diff options
author | Jason Piao <jason.piao@Jasons-MacBook-Pro.local> | 2019-06-07 11:40:34 -0400 |
---|---|---|
committer | jason.piao <jason.piao@mongodb.com> | 2019-07-30 12:58:01 -0400 |
commit | f00c50b874953f879ad9b642b7d7b2892eb78429 (patch) | |
tree | 698abda4615a52c6e6895f2306d77c66c44d12c3 | |
parent | 6aa44393ee2c8f7d9392dd2a0100eafef3e719c9 (diff) | |
download | mongo-f00c50b874953f879ad9b642b7d7b2892eb78429.tar.gz |
SERVER-41152 strip white space from auth mechanisms
(cherry picked from commit c31362708f26397dd20818ab780a5180e257d5a7)
-rw-r--r-- | jstests/auth/auth_mechanisms_parsing.js | 13 | ||||
-rw-r--r-- | src/mongo/db/auth/sasl_options.cpp | 35 |
2 files changed, 43 insertions, 5 deletions
diff --git a/jstests/auth/auth_mechanisms_parsing.js b/jstests/auth/auth_mechanisms_parsing.js new file mode 100644 index 00000000000..72f906b3c68 --- /dev/null +++ b/jstests/auth/auth_mechanisms_parsing.js @@ -0,0 +1,13 @@ +// Test for stripping whitespace for authenticationMechanisms +(function() { + "use strict"; + + const conn = MongoRunner.runMongod( + {setParameter: "authenticationMechanisms=SCRAM-SHA-1,SCRAM-SHA-256, PLAIN"}); + + const cmdOut = conn.getDB('admin').runCommand({getParameter: 1, authenticationMechanisms: 1}); + + // Check to see if whitespace in front of PLAIN is stripped + assert.sameMembers(cmdOut.authenticationMechanisms, ["SCRAM-SHA-1", "SCRAM-SHA-256", "PLAIN"]); + MongoRunner.stopMongod(conn); +}()); diff --git a/src/mongo/db/auth/sasl_options.cpp b/src/mongo/db/auth/sasl_options.cpp index 8a8597304b3..382d1d4b45b 100644 --- a/src/mongo/db/auth/sasl_options.cpp +++ b/src/mongo/db/auth/sasl_options.cpp @@ -32,6 +32,8 @@ #include "mongo/db/auth/sasl_options.h" +#include <boost/algorithm/string.hpp> + #include "mongo/base/status.h" #include "mongo/db/server_parameters.h" #include "mongo/util/log.h" @@ -193,11 +195,6 @@ MONGO_STARTUP_OPTIONS_STORE(SASLOptions)(InitializerContext* context) { // SASL Startup Parameters, making them settable via setParameter on the command line or in the // legacy INI config file. None of these parameters are modifiable at runtime. -ExportedServerParameter<std::vector<std::string>, ServerParameterType::kStartupOnly> - SASLAuthenticationMechanismsSetting(ServerParameterSet::getGlobal(), - "authenticationMechanisms", - &saslGlobalParams.authenticationMechanisms); - ExportedServerParameter<std::string, ServerParameterType::kStartupOnly> SASLHostNameSetting( ServerParameterSet::getGlobal(), "saslHostName", &saslGlobalParams.hostName); @@ -231,6 +228,30 @@ private: int _minimum; }; +class ExportedAuthenticationMechanismParameter + : public ExportedServerParameter<std::vector<std::string>, ServerParameterType::kStartupOnly> { +public: + ExportedAuthenticationMechanismParameter(StringData name, std::vector<std::string>* value) + : ExportedServerParameter<std::vector<std::string>, ServerParameterType::kStartupOnly>( + ServerParameterSet::getGlobal(), name.toString(), value) {} + + Status setFromString(const std::string& str) final { + + std::vector<std::string> v; + splitStringDelim(str, &v, ','); + + // Strip white space for authentication mechanisms + for (auto& mechanism : v) { + boost::trim(mechanism); + } + + std::string joinedString = boost::algorithm::join(v, ","); + return ExportedServerParameter< + std::vector<std::string>, + ServerParameterType::kStartupOnly>::setFromString(joinedString); + } +}; + ExportedScramIterationCountParameter scramSHA1IterationCountParam( scramSHA1IterationCountServerParameter, &saslGlobalParams.scramSHA1IterationCount, @@ -240,4 +261,8 @@ ExportedScramIterationCountParameter scramSHA256IterationCountParam( &saslGlobalParams.scramSHA256IterationCount, minimumScramSHA256IterationCount); +// modify the input to remove leading and trailing white space +ExportedAuthenticationMechanismParameter authMechanismsParam( + "authenticationMechanisms", &saslGlobalParams.authenticationMechanisms); + } // namespace mongo |