134ad0cf7e | |
| parent | 4c180a92e580d7bb998111dd55719bd8e3fdee73 (diff) | |
| download | mongo-6ac3162f47fd9e114c0a43f3f92ba1b7aa468bcd.tar.gz | |
SERVER-34517 do not check for userId in cursors within sessions during getMore in sharded cluster
(cherry picked from commit 5eb20d1ed6d5fd852b2192450dadbae0eec33278)
| -rw-r--r-- | jstests/ssl/ssl_get_more.js | 50 | ||||
| -rw-r--r-- | src/mongo/db/commands/getmore_cmd.cpp | 3 |
2 files changed, 52 insertions, 1 deletions
diff --git a/jstests/ssl/ssl_get_more.js b/jstests/ssl/ssl_get_more.js new file mode 100644 index 00000000000..f70afc38054 --- /dev/null +++ b/jstests/ssl/ssl_get_more.js @@ -0,0 +1,50 @@ +(function() { + "use strict"; + + var x509_options = { + sslMode: "requireSSL", + sslPEMKeyFile: "jstests/libs/server.pem", + sslCAFile: "jstests/libs/ca.pem", + sslClusterFile: "jstests/libs/cluster_cert.pem", + sslAllowInvalidHostnames: "", + clusterAuthMode: "x509" + }; + + const st = new ShardingTest({ + shards: 1, + other: { + enableBalancer: true, + configOptions: x509_options, + mongosOptions: x509_options, + rsOptions: x509_options, + shardOptions: x509_options, + shardAsReplicaSet: false + } + }); + + st.s.getDB('admin').createUser({user: 'admin', pwd: 'pwd', roles: ['root']}); + st.s.getDB('admin').auth('admin', 'pwd'); + + const sessionOptions = {causalConsistency: false}; + const session = st.s.startSession(sessionOptions); + const db = session.getDatabase("test"); + const coll = db.foo; + + coll.createIndex({x: 1}); + coll.createIndex({y: 1}); + + for (let i = 0; i < 10; i++) { + const res = assert.commandWorked( + db.runCommand({listIndexes: coll.getName(), cursor: {batchSize: 0}})); + const cursor = new DBCommandCursor(db, res); + assert.eq(3, cursor.itcount()); + } + + // Authenticate csrs so ReplSetTest.stopSet() can do db hash check. + if (st.configRS) { + st.configRS.nodes.forEach((node) => { + node.getDB('admin').auth('admin', 'pwd'); + }); + } + st.stop(); +}()); diff --git a/src/mongo/db/commands/getmore_cmd.cpp b/src/mongo/db/commands/getmore_cmd.cpp index 2877c72bca0..2455524b7c4 100644 --- a/src/mongo/db/commands/getmore_cmd.cpp +++ b/src/mongo/db/commands/getmore_cmd.cpp @@ -88,6 +88,7 @@ void validateLSID(OperationContext* opCtx, const GetMoreRequest& request, Client << ", without an lsid", opCtx->getLogicalSessionId() || !cursor->getSessionId()); + // TODO: SERVER-35323 - compare logicalSessionId that include userId. uassert(50738, str::stream() << "Cannot run getMore on cursor " << request.cursorid << ", which was created in session " @@ -95,7 +96,7 @@ void validateLSID(OperationContext* opCtx, const GetMoreRequest& request, Client << ", in session " << *opCtx->getLogicalSessionId(), !opCtx->getLogicalSessionId() || !cursor->getSessionId() || - (*opCtx->getLogicalSessionId() == *cursor->getSessionId())); + (opCtx->getLogicalSessionId()->getId() == cursor->getSessionId()->getId())); } /** |