From bb07fbf41d8c9b26cd730cdd9db24c42e90b0ddc Mon Sep 17 00:00:00 2001 From: Jonathan Reams Date: Tue, 10 Sep 2019 14:47:16 +0000 Subject: SERVER-41246 Thread ServiceContext through SaslMechanismFactory --- src/mongo/db/auth/sasl_authentication_session_test.cpp | 2 +- src/mongo/db/auth/sasl_mechanism_registry.cpp | 7 ++++--- src/mongo/db/auth/sasl_mechanism_registry.h | 13 +++++++++++-- src/mongo/db/auth/sasl_mechanism_registry_test.cpp | 15 ++++++++++++--- src/mongo/db/auth/sasl_plain_server_conversation.h | 1 + src/mongo/db/auth/sasl_scram_server_conversation.h | 1 + 6 files changed, 30 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/src/mongo/db/auth/sasl_authentication_session_test.cpp b/src/mongo/db/auth/sasl_authentication_session_test.cpp index e849832d6ff..39ead833986 100644 --- a/src/mongo/db/auth/sasl_authentication_session_test.cpp +++ b/src/mongo/db/auth/sasl_authentication_session_test.cpp @@ -95,7 +95,7 @@ SaslConversation::SaslConversation(std::string mech) std::unique_ptr(authManagerExternalState), AuthorizationManagerImpl::InstallMockForTestingOrAuthImpl{})), authSession(authManager->makeAuthorizationSession()), - registry({"SCRAM-SHA-1", "SCRAM-SHA-256", "PLAIN"}), + registry(opCtx->getServiceContext(), {"SCRAM-SHA-1", "SCRAM-SHA-256", "PLAIN"}), mechanism(mech) { AuthorizationManager::set(getServiceContext(), diff --git a/src/mongo/db/auth/sasl_mechanism_registry.cpp b/src/mongo/db/auth/sasl_mechanism_registry.cpp index bfe479143d3..741dde39126 100644 --- a/src/mongo/db/auth/sasl_mechanism_registry.cpp +++ b/src/mongo/db/auth/sasl_mechanism_registry.cpp @@ -59,8 +59,9 @@ void SASLServerMechanismRegistry::set(ServiceContext* service, getSASLServerMechanismRegistry(service) = std::move(registry); } -SASLServerMechanismRegistry::SASLServerMechanismRegistry(std::vector enabledMechanisms) - : _enabledMechanisms(std::move(enabledMechanisms)) {} +SASLServerMechanismRegistry::SASLServerMechanismRegistry(ServiceContext* svcCtx, + std::vector enabledMechanisms) + : _svcCtx(svcCtx), _enabledMechanisms(std::move(enabledMechanisms)) {} void SASLServerMechanismRegistry::setEnabledMechanisms(std::vector enabledMechanisms) { _enabledMechanisms = std::move(enabledMechanisms); @@ -149,7 +150,7 @@ ServiceContext::ConstructorActionRegisterer SASLServerMechanismRegistryInitializ "CreateSASLServerMechanismRegistry", {"EndStartupOptionStorage"}, [](ServiceContext* service) { SASLServerMechanismRegistry::set(service, std::make_unique( - saslGlobalParams.authenticationMechanisms)); + service, saslGlobalParams.authenticationMechanisms)); }}; } // namespace diff --git a/src/mongo/db/auth/sasl_mechanism_registry.h b/src/mongo/db/auth/sasl_mechanism_registry.h index d9366eaaf59..960a93b2db5 100644 --- a/src/mongo/db/auth/sasl_mechanism_registry.h +++ b/src/mongo/db/auth/sasl_mechanism_registry.h @@ -209,6 +209,9 @@ protected: /** Base class for server mechanism factories. */ class ServerFactoryBase : public SaslServerCommonBase { public: + explicit ServerFactoryBase(ServiceContext*) {} + ServerFactoryBase() = default; + /** * Returns if the factory is capable of producing a server mechanism object which could * authenticate the provided user. @@ -266,6 +269,9 @@ public: using mechanism_type = ServerMechanism; using policy_type = typename ServerMechanism::policy_type; + explicit MakeServerFactory(ServiceContext*) {} + MakeServerFactory() = default; + virtual ServerMechanism* createImpl(std::string authenticationDatabase) override { return new ServerMechanism(std::move(authenticationDatabase)); } @@ -301,7 +307,8 @@ public: /** * Intialize the registry with a list of enabled mechanisms. */ - explicit SASLServerMechanismRegistry(std::vector enabledMechanisms); + explicit SASLServerMechanismRegistry(ServiceContext* svcCtx, + std::vector enabledMechanisms); /** * Sets a new list of enabled mechanisms - used in testing. @@ -349,7 +356,7 @@ public: } auto& list = _getMapRef(T::isInternal); - list.emplace_back(std::make_unique()); + list.emplace_back(std::make_unique(_svcCtx)); std::stable_sort(list.begin(), list.end(), [](const auto& a, const auto& b) { return (a->securityLevel() > b->securityLevel()); }); @@ -373,6 +380,8 @@ private: bool _mechanismSupportedByConfig(StringData mechName) const; + ServiceContext* _svcCtx = nullptr; + // Stores factories which make mechanisms for all databases other than $external MechList _internalMechs; // Stores factories which make mechanisms exclusively for $external diff --git a/src/mongo/db/auth/sasl_mechanism_registry_test.cpp b/src/mongo/db/auth/sasl_mechanism_registry_test.cpp index b16df4ec3f8..2b81bb86bc7 100644 --- a/src/mongo/db/auth/sasl_mechanism_registry_test.cpp +++ b/src/mongo/db/auth/sasl_mechanism_registry_test.cpp @@ -79,6 +79,7 @@ protected: template class BaseMockMechanismFactory : public MakeServerFactory { public: + using MakeServerFactory::MakeServerFactory; static constexpr bool isInternal = argIsInternal; bool canMakeMechanismForUser(const User* user) const final { return true; @@ -111,7 +112,10 @@ public: }; template -class FooMechanismFactory : public BaseMockMechanismFactory {}; +class FooMechanismFactory : public BaseMockMechanismFactory { +public: + using BaseMockMechanismFactory::BaseMockMechanismFactory; +}; // Policy for a hypothetical "BAR" SASL mechanism. struct BarPolicy { @@ -138,7 +142,10 @@ public: }; template -class BarMechanismFactory : public BaseMockMechanismFactory {}; +class BarMechanismFactory : public BaseMockMechanismFactory { +public: + using BaseMockMechanismFactory::BaseMockMechanismFactory; +}; // Policy for a hypothetical "InternalAuth" SASL mechanism. struct InternalAuthPolicy { @@ -165,6 +172,8 @@ public: }; class InternalAuthMechanismFactory : public BaseMockMechanismFactory { +public: + using BaseMockMechanismFactory::BaseMockMechanismFactory; }; class MechanismRegistryTest : public ServiceContextTest { @@ -176,7 +185,7 @@ public: std::unique_ptr(authManagerExternalState), AuthorizationManagerImpl::InstallMockForTestingOrAuthImpl{})), // By default the registry is initialized with all mechanisms enabled. - registry({"FOO", "BAR", "InternalAuth"}) { + registry(opCtx->getServiceContext(), {"FOO", "BAR", "InternalAuth"}) { AuthorizationManager::set(getServiceContext(), std::unique_ptr(authManager)); diff --git a/src/mongo/db/auth/sasl_plain_server_conversation.h b/src/mongo/db/auth/sasl_plain_server_conversation.h index d3c6af215ce..6902bae0106 100644 --- a/src/mongo/db/auth/sasl_plain_server_conversation.h +++ b/src/mongo/db/auth/sasl_plain_server_conversation.h @@ -46,6 +46,7 @@ private: class PLAINServerFactory : public MakeServerFactory { public: + using MakeServerFactory::MakeServerFactory; static constexpr bool isInternal = true; bool canMakeMechanismForUser(const User* user) const final { auto credentials = user->getCredentials(); diff --git a/src/mongo/db/auth/sasl_scram_server_conversation.h b/src/mongo/db/auth/sasl_scram_server_conversation.h index 29884d4db79..68b21da2d3d 100644 --- a/src/mongo/db/auth/sasl_scram_server_conversation.h +++ b/src/mongo/db/auth/sasl_scram_server_conversation.h @@ -96,6 +96,7 @@ extern template class SaslSCRAMServerMechanism; template class SCRAMServerFactory : public MakeServerFactory { public: + using MakeServerFactory::MakeServerFactory; static constexpr bool isInternal = true; bool canMakeMechanismForUser(const User* user) const final { auto credentials = user->getCredentials(); -- cgit v1.2.1