diff options
author | Spencer Jackson <spencer.jackson@mongodb.com> | 2018-04-17 13:17:52 -0400 |
---|---|---|
committer | Spencer Jackson <spencer.jackson@mongodb.com> | 2018-04-24 12:09:11 -0400 |
commit | f761fe13f3d27959d421ae610ac20fdcb8701cce (patch) | |
tree | 730a795723c236827fd4daa697550ea53b8eb63b | |
parent | ab112a029bca9d575379d42450ea2a7e9254c6de (diff) | |
download | mongo-f761fe13f3d27959d421ae610ac20fdcb8701cce.tar.gz |
SERVER-34421: isMaster saslSupportedMechs shouldn't error on UserNotFound
-rw-r--r-- | jstests/auth/sasl_mechanism_discovery.js | 8 | ||||
-rw-r--r-- | src/mongo/db/auth/sasl_mechanism_registry.cpp | 11 | ||||
-rw-r--r-- | src/mongo/db/auth/sasl_mechanism_registry_test.cpp | 12 |
3 files changed, 21 insertions, 10 deletions
diff --git a/jstests/auth/sasl_mechanism_discovery.js b/jstests/auth/sasl_mechanism_discovery.js index 2d5404178fd..b21fe2e7c38 100644 --- a/jstests/auth/sasl_mechanism_discovery.js +++ b/jstests/auth/sasl_mechanism_discovery.js @@ -13,10 +13,12 @@ var db = conn.getDB("admin"); var externalDB = conn.getDB("$external"); - // Check that unknown or invalid users produce the correct errors. - assert.commandFailedWithCode(db.runCommand({isMaster: 1, saslSupportedMechs: "test.bogus"}), - ErrorCodes.UserNotFound); + // Check that unknown users do not interrupt isMaster + let res = + assert.commandWorked(db.runCommand({isMaster: 1, saslSupportedMechs: "test.bogus"})); + assert.eq(undefined, res.saslSupportedMechs); + // Check that invalid usernames produce the correct error code assert.commandFailedWithCode(db.runCommand({isMaster: 1, saslSupportedMechs: "bogus"}), ErrorCodes.BadValue); diff --git a/src/mongo/db/auth/sasl_mechanism_registry.cpp b/src/mongo/db/auth/sasl_mechanism_registry.cpp index 69c5f495e25..6bd5417b288 100644 --- a/src/mongo/db/auth/sasl_mechanism_registry.cpp +++ b/src/mongo/db/auth/sasl_mechanism_registry.cpp @@ -25,6 +25,7 @@ * exception statement from all source files in the program, then also delete * it in the license file. */ +#define MONGO_LOG_DEFAULT_COMPONENT ::mongo::logger::LogComponent::kAccessControl #include "mongo/platform/basic.h" @@ -34,6 +35,7 @@ #include "mongo/db/auth/sasl_options.h" #include "mongo/db/auth/user.h" #include "mongo/util/icu.h" +#include "mongo/util/log.h" #include "mongo/util/net/sock.h" #include "mongo/util/scopeguard.h" #include "mongo/util/sequence_util.h" @@ -89,7 +91,14 @@ void SASLServerMechanismRegistry::advertiseMechanismNamesForUser(OperationContex authManager->releaseUser(user); } }); - uassertStatusOK(status); + if (!status.isOK()) { + if (status.code() == ErrorCodes::UserNotFound) { + log() << "Supported SASL mechanisms requested for unknown user '" << userName + << "'"; + return; + } + uassertStatusOK(status); + } BSONArrayBuilder mechanismsBuilder; auto& map = _getMapRef(userName.getDB()); diff --git a/src/mongo/db/auth/sasl_mechanism_registry_test.cpp b/src/mongo/db/auth/sasl_mechanism_registry_test.cpp index 1fdea125852..fba7482b033 100644 --- a/src/mongo/db/auth/sasl_mechanism_registry_test.cpp +++ b/src/mongo/db/auth/sasl_mechanism_registry_test.cpp @@ -229,12 +229,12 @@ TEST_F(MechanismRegistryTest, invalidUserCantAdvertiseMechs) { BSONObjBuilder builder; - ASSERT_THROWS( - registry.advertiseMechanismNamesForUser(opCtx.get(), - BSON("isMaster" << 1 << "saslSupportedMechs" - << "test.noSuchUser"), - &builder), - AssertionException); + registry.advertiseMechanismNamesForUser(opCtx.get(), + BSON("isMaster" << 1 << "saslSupportedMechs" + << "test.noSuchUser"), + &builder); + + ASSERT_BSONOBJ_EQ(BSONObj(), builder.obj()); } TEST_F(MechanismRegistryTest, strongMechCanAdvertise) { |