SERVER-40464 skip auth option for connection pools

Add support for a new connection pool option which allows us to skip
authentication, even if the server as a whole has auth on.

This is to support special pools which don't need to auth

4 files changed, 23 insertions, 5 deletions

diff --git a/src/mongo/executor/connection_pool.h b/src/mongo/executor/connection_pool.h
index 7066177e438..f3bfb691ff5 100644
--- a/src/mongo/executor/connection_pool.h
+++ b/src/mongo/executor/connection_pool.h
@@ -132,6 +132,11 @@ public:
          * The manager will hold this pool for the lifetime of the pool.
          */
         EgressTagCloserManager* egressTagCloserManager = nullptr;
+
+        /**
+         * Connections created through this connection pool will not attempt to authenticate.
+         */
+        bool skipAuthentication = false;
     };
 
     explicit ConnectionPool(std::shared_ptr<DependentTypeFactoryInterface> impl,
diff --git a/src/mongo/executor/connection_pool_tl.cpp b/src/mongo/executor/connection_pool_tl.cpp
index 25141e09a1e..e4a0d9e35ae 100644
--- a/src/mongo/executor/connection_pool_tl.cpp
+++ b/src/mongo/executor/connection_pool_tl.cpp
@@ -237,6 +237,10 @@ void TLConnection::setup(Milliseconds timeout, SetupCallback cb) {
             return _client->initWireVersion("NetworkInterfaceTL", isMasterHook.get());
         })
         .then([this, isMasterHook] {
+            if (_skipAuth) {
+                return Future<void>::makeReady();
+            }
+
             boost::optional<std::string> mechanism;
             if (!isMasterHook->saslMechsForInternalAuth().empty())
                 mechanism = isMasterHook->saslMechsForInternalAuth().front();
@@ -331,7 +335,8 @@ std::shared_ptr<ConnectionPool::ConnectionInterface> TLTypeFactory::makeConnecti
                                                hostAndPort,
                                                sslMode,
                                                generation,
-                                               _onConnectHook.get());
+                                               _onConnectHook.get(),
+                                               _connPoolOptions.skipAuthentication);
     fasten(conn.get());
     return conn;
 }
diff --git a/src/mongo/executor/connection_pool_tl.h b/src/mongo/executor/connection_pool_tl.h
index d614436c49d..31317c280ef 100644
--- a/src/mongo/executor/connection_pool_tl.h
+++ b/src/mongo/executor/connection_pool_tl.h
@@ -48,8 +48,12 @@ public:
 
     TLTypeFactory(transport::ReactorHandle reactor,
                   transport::TransportLayer* tl,
-                  std::unique_ptr<NetworkConnectionHook> onConnectHook)
-        : _reactor(std::move(reactor)), _tl(tl), _onConnectHook(std::move(onConnectHook)) {}
+                  std::unique_ptr<NetworkConnectionHook> onConnectHook,
+                  const ConnectionPool::Options& connPoolOptions)
+        : _reactor(std::move(reactor)),
+          _tl(tl),
+          _onConnectHook(std::move(onConnectHook)),
+          _connPoolOptions(connPoolOptions) {}
 
     std::shared_ptr<ConnectionPool::ConnectionInterface> makeConnection(
         const HostAndPort& hostAndPort,
@@ -71,6 +75,7 @@ private:
     transport::ReactorHandle _reactor;
     transport::TransportLayer* _tl;
     std::unique_ptr<NetworkConnectionHook> _onConnectHook;
+    const ConnectionPool::Options _connPoolOptions;
 
     mutable stdx::mutex _mutex;
     AtomicWord<bool> _inShutdown{false};
@@ -130,12 +135,14 @@ public:
                  HostAndPort peer,
                  transport::ConnectSSLMode sslMode,
                  size_t generation,
-                 NetworkConnectionHook* onConnectHook)
+                 NetworkConnectionHook* onConnectHook,
+                 bool skipAuth)
         : ConnectionInterface(generation),
           TLTypeFactory::Type(factory),
           _reactor(reactor),
           _serviceContext(serviceContext),
           _timer(factory->makeTimer()),
+          _skipAuth(skipAuth),
           _peer(std::move(peer)),
           _sslMode(sslMode),
           _onConnectHook(onConnectHook) {}
@@ -165,6 +172,7 @@ private:
     transport::ReactorHandle _reactor;
     ServiceContext* const _serviceContext;
     std::shared_ptr<ConnectionPool::TimerInterface> _timer;
+    const bool _skipAuth;
 
     HostAndPort _peer;
     transport::ConnectSSLMode _sslMode;
diff --git a/src/mongo/executor/network_interface_tl.cpp b/src/mongo/executor/network_interface_tl.cpp
index 1ad164f5c44..a760e6f120d 100644
--- a/src/mongo/executor/network_interface_tl.cpp
+++ b/src/mongo/executor/network_interface_tl.cpp
@@ -97,7 +97,7 @@ void NetworkInterfaceTL::startup() {
 
     _reactor = _tl->getReactor(transport::TransportLayer::kNewReactor);
     auto typeFactory = std::make_unique<connection_pool_tl::TLTypeFactory>(
-        _reactor, _tl, std::move(_onConnectHook));
+        _reactor, _tl, std::move(_onConnectHook), _connPoolOpts);
     _pool = std::make_unique<ConnectionPool>(
         std::move(typeFactory), std::string("NetworkInterfaceTL-") + _instanceName, _connPoolOpts);
     _ioThread = stdx::thread([this] {