diff options
Diffstat (limited to 'src/mongo/client/authenticate.cpp')
| -rw-r--r-- | src/mongo/client/authenticate.cpp | 90 |
1 files changed, 4 insertions, 86 deletions
diff --git a/src/mongo/client/authenticate.cpp b/src/mongo/client/authenticate.cpp index 410caff4aae..fcfc5570713 100644 --- a/src/mongo/client/authenticate.cpp +++ b/src/mongo/client/authenticate.cpp @@ -86,92 +86,8 @@ StatusWith<std::string> extractDBField(const BSONObj& params) { // MONGODB-CR // -AuthRequest createMongoCRGetNonceCmd(const BSONObj& params) { - auto db = extractDBField(params); - if (!db.isOK()) - return std::move(db.getStatus()); - - auto request = RemoteCommandRequest(); - request.cmdObj = kGetNonceCmd; - request.dbname = db.getValue(); - - return std::move(request); -} - -AuthRequest createMongoCRAuthenticateCmd(const BSONObj& params, StringData nonce) { - std::string username; - auto response = bsonExtractStringField(params, saslCommandUserFieldName, &username); - if (!response.isOK()) - return response; - - std::string password; - response = bsonExtractStringField(params, saslCommandPasswordFieldName, &password); - if (!response.isOK()) - return response; - - bool shouldDigest; - response = bsonExtractBooleanFieldWithDefault( - params, saslCommandDigestPasswordFieldName, true, &shouldDigest); - if (!response.isOK()) - return response; - - std::string digested = password; - if (shouldDigest) - digested = createPasswordDigest(username, password); - - auto db = extractDBField(params); - if (!db.isOK()) - return std::move(db.getStatus()); - - auto request = RemoteCommandRequest(); - request.dbname = db.getValue(); - - BSONObjBuilder b; - { - b << "authenticate" << 1 << "nonce" << nonce << "user" << username; - md5digest d; - { - md5_state_t st; - md5_init(&st); - md5_append(&st, reinterpret_cast<const md5_byte_t*>(nonce.rawData()), nonce.size()); - md5_append(&st, reinterpret_cast<const md5_byte_t*>(username.c_str()), username.size()); - md5_append(&st, reinterpret_cast<const md5_byte_t*>(digested.c_str()), digested.size()); - md5_finish(&st, d); - } - b << "key" << digestToString(d); - request.cmdObj = b.obj(); - } - return std::move(request); -} - -void authMongoCR(RunCommandHook runCommand, const BSONObj& params, AuthCompletionHandler handler) { - invariant(runCommand); - invariant(handler); - - // Step 1: send getnonce command, receive nonce - auto nonceRequest = createMongoCRGetNonceCmd(params); - if (!nonceRequest.isOK()) - return handler(std::move(nonceRequest.getStatus())); - - runCommand(nonceRequest.getValue(), [runCommand, params, handler](AuthResponse response) { - if (!response.isOK()) - return handler(std::move(response)); - - // Ensure response was valid - std::string nonce; - BSONObj nonceResponse = response.data; - auto valid = bsonExtractStringField(nonceResponse, "nonce", &nonce); - if (!valid.isOK()) - return handler({ErrorCodes::AuthenticationFailed, - "Invalid nonce response: " + nonceResponse.toString()}); - - // Step 2: send authenticate command, receive response - auto authRequest = createMongoCRAuthenticateCmd(params, nonce); - if (!authRequest.isOK()) - return handler(std::move(authRequest.getStatus())); - - runCommand(authRequest.getValue(), handler); - }); +void authMongoCRImpl(RunCommandHook cmd, const BSONObj& params, AuthCompletionHandler handler) { + handler({ErrorCodes::AuthenticationFailed, "MONGODB-CR support was removed in MongoDB 3.8"}); } // @@ -293,6 +209,8 @@ void asyncAuth(RunCommandHook runCommand, } // namespace +AuthMongoCRHandler authMongoCR = authMongoCRImpl; + void authenticateClient(const BSONObj& params, const HostAndPort& hostname, StringData clientName, |