diff options
author | Jonathan Reams <jbreams@mongodb.com> | 2018-10-31 12:39:31 -0400 |
---|---|---|
committer | Jonathan Reams <jbreams@mongodb.com> | 2018-11-07 10:20:26 -0500 |
commit | 8c2c95edbdf32e88868396cf6927a9346bbc85e4 (patch) | |
tree | 93c9d6a919005c1063efb272c1c216c53e2b2b01 /src/mongo/executor/connection_pool_tl.cpp | |
parent | 514873667fbb5fa62a245a936826bc71f73b87e8 (diff) | |
download | mongo-8c2c95edbdf32e88868396cf6927a9346bbc85e4.tar.gz |
SERVER-37833 Retry internal auth with alternate key during keyfile rollover
Diffstat (limited to 'src/mongo/executor/connection_pool_tl.cpp')
-rw-r--r-- | src/mongo/executor/connection_pool_tl.cpp | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/src/mongo/executor/connection_pool_tl.cpp b/src/mongo/executor/connection_pool_tl.cpp index a813d7e5688..7dd943649c1 100644 --- a/src/mongo/executor/connection_pool_tl.cpp +++ b/src/mongo/executor/connection_pool_tl.cpp @@ -188,7 +188,21 @@ void TLConnection::setup(Milliseconds timeout, SetupCallback cb) { _client = std::move(client); return _client->initWireVersion("NetworkInterfaceTL", _onConnectHook); }) - .then([this] { return _client->authenticate(getInternalUserAuthParams()); }) + .then([this] { + // Try to authenticate with the default system credentials + return _client->authenticate(getInternalUserAuthParams()) + .onError([this](Status status) -> Future<void> { + // If we're in the middle of a keyfile rollover, there may be alternate + // credentials to try. + const auto altParams = getInternalUserAuthParams(1); + if (!altParams.isEmpty() && status == ErrorCodes::AuthenticationFailed) { + return _client->authenticate(altParams); + } else { + // If there weren't alternate credentials, the original error stands. + return status; + } + }); + }) .then([this] { if (!_onConnectHook) { return Future<void>::makeReady(); |