SERVER-7455 keyfile replacement, command line parameters and upgrade

1 files changed, 21 insertions, 24 deletions

diff --git a/src/mongo/client/dbclient.cpp b/src/mongo/client/dbclient.cpp
index f0668c4f46c..ff42ea2c180 100644
--- a/src/mongo/client/dbclient.cpp
+++ b/src/mongo/client/dbclient.cpp
@@ -566,27 +566,24 @@ namespace mongo {
                     errmsg,
                     _authMongoCR(userSource, user, password, errmsg, digestPassword));
         }
+#ifdef MONGO_SSL
         else if (mechanism == StringData("MONGODB-X509", StringData::LiteralTag())){
             std::string userSource;
             uassertStatusOK(bsonExtractStringField(params,
                                                    saslCommandUserSourceFieldName,
                                                    &userSource));
-            std::string user;
-            uassertStatusOK(bsonExtractStringField(params,
-                                                   saslCommandUserFieldName,
-                                                   &user));
-
             std::string errmsg;
             uassert(ErrorCodes::AuthenticationFailed,
                     errmsg,
-                    _authMongoX509(userSource, user, errmsg));
+                    _authX509(userSource, getSSLManager()->getClientSubjectName(), errmsg));
         }
+#endif
         else if (saslClientAuthenticate != NULL) {
             uassertStatusOK(saslClientAuthenticate(this, params));
         }
         else {
             uasserted(ErrorCodes::BadValue,
-                      "SASL authentication support not compiled into client library.");
+                      mechanism + " mechanism support not compiled into client library.");
         }
     };
 
@@ -614,23 +611,6 @@ namespace mongo {
         }
     }
 
-    bool DBClientWithCommands::_authMongoX509(const string&dbname,
-                                              const string &username,
-                                              string& errmsg){
-        BSONObj authCmd;
-        BSONObjBuilder cmdBuilder;
-        cmdBuilder << "authenticate" << 1 << "mechanism" << "MONGODB-X509" << "user" << username;
-        authCmd = cmdBuilder.done();
-
-        BSONObj info;
-        if( runCommand(dbname, authCmd, info) ) {
-            return true;
-        }
-
-        errmsg = info.toString();
-        return false;
-    }
-
     bool DBClientWithCommands::_authMongoCR(const string &dbname,
                                             const string &username,
                                             const string &password_text,
@@ -679,6 +659,23 @@ namespace mongo {
         return false;
     }
 
+    bool DBClientWithCommands::_authX509(const string&dbname,
+                                              const string &username,
+                                              string& errmsg){
+        BSONObj authCmd;
+        BSONObjBuilder cmdBuilder;
+        cmdBuilder << "authenticate" << 1 << "mechanism" << "MONGODB-X509" << "user" << username;
+        authCmd = cmdBuilder.done();
+
+        BSONObj info;
+        if( runCommand(dbname, authCmd, info) ) {
+            return true;
+        }
+
+        errmsg = info.toString();
+        return false;
+    }
+
     void DBClientWithCommands::logout(const string &dbname, BSONObj& info) {
         runCommand(dbname, BSON("logout" << 1), info);
     }