diff options
author | Mark Benvenuto <mark.benvenuto@mongodb.com> | 2020-12-10 19:59:08 -0500 |
---|---|---|
committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2020-12-11 03:25:30 +0000 |
commit | 19ed9c958b369bd7e1776a57bd406ebe84cf2bec (patch) | |
tree | 92feec2a6104e28a340d2a8469220dbda4635a9f /src/mongo/util/net/ssl_manager.cpp | |
parent | dc77c3d344443071783d7098e75d2379bc749be3 (diff) | |
download | mongo-19ed9c958b369bd7e1776a57bd406ebe84cf2bec.tar.gz |
SERVER-52945 Make mongod use x509 auth on egress connections if NetworkInterface has SSLConnectionContext override even if other egress connections use keyFile auth
Diffstat (limited to 'src/mongo/util/net/ssl_manager.cpp')
-rw-r--r-- | src/mongo/util/net/ssl_manager.cpp | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp index 39228cdfb8c..d80d882fe87 100644 --- a/src/mongo/util/net/ssl_manager.cpp +++ b/src/mongo/util/net/ssl_manager.cpp @@ -372,11 +372,8 @@ void SSLManagerCoordinator::rotate() { int clusterAuthMode = serverGlobalParams.clusterAuthMode.load(); if (clusterAuthMode == ServerGlobalParams::ClusterAuthMode_x509 || clusterAuthMode == ServerGlobalParams::ClusterAuthMode_sendX509) { - auth::setInternalUserAuthParams( - BSON(saslCommandMechanismFieldName - << "MONGODB-X509" << saslCommandUserDBFieldName << "$external" - << saslCommandUserFieldName - << manager->getSSLConfiguration().clientSubjectName.toString())); + auth::setInternalUserAuthParams(auth::createInternalX509AuthDocument( + StringData(manager->getSSLConfiguration().clientSubjectName.toString()))); } auto tl = getGlobalServiceContext()->getTransportLayer(); |