diff options
author | Andreas Nilsson <andreas.nilsson@10gen.com> | 2014-09-17 10:41:25 -0700 |
---|---|---|
committer | Andreas Nilsson <andreas.nilsson@10gen.com> | 2014-09-17 15:44:49 -0700 |
commit | 8e3ce6437f5ddf13eab8b256ee5ff98e5e64d410 (patch) | |
tree | 473a6efd58a1a638df8d3c0cb630a8a486e957dd /src | |
parent | dedf038860746ad0bed3a6f37ae702587933b5f8 (diff) | |
download | mongo-8e3ce6437f5ddf13eab8b256ee5ff98e5e64d410.tar.gz |
SERVER-15177 Use native SCRAM-SHA-1 for enterprise client
Diffstat (limited to 'src')
-rw-r--r-- | src/mongo/client/cyrus_sasl_client_session.cpp | 6 | ||||
-rw-r--r-- | src/mongo/client/native_sasl_client_session.cpp | 8 | ||||
-rw-r--r-- | src/mongo/client/sasl_client_authenticate_impl.cpp | 12 | ||||
-rw-r--r-- | src/mongo/client/sasl_client_session.h | 4 |
4 files changed, 25 insertions, 5 deletions
diff --git a/src/mongo/client/cyrus_sasl_client_session.cpp b/src/mongo/client/cyrus_sasl_client_session.cpp index 1c7d92c1924..98b9f25b988 100644 --- a/src/mongo/client/cyrus_sasl_client_session.cpp +++ b/src/mongo/client/cyrus_sasl_client_session.cpp @@ -30,6 +30,7 @@ #include "mongo/client/cyrus_sasl_client_session.h" #include "mongo/base/init.h" +#include "mongo/client/native_sasl_client_session.h" #include "mongo/util/allocator.h" #include "mongo/util/assert_util.h" #include "mongo/util/concurrency/mutex.h" @@ -39,7 +40,10 @@ namespace mongo { namespace { - SaslClientSession* createCyrusSaslClientSession() { + SaslClientSession* createCyrusSaslClientSession(const std::string& mech) { + if (mech == "SCRAM-SHA-1") { + return new NativeSaslClientSession(); + } return new CyrusSaslClientSession(); } diff --git a/src/mongo/client/native_sasl_client_session.cpp b/src/mongo/client/native_sasl_client_session.cpp index 57e33eb9639..bbdcef55f7c 100644 --- a/src/mongo/client/native_sasl_client_session.cpp +++ b/src/mongo/client/native_sasl_client_session.cpp @@ -38,7 +38,7 @@ namespace mongo { namespace { - SaslClientSession* createNativeSaslClientSession() { + SaslClientSession* createNativeSaslClientSession(const std::string mech) { return new NativeSaslClientSession(); } @@ -80,6 +80,12 @@ namespace { } Status NativeSaslClientSession::step(const StringData& inputData, std::string* outputData) { + if (!_saslConversation) { + return Status(ErrorCodes::BadValue, + mongoutils::str::stream() << + "The client authentication session has not been properly initialized"); + } + StatusWith<bool> status = _saslConversation->step(inputData, outputData); if (status.isOK()) { _done = status.getValue(); diff --git a/src/mongo/client/sasl_client_authenticate_impl.cpp b/src/mongo/client/sasl_client_authenticate_impl.cpp index dd779a36884..95be07732d5 100644 --- a/src/mongo/client/sasl_client_authenticate_impl.cpp +++ b/src/mongo/client/sasl_client_authenticate_impl.cpp @@ -196,8 +196,16 @@ namespace { return ex.toStatus(); } - boost::scoped_ptr<SaslClientSession> session(SaslClientSession::create()); - Status status = configureSession(session.get(), client, targetDatabase, saslParameters); + std::string mechanism; + Status status = bsonExtractStringField(saslParameters, + saslCommandMechanismFieldName, + &mechanism); + if(!status.isOK()) { + return status; + } + + boost::scoped_ptr<SaslClientSession> session(SaslClientSession::create(mechanism)); + status = configureSession(session.get(), client, targetDatabase, saslParameters); if (!status.isOK()) return status; diff --git a/src/mongo/client/sasl_client_session.h b/src/mongo/client/sasl_client_session.h index 8f06bcbe6ab..69f012b6b11 100644 --- a/src/mongo/client/sasl_client_session.h +++ b/src/mongo/client/sasl_client_session.h @@ -25,6 +25,8 @@ * then also delete it in the license file. */ +#pragma once + #include <boost/scoped_array.hpp> #include <string> @@ -52,7 +54,7 @@ namespace mongo { class MONGO_CLIENT_API SaslClientSession { MONGO_DISALLOW_COPYING(SaslClientSession); public: - typedef stdx::function<SaslClientSession* ()> SaslClientSessionFactoryFn; + typedef stdx::function<SaslClientSession* (const std::string&)> SaslClientSessionFactoryFn; static SaslClientSessionFactoryFn create; /** |