diff options
author | Cheahuychou Mao <mao.cheahuychou@gmail.com> | 2020-12-16 17:09:45 +0000 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2021-01-05 05:58:56 +0000 |
commit | dc3ef13edd2ec8054f97fd160e72dae5edec3061 (patch) | |
tree | b8198ba35ab8715f53df1b4ead6e493f034e2f1a /src/mongo/client | |
parent | 1dfe8355a2b034ded045191f4e3d4be827365621 (diff) | |
download | mongo-dc3ef13edd2ec8054f97fd160e72dae5edec3061.tar.gz |
SERVER-52707 Make tenant migration recipient use x509 certificate to connect to donor
Diffstat (limited to 'src/mongo/client')
-rw-r--r-- | src/mongo/client/connection_string.h | 4 | ||||
-rw-r--r-- | src/mongo/client/connection_string_connect.cpp | 9 | ||||
-rw-r--r-- | src/mongo/client/dbclient_connection.cpp | 19 | ||||
-rw-r--r-- | src/mongo/client/dbclient_connection.h | 12 |
4 files changed, 32 insertions, 12 deletions
diff --git a/src/mongo/client/connection_string.h b/src/mongo/client/connection_string.h index 77f5f73a277..d505e1e5d24 100644 --- a/src/mongo/client/connection_string.h +++ b/src/mongo/client/connection_string.h @@ -46,6 +46,7 @@ namespace mongo { class ClientAPIVersionParameters; class DBClientBase; class MongoURI; +struct TransientSSLParams; /** * ConnectionString handles parsing different ways to connect to mongo and determining method @@ -150,7 +151,8 @@ public: std::string& errmsg, double socketTimeout = 0, const MongoURI* uri = nullptr, - const ClientAPIVersionParameters* apiParameters = nullptr) const; + const ClientAPIVersionParameters* apiParameters = nullptr, + const TransientSSLParams* transientSSLParams = nullptr) const; static StatusWith<ConnectionString> parse(const std::string& url); diff --git a/src/mongo/client/connection_string_connect.cpp b/src/mongo/client/connection_string_connect.cpp index ae4bf55d6fd..28cc448639c 100644 --- a/src/mongo/client/connection_string_connect.cpp +++ b/src/mongo/client/connection_string_connect.cpp @@ -51,7 +51,8 @@ std::unique_ptr<DBClientBase> ConnectionString::connect( std::string& errmsg, double socketTimeout, const MongoURI* uri, - const ClientAPIVersionParameters* apiParameters) const { + const ClientAPIVersionParameters* apiParameters, + const TransientSSLParams* transientSSLParams) const { MongoURI newURI{}; if (uri) { newURI = *uri; @@ -69,7 +70,11 @@ std::unique_ptr<DBClientBase> ConnectionString::connect( "Creating new connection to: {hostAndPort}", "Creating new connection", "hostAndPort"_attr = server); - if (!c->connect(server, applicationName, errmsg)) { + if (!c->connect(server, + applicationName, + errmsg, + transientSSLParams ? boost::make_optional(*transientSSLParams) + : boost::none)) { continue; } LOGV2_DEBUG(20110, 1, "Connected connection!"); diff --git a/src/mongo/client/dbclient_connection.cpp b/src/mongo/client/dbclient_connection.cpp index 49b581d5d2d..383be9ee5d7 100644 --- a/src/mongo/client/dbclient_connection.cpp +++ b/src/mongo/client/dbclient_connection.cpp @@ -275,8 +275,9 @@ Status DBClientConnection::authenticateInternalUser(auth::StepDownBehavior stepD bool DBClientConnection::connect(const HostAndPort& server, StringData applicationName, - std::string& errmsg) { - auto connectStatus = connect(server, applicationName); + std::string& errmsg, + boost::optional<TransientSSLParams> transientSSLParams) { + auto connectStatus = connect(server, applicationName, transientSSLParams); if (!connectStatus.isOK()) { errmsg = connectStatus.reason(); return false; @@ -284,8 +285,10 @@ bool DBClientConnection::connect(const HostAndPort& server, return true; } -Status DBClientConnection::connect(const HostAndPort& serverAddress, StringData applicationName) { - auto connectStatus = connectSocketOnly(serverAddress); +Status DBClientConnection::connect(const HostAndPort& serverAddress, + StringData applicationName, + boost::optional<TransientSSLParams> transientSSLParams) { + auto connectStatus = connectSocketOnly(serverAddress, transientSSLParams); if (!connectStatus.isOK()) { return connectStatus; } @@ -391,7 +394,8 @@ Status DBClientConnection::connect(const HostAndPort& serverAddress, StringData return Status::OK(); } -Status DBClientConnection::connectSocketOnly(const HostAndPort& serverAddress) { +Status DBClientConnection::connectSocketOnly( + const HostAndPort& serverAddress, boost::optional<TransientSSLParams> transientSSLParams) { _serverAddress = serverAddress; _markFailed(kReleaseSession); @@ -415,7 +419,10 @@ Status DBClientConnection::connectSocketOnly(const HostAndPort& serverAddress) { } auto sws = getGlobalServiceContext()->getTransportLayer()->connect( - serverAddress, _uri.getSSLMode(), _socketTimeout.value_or(Milliseconds{5000})); + serverAddress, + transientSSLParams ? transport::kEnableSSL : _uri.getSSLMode(), + _socketTimeout.value_or(Milliseconds{5000}), + transientSSLParams); if (!sws.isOK()) { return Status(ErrorCodes::HostUnreachable, str::stream() << "couldn't connect to server " << _serverAddress.toString() diff --git a/src/mongo/client/dbclient_connection.h b/src/mongo/client/dbclient_connection.h index 8532ddf231f..845af96d900 100644 --- a/src/mongo/client/dbclient_connection.h +++ b/src/mongo/client/dbclient_connection.h @@ -112,7 +112,10 @@ public: * @param errmsg any relevant error message will appended to the string * @return false if fails to connect. */ - bool connect(const HostAndPort& server, StringData applicationName, std::string& errmsg); + bool connect(const HostAndPort& server, + StringData applicationName, + std::string& errmsg, + boost::optional<TransientSSLParams> transientSSLParams = boost::none); /** * Semantically equivalent to the previous connect method, but returns a Status @@ -120,7 +123,9 @@ public: * * @param server The server to connect to. */ - virtual Status connect(const HostAndPort& server, StringData applicationName); + virtual Status connect(const HostAndPort& server, + StringData applicationName, + boost::optional<TransientSSLParams> transientSSLParams = boost::none); /** * This version of connect does not run 'isMaster' after creating a TCP connection to the @@ -129,7 +134,8 @@ public: * * @param server The server to connect to. */ - Status connectSocketOnly(const HostAndPort& server); + Status connectSocketOnly(const HostAndPort& server, + boost::optional<TransientSSLParams> transientSSLParams = boost::none); /** * Logs out the connection for the given database. |