diff options
author | Shaun Verch <shaun.verch@mongodb.com> | 2014-04-17 18:00:52 -0400 |
---|---|---|
committer | Shaun Verch <shaun.verch@mongodb.com> | 2014-04-17 18:01:11 -0400 |
commit | e83de252bac4f30b7a02bc08c6bc2e14c0f187bb (patch) | |
tree | 07299d959bbc11362a05266c52c4bd1ceff25703 | |
parent | 791fcf4495b08bd8c108f3275ba4e489b4928537 (diff) | |
download | mongo-e83de252bac4f30b7a02bc08c6bc2e14c0f187bb.tar.gz |
Revert "SERVER-13644 Fix command line censorship"
This reverts commit 44da20890f6af02ba766ca14991bbb072395a7ef.
(cherry picked from commit 65213714da82cf43ba5f54d34d1c6a2923d4a0bf)
-rw-r--r-- | jstests/ssl/ssl_options.js | 35 | ||||
-rw-r--r-- | src/mongo/util/cmdline_utils/censor_cmdline.cpp | 19 |
2 files changed, 4 insertions, 50 deletions
diff --git a/jstests/ssl/ssl_options.js b/jstests/ssl/ssl_options.js deleted file mode 100644 index f4dcb4d4d47..00000000000 --- a/jstests/ssl/ssl_options.js +++ /dev/null @@ -1,35 +0,0 @@ -var baseName = "jstests_ssl_ssl_options"; - -jsTest.log("Testing censorship of ssl options"); - -var mongodConfig = { sslPEMKeyFile : "jstests/libs/password_protected.pem", - sslMode : "requireSSL", - sslPEMKeyPassword : "qwerty", - sslClusterPassword : "qwerty" }; -var mongodSource = MongoRunner.runMongod(mongodConfig); - -var getCmdLineOptsResult = mongodSource.adminCommand("getCmdLineOpts"); - -var i; -var isPassword = false; -for (i = 0; i < getCmdLineOptsResult.argv.length; i++) { - if (isPassword) { - assert.eq(getCmdLineOptsResult.argv[i], "<password>", - "Password not properly censored: " + tojson(getCmdLineOptsResult)); - isPassword = false; - continue; - } - - if (getCmdLineOptsResult.argv[i] === "--sslPEMKeyPassword" || - getCmdLineOptsResult.argv[i] === "--sslClusterPassword") { - isPassword = true; - } -} -assert.eq(getCmdLineOptsResult.parsed.net.ssl.PEMKeyPassword, "<password>", - "Password not properly censored: " + tojson(getCmdLineOptsResult)); -assert.eq(getCmdLineOptsResult.parsed.net.ssl.clusterPassword, "<password>", - "Password not properly censored: " + tojson(getCmdLineOptsResult)); - -MongoRunner.stopMongod(mongodSource.port); - -print(baseName + " succeeded."); diff --git a/src/mongo/util/cmdline_utils/censor_cmdline.cpp b/src/mongo/util/cmdline_utils/censor_cmdline.cpp index ae51d536be4..e50b7018c99 100644 --- a/src/mongo/util/cmdline_utils/censor_cmdline.cpp +++ b/src/mongo/util/cmdline_utils/censor_cmdline.cpp @@ -41,9 +41,9 @@ namespace mongo { static bool _isPasswordArgument(const char* argumentName) { static const char* const passwordArguments[] = { - "net.ssl.PEMKeyPassword", - "net.ssl.clusterPassword", - "processManagement.windowsService.servicePassword", + "sslPEMKeyPassword", + "ssl.PEMKeyPassword", + "servicePassword", NULL // Last entry sentinel. }; for (const char* const* current = passwordArguments; *current; ++current) { @@ -54,13 +54,6 @@ namespace mongo { } static bool _isPasswordSwitch(const char* switchName) { - static const char* const passwordSwitches[] = { - "sslPEMKeyPassword", - "sslClusterPassword", - "servicePassword", - NULL // Last entry sentinel. - }; - if (switchName[0] != '-') return false; size_t i = 1; @@ -68,11 +61,7 @@ namespace mongo { i = 2; switchName += i; - for (const char* const* current = passwordSwitches; *current; ++current) { - if (mongoutils::str::equals(switchName, *current)) - return true; - } - return false; + return _isPasswordArgument(switchName); } static void _redact(char* arg) { |