diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/mongo/client/SConscript | 1 | ||||
-rw-r--r-- | src/mongo/client/dbclient.cpp | 22 | ||||
-rw-r--r-- | src/mongo/client/dbclientinterface.h | 7 | ||||
-rw-r--r-- | src/mongo/db/auth/SConscript | 2 | ||||
-rw-r--r-- | src/mongo/db/auth/internal_user_auth.cpp | 21 | ||||
-rw-r--r-- | src/mongo/db/auth/internal_user_auth.h | 8 | ||||
-rw-r--r-- | src/mongo/db/cloner.cpp | 2 | ||||
-rw-r--r-- | src/mongo/db/repl/isself.cpp | 2 | ||||
-rw-r--r-- | src/mongo/db/repl/oplogreader.cpp | 2 | ||||
-rw-r--r-- | src/mongo/db/repl/sync_source_feedback.cpp | 2 | ||||
-rw-r--r-- | src/mongo/s/client/sharding_connection_hook.cpp | 2 |
11 files changed, 35 insertions, 36 deletions
diff --git a/src/mongo/client/SConscript b/src/mongo/client/SConscript index 63efb1c4f5b..7029667ffc6 100644 --- a/src/mongo/client/SConscript +++ b/src/mongo/client/SConscript @@ -130,6 +130,7 @@ env.Library( 'syncclusterconnection.cpp', ], LIBDEPS=[ + '$BUILD_DIR/mongo/db/auth/authcommon', '$BUILD_DIR/mongo/db/dbmessage', '$BUILD_DIR/mongo/rpc/command_status', '$BUILD_DIR/mongo/rpc/rpc', diff --git a/src/mongo/client/dbclient.cpp b/src/mongo/client/dbclient.cpp index 03bf154e9d9..53131c188a1 100644 --- a/src/mongo/client/dbclient.cpp +++ b/src/mongo/client/dbclient.cpp @@ -42,8 +42,10 @@ #include "mongo/client/dbclientinterface.h" #include "mongo/client/replica_set_monitor.h" #include "mongo/config.h" +#include "mongo/db/auth/internal_user_auth.h" #include "mongo/db/json.h" #include "mongo/db/namespace_string.h" +#include "mongo/db/server_options.h" #include "mongo/db/wire_version.h" #include "mongo/executor/remote_command_request.h" #include "mongo/executor/remote_command_response.h" @@ -557,6 +559,26 @@ void DBClientWithCommands::_auth(const BSONObj& params) { }); } +bool DBClientWithCommands::authenticateInternalUser() { + if (!isInternalAuthSet()) { + if (!serverGlobalParams.quiet) { + log() << "ERROR: No authentication parameters set for internal user"; + } + return false; + } + + try { + auth(getInternalUserAuthParamsWithFallback()); + return true; + } catch (const UserException& ex) { + if (!serverGlobalParams.quiet) { + log() << "can't authenticate to " << toString() + << " as internal user, error: " << ex.what(); + } + return false; + } +} + void DBClientWithCommands::auth(const BSONObj& params) { _auth(params); } diff --git a/src/mongo/client/dbclientinterface.h b/src/mongo/client/dbclientinterface.h index e4f90c82dea..670b60fb7b9 100644 --- a/src/mongo/client/dbclientinterface.h +++ b/src/mongo/client/dbclientinterface.h @@ -574,6 +574,13 @@ public: int options = 0); /** + * Authenticates to another cluster member using appropriate authentication data. + * Uses getInternalUserAuthParams() to retrive authentication parameters. + * @return true if the authentication was succesful + */ + bool authenticateInternalUser(); + + /** * Authenticate a user. * * The "params" BSONObj should be initialized with some of the fields below. Which fields diff --git a/src/mongo/db/auth/SConscript b/src/mongo/db/auth/SConscript index 35e0228e737..d5c41e4c8fb 100644 --- a/src/mongo/db/auth/SConscript +++ b/src/mongo/db/auth/SConscript @@ -46,8 +46,6 @@ env.Library('authcommon', '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/bson/mutable/mutable_bson', '$BUILD_DIR/mongo/bson/util/bson_extract', - '$BUILD_DIR/mongo/client/clientdriver', - '$BUILD_DIR/mongo/db/server_options_core', ]) env.Library('authorization_manager_global', diff --git a/src/mongo/db/auth/internal_user_auth.cpp b/src/mongo/db/auth/internal_user_auth.cpp index 8d00592734d..77d01a31b58 100644 --- a/src/mongo/db/auth/internal_user_auth.cpp +++ b/src/mongo/db/auth/internal_user_auth.cpp @@ -34,8 +34,6 @@ #include "mongo/bson/mutable/document.h" #include "mongo/bson/mutable/element.h" -#include "mongo/client/dbclientinterface.h" -#include "mongo/db/server_options.h" #include "mongo/util/log.h" namespace mongo { @@ -87,23 +85,4 @@ BSONObj getInternalUserAuthParamsWithFallback() { return authParams.copy(); } -bool authenticateInternalUser(DBClientWithCommands* conn) { - if (!isInternalAuthSet()) { - if (!serverGlobalParams.quiet) { - log() << "ERROR: No authentication parameters set for internal user"; - } - return false; - } - - try { - conn->auth(getInternalUserAuthParamsWithFallback()); - return true; - } catch (const UserException& ex) { - if (!serverGlobalParams.quiet) { - log() << "can't authenticate to " << conn->toString() - << " as internal user, error: " << ex.what(); - } - return false; - } -} } // namespace mongo diff --git a/src/mongo/db/auth/internal_user_auth.h b/src/mongo/db/auth/internal_user_auth.h index cff260f1bf4..6bec9404985 100644 --- a/src/mongo/db/auth/internal_user_auth.h +++ b/src/mongo/db/auth/internal_user_auth.h @@ -30,7 +30,6 @@ namespace mongo { class BSONObj; -class DBClientWithCommands; /** * @return true if internal authentication parameters has been set up @@ -53,11 +52,4 @@ void setInternalUserAuthParams(const BSONObj& authParamsIn); * returned. **/ BSONObj getInternalUserAuthParamsWithFallback(); - -/** -* Authenticates to another cluster member using appropriate authentication data. -* Uses getInternalUserAuthParams() to retrive authentication parameters. -* @return true if the authentication was succesful -*/ -bool authenticateInternalUser(DBClientWithCommands* conn); } // namespace mongo diff --git a/src/mongo/db/cloner.cpp b/src/mongo/db/cloner.cpp index ed20360dbd7..04b53a8ed1b 100644 --- a/src/mongo/db/cloner.cpp +++ b/src/mongo/db/cloner.cpp @@ -506,7 +506,7 @@ Status Cloner::copyDb(OperationContext* txn, } if (getGlobalAuthorizationManager()->isAuthEnabled() && - !authenticateInternalUser(con.get())) { + !con->authenticateInternalUser()) { return Status(ErrorCodes::AuthenticationFailed, "Unable to authenticate as internal user"); } diff --git a/src/mongo/db/repl/isself.cpp b/src/mongo/db/repl/isself.cpp index 39ddfbc037f..a4fc217481d 100644 --- a/src/mongo/db/repl/isself.cpp +++ b/src/mongo/db/repl/isself.cpp @@ -203,7 +203,7 @@ bool isSelf(const HostAndPort& hostAndPort) { } if (getGlobalAuthorizationManager()->isAuthEnabled() && isInternalAuthSet()) { - if (!authenticateInternalUser(&conn)) { + if (!conn.authenticateInternalUser()) { return false; } } diff --git a/src/mongo/db/repl/oplogreader.cpp b/src/mongo/db/repl/oplogreader.cpp index 0a94ba73e87..1332e6f7542 100644 --- a/src/mongo/db/repl/oplogreader.cpp +++ b/src/mongo/db/repl/oplogreader.cpp @@ -73,7 +73,7 @@ bool replAuthenticate(DBClientBase* conn) { if (!isInternalAuthSet()) return false; - return authenticateInternalUser(conn); + return conn->authenticateInternalUser(); } const Seconds OplogReader::kSocketTimeout(30); diff --git a/src/mongo/db/repl/sync_source_feedback.cpp b/src/mongo/db/repl/sync_source_feedback.cpp index b8e137810c0..74450f5ac32 100644 --- a/src/mongo/db/repl/sync_source_feedback.cpp +++ b/src/mongo/db/repl/sync_source_feedback.cpp @@ -71,7 +71,7 @@ bool SyncSourceFeedback::replAuthenticate() { if (!isInternalAuthSet()) return false; - return authenticateInternalUser(_connection.get()); + return _connection->authenticateInternalUser(); } bool SyncSourceFeedback::_connect(OperationContext* txn, const HostAndPort& host) { diff --git a/src/mongo/s/client/sharding_connection_hook.cpp b/src/mongo/s/client/sharding_connection_hook.cpp index 176491f198a..db1458abb10 100644 --- a/src/mongo/s/client/sharding_connection_hook.cpp +++ b/src/mongo/s/client/sharding_connection_hook.cpp @@ -58,7 +58,7 @@ void ShardingConnectionHook::onCreate(DBClientBase* conn) { if (getGlobalAuthorizationManager()->isAuthEnabled()) { LOG(2) << "calling onCreate auth for " << conn->toString(); - bool result = authenticateInternalUser(conn); + bool result = conn->authenticateInternalUser(); uassert(15847, str::stream() << "can't authenticate to server " << conn->getServerAddress(), |