SERVER-45717 Allow changes to clusterIpSourceAllowlist without restart

author: sergey.galtsev <sergey.galtsev@mongodb.com> 2021-11-01 20:11:09 +0000
committer: Evergreen Agent <no-reply@evergreen.mongodb.com> 2021-11-01 21:20:31 +0000
commit: 8ac4553c3d5c7509ea708c31a7f0232b2b3d4f4f (patch)
tree: 11dbb66e14cd1ce9731a2c52296ed24d4b22f95e /src/mongo/client
parent: 102cc8aeb299faadd9349c3ffd23f7ca9ff3c32b (diff)
download: mongo-8ac4553c3d5c7509ea708c31a7f0232b2b3d4f4f.tar.gz
2 files changed, 11 insertions, 9 deletions
diff --git a/src/mongo/client/authenticate.cpp b/src/mongo/client/authenticate.cpp
index 7180b707f10..a1b3fd5a649 100644
--- a/src/mongo/client/authenticate.cpp
+++ b/src/mongo/client/authenticate.cpp
@@ -253,8 +253,9 @@ Future<void> authenticateInternalClient(
     StepDownBehavior stepDownBehavior,
     RunCommandHook runCommand,
     std::shared_ptr<InternalAuthParametersProvider> internalParamsProvider) {
+    auto systemUser = internalSecurity.getUser();
     return negotiateSaslMechanism(
-               runCommand, internalSecurity.user->getName(), mechanismHint, stepDownBehavior)
+               runCommand, (*systemUser)->getName(), mechanismHint, stepDownBehavior)
         .then([runCommand, clientSubjectName, remote, internalParamsProvider](
                   std::string mechanism) -> Future<void> {
             auto params = internalParamsProvider->get(0, mechanism);
diff --git a/src/mongo/client/internal_auth.cpp b/src/mongo/client/internal_auth.cpp
index 59b8d6da5dc..467fb219546 100644
--- a/src/mongo/client/internal_auth.cpp
+++ b/src/mongo/client/internal_auth.cpp
@@ -103,16 +103,16 @@ BSONObj getInternalAuthParams(size_t idx, StringData mechanism) {
     }
 
     auto password = internalAuthKeys.at(idx);
+    auto systemUser = internalSecurity.getUser();
     if (mechanism == kMechanismScramSha1) {
-        password =
-            mongo::createPasswordDigest(internalSecurity.user->getName().getUser(), password);
+        password = mongo::createPasswordDigest((*systemUser)->getName().getUser(), password);
     }
 
     return BSON(saslCommandMechanismFieldName
-                << mechanism << saslCommandUserDBFieldName
-                << internalSecurity.user->getName().getDB() << saslCommandUserFieldName
-                << internalSecurity.user->getName().getUser() << saslCommandPasswordFieldName
-                << password << saslCommandDigestPasswordFieldName << false);
+                << mechanism << saslCommandUserDBFieldName << (*systemUser)->getName().getDB()
+                << saslCommandUserFieldName << (*systemUser)->getName().getUser()
+                << saslCommandPasswordFieldName << password << saslCommandDigestPasswordFieldName
+                << false);
 }
 
 std::string getBSONString(BSONObj container, StringData field) {
@@ -131,8 +131,9 @@ std::string getInternalAuthDB() {
         return getBSONString(internalAuthParams, saslCommandUserDBFieldName);
     }
 
-    if (auto isu = internalSecurity.user) {
-        return isu->getName().getDB();
+    auto systemUser = internalSecurity.getUser();
+    if (systemUser && *systemUser) {
+        return (*systemUser)->getName().getDB();
     }
 
     return "admin";
author	sergey.galtsev <sergey.galtsev@mongodb.com>	2021-11-01 20:11:09 +0000
committer	Evergreen Agent <no-reply@evergreen.mongodb.com>	2021-11-01 21:20:31 +0000
commit	8ac4553c3d5c7509ea708c31a7f0232b2b3d4f4f (patch)
tree	11dbb66e14cd1ce9731a2c52296ed24d4b22f95e /src/mongo/client
parent	102cc8aeb299faadd9349c3ffd23f7ca9ff3c32b (diff)
download	mongo-8ac4553c3d5c7509ea708c31a7f0232b2b3d4f4f.tar.gz