diff options
Diffstat (limited to 'src/mongo/db/repl')
| -rw-r--r-- | src/mongo/db/repl/SConscript | 7 | ||||
| -rw-r--r-- | src/mongo/db/repl/hello_auth.cpp (renamed from src/mongo/db/repl/speculative_auth.cpp) | 16 | ||||
| -rw-r--r-- | src/mongo/db/repl/hello_auth.h (renamed from src/mongo/db/repl/speculative_auth.h) | 8 | ||||
| -rw-r--r-- | src/mongo/db/repl/replication_info.cpp | 8 |
4 files changed, 25 insertions, 14 deletions
diff --git a/src/mongo/db/repl/SConscript b/src/mongo/db/repl/SConscript index 21297ac713b..f1bd3d9f41e 100644 --- a/src/mongo/db/repl/SConscript +++ b/src/mongo/db/repl/SConscript @@ -1247,9 +1247,9 @@ env.Library( ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/commands/server_status', - '$BUILD_DIR/mongo/db/repl/speculative_authenticate', '$BUILD_DIR/mongo/db/stats/counters', '$BUILD_DIR/mongo/transport/message_compressor', + 'hello_auth', 'primary_only_service', 'replication_auth', 'split_horizon', @@ -1726,13 +1726,14 @@ env.Library( ) env.Library( - target='speculative_authenticate', + target='hello_auth', source=[ - 'speculative_auth.cpp', + 'hello_auth.cpp', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/db/auth/authservercommon', + '$BUILD_DIR/mongo/db/stats/counters', ], ) diff --git a/src/mongo/db/repl/speculative_auth.cpp b/src/mongo/db/repl/hello_auth.cpp index 1ca13230ae7..8c0c7ab8787 100644 --- a/src/mongo/db/repl/speculative_auth.cpp +++ b/src/mongo/db/repl/hello_auth.cpp @@ -27,16 +27,28 @@ * it in the license file. */ -#include "mongo/db/repl/speculative_auth.h" +#include "mongo/db/repl/hello_auth.h" #include "mongo/client/authenticate.h" #include "mongo/db/auth/sasl_command_constants.h" #include "mongo/db/auth/sasl_commands.h" +#include "mongo/db/auth/sasl_mechanism_registry.h" #include "mongo/db/commands/authentication_commands.h" +#include "mongo/db/stats/counters.h" namespace mongo { -void handleHelloSpeculativeAuth(OperationContext* opCtx, BSONObj cmdObj, BSONObjBuilder* result) { +void handleHelloAuth(OperationContext* opCtx, BSONObj cmdObj, BSONObjBuilder* result) { + auto ssme = cmdObj[auth::kSaslSupportedMechanisms]; + if (ssme.type() == BSONType::String) { + UserName userName = uassertStatusOK(UserName::parse(ssme.String())); + + authCounter.incSaslSupportedMechanismsReceived(); + + auto& saslMechanismRegistry = SASLServerMechanismRegistry::get(opCtx->getServiceContext()); + saslMechanismRegistry.advertiseMechanismNamesForUser(opCtx, userName, result); + } + auto sae = cmdObj[auth::kSpeculativeAuthenticate]; if (sae.eoo()) { return; diff --git a/src/mongo/db/repl/speculative_auth.h b/src/mongo/db/repl/hello_auth.h index b9656b6faeb..1ec1b4d1658 100644 --- a/src/mongo/db/repl/speculative_auth.h +++ b/src/mongo/db/repl/hello_auth.h @@ -36,9 +36,11 @@ namespace mongo { /** - * Check a hello sent to mongod in ReplSet mode or mongos for "speculativeAuthenticate". - * If present, dispatch to saslStart or authenticate commands as appropriate. + * Check a hello request for "saslSupportedMechs" or "speculativeAuthenticate". + * + * This will attach supported mechanisms or invoke the behavior of saslStart/authenticate commands + * as appropriate. */ -void handleHelloSpeculativeAuth(OperationContext* opCtx, BSONObj cmdObj, BSONObjBuilder* result); +void handleHelloAuth(OperationContext* opCtx, BSONObj cmdObj, BSONObjBuilder* result); } // namespace mongo diff --git a/src/mongo/db/repl/replication_info.cpp b/src/mongo/db/repl/replication_info.cpp index a26c1975843..7c051a60ebd 100644 --- a/src/mongo/db/repl/replication_info.cpp +++ b/src/mongo/db/repl/replication_info.cpp @@ -37,7 +37,6 @@ #include "mongo/bson/util/bson_extract.h" #include "mongo/client/connpool.h" #include "mongo/client/dbclient_connection.h" -#include "mongo/db/auth/sasl_mechanism_registry.h" #include "mongo/db/client.h" #include "mongo/db/commands/server_status.h" #include "mongo/db/curop.h" @@ -50,12 +49,12 @@ #include "mongo/db/namespace_string.h" #include "mongo/db/ops/write_ops.h" #include "mongo/db/query/internal_plans.h" +#include "mongo/db/repl/hello_auth.h" #include "mongo/db/repl/hello_response.h" #include "mongo/db/repl/primary_only_service.h" #include "mongo/db/repl/replication_auth.h" #include "mongo/db/repl/replication_coordinator.h" #include "mongo/db/repl/replication_process.h" -#include "mongo/db/repl/speculative_auth.h" #include "mongo/db/repl/storage_interface.h" #include "mongo/db/storage/storage_options.h" #include "mongo/db/wire_version.h" @@ -479,9 +478,6 @@ public: .serverNegotiate(cmdObj, &result); } - auto& saslMechanismRegistry = SASLServerMechanismRegistry::get(opCtx->getServiceContext()); - saslMechanismRegistry.advertiseMechanismNamesForUser(opCtx, cmdObj, &result); - if (opCtx->isExhaust()) { LOGV2_DEBUG(23905, 3, "Using exhaust for isMaster or hello protocol"); @@ -513,7 +509,7 @@ public: } } - handleHelloSpeculativeAuth(opCtx, cmdObj, &result); + handleHelloAuth(opCtx, cmdObj, &result); return true; } |