diff options
author | Jack Mulrow <jack.mulrow@mongodb.com> | 2017-03-28 10:32:30 -0400 |
---|---|---|
committer | Jack Mulrow <jack.mulrow@mongodb.com> | 2017-03-30 14:15:39 -0400 |
commit | 325486685538d00adbd61f868c239b3ecc6938c6 (patch) | |
tree | a6f0e7679ebba871e5644ee3c2703ef05f974b9d /src/mongo | |
parent | ba1fa56004826b42bd8fa7d5b5a0c78fc1b57af9 (diff) | |
download | mongo-325486685538d00adbd61f868c239b3ecc6938c6.tar.gz |
SERVER-28432 Move key management out from TimeProofService
Diffstat (limited to 'src/mongo')
-rw-r--r-- | src/mongo/db/db.cpp | 4 | ||||
-rw-r--r-- | src/mongo/db/logical_clock.cpp | 4 | ||||
-rw-r--r-- | src/mongo/db/logical_clock.h | 8 | ||||
-rw-r--r-- | src/mongo/db/logical_clock_test.cpp | 17 | ||||
-rw-r--r-- | src/mongo/db/logical_clock_test_fixture.cpp | 4 | ||||
-rw-r--r-- | src/mongo/db/logical_time_test.cpp | 8 | ||||
-rw-r--r-- | src/mongo/db/repl/replication_coordinator_test_fixture.cpp | 4 | ||||
-rw-r--r-- | src/mongo/db/service_context_d_test_fixture.cpp | 4 | ||||
-rw-r--r-- | src/mongo/db/time_proof_service.cpp | 11 | ||||
-rw-r--r-- | src/mongo/db/time_proof_service.h | 9 | ||||
-rw-r--r-- | src/mongo/db/time_proof_service_test.cpp | 17 | ||||
-rw-r--r-- | src/mongo/dbtests/dbtests.cpp | 4 | ||||
-rw-r--r-- | src/mongo/s/server.cpp | 4 |
13 files changed, 42 insertions, 56 deletions
diff --git a/src/mongo/db/db.cpp b/src/mongo/db/db.cpp index 07d790b9a48..7a4aa4a1b18 100644 --- a/src/mongo/db/db.cpp +++ b/src/mongo/db/db.cpp @@ -894,9 +894,7 @@ MONGO_INITIALIZER_WITH_PREREQUISITES(CreateReplicationManager, topoCoordOptions.maxSyncSourceLagSecs = Seconds(repl::maxSyncSourceLagSecs); topoCoordOptions.clusterRole = serverGlobalParams.clusterRole; - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - auto timeProofService = stdx::make_unique<TimeProofService>(std::move(key)); + auto timeProofService = stdx::make_unique<TimeProofService>(); auto logicalClock = stdx::make_unique<LogicalClock>(serviceContext, std::move(timeProofService)); LogicalClock::set(serviceContext, std::move(logicalClock)); diff --git a/src/mongo/db/logical_clock.cpp b/src/mongo/db/logical_clock.cpp index 32e0b22184e..6f0e4c55574 100644 --- a/src/mongo/db/logical_clock.cpp +++ b/src/mongo/db/logical_clock.cpp @@ -95,7 +95,7 @@ SignedLogicalTime LogicalClock::getClusterTime() { SignedLogicalTime LogicalClock::_makeSignedLogicalTime(LogicalTime logicalTime) { // TODO: SERVER-28436 Implement KeysCollectionManager // Replace dummy keyId with real id from key manager. - return SignedLogicalTime(logicalTime, _timeProofService->getProof(logicalTime), 0); + return SignedLogicalTime(logicalTime, _timeProofService->getProof(logicalTime, _tempKey), 0); } Status LogicalClock::advanceClusterTime(const SignedLogicalTime& newTime) { @@ -107,7 +107,7 @@ Status LogicalClock::advanceClusterTime(const SignedLogicalTime& newTime) { } invariant(_timeProofService); - auto res = _timeProofService->checkProof(newLogicalTime, newTime.getProof()); + auto res = _timeProofService->checkProof(newLogicalTime, newTime.getProof(), _tempKey); if (res != Status::OK()) { return res; } diff --git a/src/mongo/db/logical_clock.h b/src/mongo/db/logical_clock.h index aabe9a07c89..06562c92719 100644 --- a/src/mongo/db/logical_clock.h +++ b/src/mongo/db/logical_clock.h @@ -115,6 +115,14 @@ private: // the mutex protects _clusterTime stdx::mutex _mutex; SignedLogicalTime _clusterTime; + + /** + * Temporary key only used for unit tests. + * + * TODO: SERVER-28436 Implement KeysCollectionManager + * Remove _tempKey and its uses from logical clock, and pass actual key from key manager. + */ + TimeProofService::Key _tempKey = {}; }; } // namespace mongo diff --git a/src/mongo/db/logical_clock_test.cpp b/src/mongo/db/logical_clock_test.cpp index 156232fc386..98c600a1421 100644 --- a/src/mongo/db/logical_clock_test.cpp +++ b/src/mongo/db/logical_clock_test.cpp @@ -46,9 +46,7 @@ class LogicalClockTestBase : public unittest::Test { protected: void setUp() { _serviceContext = stdx::make_unique<ServiceContextNoop>(); - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - auto pTps = stdx::make_unique<TimeProofService>(std::move(key)); + auto pTps = stdx::make_unique<TimeProofService>(); _timeProofService = pTps.get(); _clock = stdx::make_unique<LogicalClock>(_serviceContext.get(), std::move(pTps)); } @@ -63,7 +61,8 @@ protected: } SignedLogicalTime makeSignedLogicalTime(LogicalTime logicalTime) { - return SignedLogicalTime(logicalTime, _timeProofService->getProof(logicalTime), 0); + TimeProofService::Key key = {}; + return SignedLogicalTime(logicalTime, _timeProofService->getProof(logicalTime, key), 0); } const unsigned currentWallClockSecs() { @@ -79,17 +78,11 @@ private: // Check that the initial time does not change during logicalClock creation. TEST_F(LogicalClockTestBase, roundtrip) { - // Create different logicalClock instance to validate that the initial time is preserved. - ServiceContextNoop serviceContext; Timestamp tX(1); - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - auto pTps = stdx::make_unique<TimeProofService>(std::move(key)); auto time = LogicalTime(tX); - LogicalClock logicalClock(&serviceContext, std::move(pTps)); - logicalClock.initClusterTimeFromTrustedSource(time); - auto storedTime(logicalClock.getClusterTime()); + getClock()->initClusterTimeFromTrustedSource(time); + auto storedTime(getClock()->getClusterTime()); ASSERT_TRUE(storedTime.getTime() == time); } diff --git a/src/mongo/db/logical_clock_test_fixture.cpp b/src/mongo/db/logical_clock_test_fixture.cpp index 618da867ee1..6f5860b7a66 100644 --- a/src/mongo/db/logical_clock_test_fixture.cpp +++ b/src/mongo/db/logical_clock_test_fixture.cpp @@ -40,9 +40,7 @@ namespace mongo { void LogicalClockTest::setUp() { auto service = getGlobalServiceContext(); - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - auto timeProofService = stdx::make_unique<TimeProofService>(std::move(key)); + auto timeProofService = stdx::make_unique<TimeProofService>(); auto logicalClock = stdx::make_unique<LogicalClock>(service, std::move(timeProofService)); LogicalClock::set(service, std::move(logicalClock)); } diff --git a/src/mongo/db/logical_time_test.cpp b/src/mongo/db/logical_time_test.cpp index b55d4fee950..ed738cc20d6 100644 --- a/src/mongo/db/logical_time_test.cpp +++ b/src/mongo/db/logical_time_test.cpp @@ -107,12 +107,10 @@ TEST(LogicalTime, toUnsignedArray) { TEST(SignedLogicalTime, roundtrip) { Timestamp tX(1); - - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - TimeProofService tps(std::move(key)); + TimeProofService tps; + TimeProofService::Key key = {}; auto time = LogicalTime(tX); - auto proof = tps.getProof(time); + auto proof = tps.getProof(time, key); long long keyId = 1; diff --git a/src/mongo/db/repl/replication_coordinator_test_fixture.cpp b/src/mongo/db/repl/replication_coordinator_test_fixture.cpp index 93c3a564a93..21fe828ee95 100644 --- a/src/mongo/db/repl/replication_coordinator_test_fixture.cpp +++ b/src/mongo/db/repl/replication_coordinator_test_fixture.cpp @@ -122,9 +122,7 @@ void ReplCoordTest::init() { // PRNG seed for tests. const int64_t seed = 0; - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - auto timeProofService = stdx::make_unique<TimeProofService>(std::move(key)); + auto timeProofService = stdx::make_unique<TimeProofService>(); auto logicalClock = stdx::make_unique<LogicalClock>(service, std::move(timeProofService)); LogicalClock::set(service, std::move(logicalClock)); diff --git a/src/mongo/db/service_context_d_test_fixture.cpp b/src/mongo/db/service_context_d_test_fixture.cpp index 3ea54ecf2d6..b90d58fb72a 100644 --- a/src/mongo/db/service_context_d_test_fixture.cpp +++ b/src/mongo/db/service_context_d_test_fixture.cpp @@ -55,9 +55,7 @@ void ServiceContextMongoDTest::setUp() { Client::initThread(getThreadName()); ServiceContext* serviceContext = getServiceContext(); - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - auto timeProofService = stdx::make_unique<TimeProofService>(std::move(key)); + auto timeProofService = stdx::make_unique<TimeProofService>(); auto logicalClock = stdx::make_unique<LogicalClock>(serviceContext, std::move(timeProofService)); LogicalClock::set(serviceContext, std::move(logicalClock)); diff --git a/src/mongo/db/time_proof_service.cpp b/src/mongo/db/time_proof_service.cpp index 1d0d6c0b46b..38b63a3af63 100644 --- a/src/mongo/db/time_proof_service.cpp +++ b/src/mongo/db/time_proof_service.cpp @@ -48,14 +48,17 @@ TimeProofService::Key TimeProofService::generateRandomKey() { SHA1Block::kHashLength)); } -TimeProofService::TimeProof TimeProofService::getProof(const LogicalTime& time) const { +TimeProofService::TimeProof TimeProofService::getProof(const LogicalTime& time, + const Key& key) const { auto unsignedTimeArray = time.toUnsignedArray(); return SHA1Block::computeHmac( - _key.data(), _key.size(), unsignedTimeArray.data(), unsignedTimeArray.size()); + key.data(), key.size(), unsignedTimeArray.data(), unsignedTimeArray.size()); } -Status TimeProofService::checkProof(const LogicalTime& time, const TimeProof& proof) const { - auto myProof = getProof(time); +Status TimeProofService::checkProof(const LogicalTime& time, + const TimeProof& proof, + const Key& key) const { + auto myProof = getProof(time, key); if (myProof != proof) { return Status(ErrorCodes::TimeProofMismatch, "Proof does not match the logical time"); } diff --git a/src/mongo/db/time_proof_service.h b/src/mongo/db/time_proof_service.h index 2157523f6fc..a0a297379e0 100644 --- a/src/mongo/db/time_proof_service.h +++ b/src/mongo/db/time_proof_service.h @@ -46,7 +46,7 @@ public: using TimeProof = SHA1Block; using Key = SHA1Block; - TimeProofService(Key key) : _key(std::move(key)) {} + TimeProofService() = default; /** * Generates a pseudorandom key to be used for HMAC authentication. @@ -56,15 +56,12 @@ public: /** * Returns the proof matching the time argument. */ - TimeProof getProof(const LogicalTime& time) const; + TimeProof getProof(const LogicalTime& time, const Key& key) const; /** * Verifies that the proof matches the time argument. */ - Status checkProof(const LogicalTime& time, const TimeProof& proof) const; - -private: - Key _key; + Status checkProof(const LogicalTime& time, const TimeProof& proof, const Key& key) const; }; } // namespace mongo diff --git a/src/mongo/db/time_proof_service_test.cpp b/src/mongo/db/time_proof_service_test.cpp index 6c4a8d51256..19c35ef05c0 100644 --- a/src/mongo/db/time_proof_service_test.cpp +++ b/src/mongo/db/time_proof_service_test.cpp @@ -38,28 +38,27 @@ namespace { using TimeProof = TimeProofService::TimeProof; +const TimeProofService::Key key = {}; + // Verifies logical time with proof signed with the correct key. TEST(TimeProofService, VerifyLogicalTimeWithValidProof) { - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - TimeProofService timeProofService(std::move(key)); + TimeProofService timeProofService; LogicalTime time(Timestamp(1)); - TimeProof proof = timeProofService.getProof(time); + TimeProof proof = timeProofService.getProof(time, key); - ASSERT_OK(timeProofService.checkProof(time, proof)); + ASSERT_OK(timeProofService.checkProof(time, proof, key)); } // Fails for logical time with proof signed with an invalid key. TEST(TimeProofService, LogicalTimeWithMismatchingProofShouldFail) { - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - TimeProofService timeProofService(std::move(key)); + TimeProofService timeProofService; LogicalTime time(Timestamp(1)); TimeProof invalidProof = {{1, 2, 3}}; - ASSERT_EQUALS(ErrorCodes::TimeProofMismatch, timeProofService.checkProof(time, invalidProof)); + ASSERT_EQUALS(ErrorCodes::TimeProofMismatch, + timeProofService.checkProof(time, invalidProof, key)); } } // unnamed namespace diff --git a/src/mongo/dbtests/dbtests.cpp b/src/mongo/dbtests/dbtests.cpp index 1ad9c0f8d2d..2f54eb7d1ae 100644 --- a/src/mongo/dbtests/dbtests.cpp +++ b/src/mongo/dbtests/dbtests.cpp @@ -132,9 +132,7 @@ int dbtestsMain(int argc, char** argv, char** envp) { replSettings.setOplogSizeBytes(10 * 1024 * 1024); ServiceContext* service = getGlobalServiceContext(); - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - auto timeProofService = stdx::make_unique<TimeProofService>(std::move(key)); + auto timeProofService = stdx::make_unique<TimeProofService>(); auto logicalClock = stdx::make_unique<LogicalClock>(service, std::move(timeProofService)); LogicalClock::set(service, std::move(logicalClock)); diff --git a/src/mongo/s/server.cpp b/src/mongo/s/server.cpp index 8e6ea2edefd..21665ef726b 100644 --- a/src/mongo/s/server.cpp +++ b/src/mongo/s/server.cpp @@ -288,9 +288,7 @@ static ExitCode runMongosServer() { auto opCtx = cc().makeOperationContext(); - std::array<std::uint8_t, 20> tempKey = {}; - TimeProofService::Key key(std::move(tempKey)); - auto timeProofService = stdx::make_unique<TimeProofService>(std::move(key)); + auto timeProofService = stdx::make_unique<TimeProofService>(); auto logicalClock = stdx::make_unique<LogicalClock>(opCtx->getServiceContext(), std::move(timeProofService)); LogicalClock::set(opCtx->getServiceContext(), std::move(logicalClock)); |