From 3cc779415f2777223b5549d3dfd1b85eef01842b Mon Sep 17 00:00:00 2001 From: Gregory Wlodarek Date: Sun, 16 Aug 2020 21:10:33 -0400 Subject: Revert "SERVER-48693 Add network counter for cluster authentication" This reverts commit 24dd72daae9e4cf59ad51910058bc111f20edbff. --- jstests/ssl/auth-counters.js | 65 ++++++++++---------------------------------- 1 file changed, 15 insertions(+), 50 deletions(-) (limited to 'jstests/ssl/auth-counters.js') diff --git a/jstests/ssl/auth-counters.js b/jstests/ssl/auth-counters.js index 04274ef8578..6eaafa3735e 100644 --- a/jstests/ssl/auth-counters.js +++ b/jstests/ssl/auth-counters.js @@ -3,13 +3,11 @@ (function() { 'use strict'; -const x509 = "MONGODB-X509"; const mongod = MongoRunner.runMongod({ auth: '', tlsMode: 'requireTLS', tlsCertificateKeyFile: 'jstests/libs/server.pem', tlsCAFile: 'jstests/libs/ca.pem', - clusterAuthMode: "x509", }); const admin = mongod.getDB('admin'); const external = mongod.getDB('$external'); @@ -22,79 +20,46 @@ external.createUser({user: X509USER, roles: []}); // This test ignores counters for SCRAM-SHA-*. // For those, see jstests/auth/auth-counters.js -const expected = assert.commandWorked(admin.runCommand({serverStatus: 1})) - .security.authentication.mechanisms[x509]; +const expected = { + received: 0, + successful: 0 +}; function assertStats() { const mechStats = assert.commandWorked(admin.runCommand({serverStatus: 1})) - .security.authentication.mechanisms[x509]; - try { - assert.eq(mechStats.authenticate.received, expected.authenticate.received); - assert.eq(mechStats.authenticate.successful, expected.authenticate.successful); - assert.eq(mechStats.clusterAuthenticate.received, expected.clusterAuthenticate.received); - assert.eq(mechStats.clusterAuthenticate.successful, - expected.clusterAuthenticate.successful); - } catch (e) { - print("mechStats: " + tojson(mechStats)); - print("expected: " + tojson(expected)); - throw e; - } + .security.authentication.mechanisms['MONGODB-X509'] + .authenticate; + assert.eq(mechStats.received, expected.received); + assert.eq(mechStats.successful, expected.successful); } function assertSuccess(creds) { assert.eq(external.auth(creds), true); external.logout(); - ++expected.authenticate.received; - ++expected.authenticate.successful; + ++expected.received; + ++expected.successful; assertStats(); } function assertFailure(creds) { assert.eq(external.auth(creds), false); - ++expected.authenticate.received; - assertStats(); -} - -function assertSuccessInternal() { - assert.eq(runMongoProgram("mongo", - "--tls", - "--port", - mongod.port, - "--tlsCertificateKeyFile", - "jstests/libs/server.pem", - "--tlsCAFile", - "jstests/libs/ca.pem", - "--authenticationDatabase", - "$external", - "--authenticationMechanism", - "MONGODB-X509", - "--eval", - ";"), - 0); - ++expected.authenticate.received; - ++expected.authenticate.successful; - ++expected.clusterAuthenticate.received; - ++expected.clusterAuthenticate.successful; + ++expected.received; assertStats(); } // User from certificate should work. -assertSuccess({mechanism: x509}); +assertSuccess({mechanism: 'MONGODB-X509'}); // Explicitly named user. -assertSuccess({user: X509USER, mechanism: x509}); - -// Cluster auth counter checks. -// We can't test failures with the __system user without the handshake failing, -// which won't increment the counters. -assertSuccessInternal(); +assertSuccess({user: X509USER, mechanism: 'MONGODB-X509'}); // Fails once the user no longer exists. external.dropUser(X509USER); -assertFailure({mechanism: x509}); +assertFailure({mechanism: 'MONGODB-X509'}); const finalStats = assert.commandWorked(admin.runCommand({serverStatus: 1})).security.authentication.mechanisms; MongoRunner.stopMongod(mongod); + printjson(finalStats); })(); -- cgit v1.2.1