diff options
author | Hari Khalsa <hkhalsa@10gen.com> | 2014-05-21 13:19:35 -0400 |
---|---|---|
committer | Hari Khalsa <hkhalsa@10gen.com> | 2014-05-22 11:29:12 -0400 |
commit | 4829bf7cd9eb34db1de853a87c70c6752cc6e775 (patch) | |
tree | 9dd87cf1a70d6a91e86192f5f4d4cd326a6e5596 /src/mongo/db/commands/copydb_getnonce.cpp | |
parent | 4e5ff6074e560b44134b803e957effd1315b3122 (diff) | |
download | mongo-4829bf7cd9eb34db1de853a87c70c6752cc6e775.tar.gz |
SERVER-13641 break up cloner.cpp into commands and functionality to make usage clearer
Diffstat (limited to 'src/mongo/db/commands/copydb_getnonce.cpp')
-rw-r--r-- | src/mongo/db/commands/copydb_getnonce.cpp | 133 |
1 files changed, 133 insertions, 0 deletions
diff --git a/src/mongo/db/commands/copydb_getnonce.cpp b/src/mongo/db/commands/copydb_getnonce.cpp new file mode 100644 index 00000000000..a3ea4e00fd9 --- /dev/null +++ b/src/mongo/db/commands/copydb_getnonce.cpp @@ -0,0 +1,133 @@ +/** +* Copyright (C) 2008 10gen Inc. +* +* This program is free software: you can redistribute it and/or modify +* it under the terms of the GNU Affero General Public License, version 3, +* as published by the Free Software Foundation. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU Affero General Public License for more details. +* +* You should have received a copy of the GNU Affero General Public License +* along with this program. If not, see <http://www.gnu.org/licenses/>. +* +* As a special exception, the copyright holders give permission to link the +* code of portions of this program with the OpenSSL library under certain +* conditions as described in each individual source file and distribute +* linked combinations including the program with the OpenSSL library. You +* must comply with the GNU Affero General Public License in all respects for +* all of the code used other than as permitted herein. If you modify file(s) +* with this exception, you may extend this exception to your version of the +* file(s), but you are not obligated to do so. If you do not wish to do so, +* delete this exception statement from your version. If you delete this +* exception statement from all source files in the program, then also delete +* it in the license file. +*/ + +#include "mongo/pch.h" + +#include "mongo/base/init.h" +#include "mongo/base/status.h" +#include "mongo/bson/util/builder.h" +#include "mongo/client/dbclientinterface.h" +#include "mongo/db/auth/action_set.h" +#include "mongo/db/auth/resource_pattern.h" +#include "mongo/db/auth/authorization_session.h" +#include "mongo/db/catalog/collection.h" +#include "mongo/db/cloner.h" +#include "mongo/db/commands.h" +#include "mongo/db/commands/copydb.h" +#include "mongo/db/commands/rename_collection.h" +#include "mongo/db/db.h" +#include "mongo/db/dbhelpers.h" +#include "mongo/db/index_builder.h" +#include "mongo/db/instance.h" +#include "mongo/db/jsobj.h" +#include "mongo/db/kill_current_op.h" +#include "mongo/db/namespace_string.h" +#include "mongo/db/repl/oplog.h" +#include "mongo/db/repl/oplogreader.h" +#include "mongo/db/pdfile.h" +#include "mongo/db/operation_context_impl.h" +#include "mongo/db/storage_options.h" + +namespace mongo { + + // SERVER-4328 todo review for concurrency + // :( + thread_specific_ptr<DBClientBase> authConn_; + + /* Usage: + * admindb.$cmd.findOne( { copydbgetnonce: 1, fromhost: <connection string> } ); + * + * Run against the mongod that is the intended target for the "copydb" command. Used to get a + * nonce from the source of a "copydb" operation for authentication purposes. See the + * description of the "copydb" command below. + */ + class CmdCopyDbGetNonce : public Command { + public: + CmdCopyDbGetNonce() : Command("copydbgetnonce") { } + + virtual bool adminOnly() const { + return true; + } + + virtual bool slaveOk() const { + return false; + } + + virtual bool isWriteCommandForConfigServer() const { return false; } + + virtual void addRequiredPrivileges(const std::string& dbname, + const BSONObj& cmdObj, + std::vector<Privilege>* out) { + // No auth required + } + + virtual void help( stringstream &help ) const { + help << "get a nonce for subsequent copy db request from secure server\n"; + help << "usage: {copydbgetnonce: 1, fromhost: <hostname>}"; + } + + virtual bool run(OperationContext* txn, + const string&, + BSONObj& cmdObj, + int, + string& errmsg, + BSONObjBuilder& result, + bool fromRepl) { + + string fromhost = cmdObj.getStringField("fromhost"); + if ( fromhost.empty() ) { + /* copy from self */ + stringstream ss; + ss << "localhost:" << serverGlobalParams.port; + fromhost = ss.str(); + } + + BSONObj ret; + + ConnectionString cs = ConnectionString::parse(fromhost, errmsg); + if (!cs.isValid()) { + return false; + } + + authConn_.reset(cs.connect(errmsg)); + if (!authConn_.get()) { + return false; + } + + if( !authConn_->runCommand( "admin", BSON( "getnonce" << 1 ), ret ) ) { + errmsg = "couldn't get nonce " + ret.toString(); + return false; + } + + result.appendElements( ret ); + return true; + } + + } cmdCopyDBGetNonce; + +} // namespace mongo |