← Back to branch summary

~ubuntu-branches/ubuntu/trusty/juju-core/trusty-proposed

« back to all changes in this revision

Viewing changes to src/gopkg.in/mgo.v2/auth.go

  • Committer: Package Import Robot
  • Author(s): Robie Basak
  • Date: 2015-07-15 13:09:07 UTC
  • mfrom: (35.1.15 wily-proposed)
  • Revision ID: package-import@ubuntu.com-20150715130907-wqak1zpebzzdvy3q
Tags: 1.22.6-0ubuntu1~14.04.1
https://launchpad.net/bugs/1469744
* No change backport to 14.04 (LP: #1469744). This results in the
  following packaging delta from the previous 1.20.11-0ubuntu0.14.04.1
  in trusty-updates:
  - distro-info added and libgo5 removed from Build-Depends.
  - Standards-Version bumped.
  - cloud-image-utils | cloud-utils added to juju-local Depends.
  - d/copyright updated.
  - dep8 tests updated.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/gopkg.in/mgo.v2/auth.go
28
28
 
29
29
import (
30
30
        "crypto/md5"
 
31
        "crypto/sha1"
31
32
        "encoding/hex"
32
33
        "errors"
33
34
        "fmt"
34
35
        "sync"
35
36
 
36
37
        "gopkg.in/mgo.v2/bson"
 
38
        "gopkg.in/mgo.v2/internal/scram"
37
39
)
38
40
 
39
41
type authCmd struct {
158
160
 
159
161
func (socket *mongoSocket) Login(cred Credential) error {
160
162
        socket.Lock()
 
163
        if cred.Mechanism == "" && socket.serverInfo.MaxWireVersion >= 3 {
 
164
                cred.Mechanism = "SCRAM-SHA-1"
 
165
        }
161
166
        for _, sockCred := range socket.creds {
162
167
                if sockCred == cred {
163
168
                        debugf("Socket %p to %s: login: db=%q user=%q (already logged in)", socket, socket.addr, cred.Source, cred.Username)
177
182
 
178
183
        var err error
179
184
        switch cred.Mechanism {
180
 
        case "", "MONGO-CR":
 
185
        case "", "MONGODB-CR", "MONGO-CR": // Name changed to MONGODB-CR in SERVER-8501.
181
186
                err = socket.loginClassic(cred)
182
187
        case "PLAIN":
183
188
                err = socket.loginPlain(cred)
184
 
        case "MONGO-X509":
185
 
                err = fmt.Errorf("unsupported authentication mechanism: %s", cred.Mechanism)
 
189
        case "MONGODB-X509":
 
190
                err = socket.loginX509(cred)
186
191
        default:
187
192
                // Try SASL for everything else, if it is available.
188
193
                err = socket.loginSASL(cred)
230
235
        })
231
236
}
232
237
 
 
238
type authX509Cmd struct {
 
239
        Authenticate int
 
240
        User         string
 
241
        Mechanism    string
 
242
}
 
243
 
 
244
func (socket *mongoSocket) loginX509(cred Credential) error {
 
245
        cmd := authX509Cmd{Authenticate: 1, User: cred.Username, Mechanism: "MONGODB-X509"}
 
246
        res := authResult{}
 
247
        return socket.loginRun(cred.Source, &cmd, &res, func() error {
 
248
                if !res.Ok {
 
249
                        return errors.New(res.ErrMsg)
 
250
                }
 
251
                socket.Lock()
 
252
                socket.dropAuth(cred.Source)
 
253
                socket.creds = append(socket.creds, cred)
 
254
                socket.Unlock()
 
255
                return nil
 
256
        })
 
257
}
 
258
 
233
259
func (socket *mongoSocket) loginPlain(cred Credential) error {
234
260
        cmd := saslCmd{Start: 1, Mechanism: "PLAIN", Payload: []byte("\x00" + cred.Username + "\x00" + cred.Password)}
235
261
        res := authResult{}
246
272
}
247
273
 
248
274
func (socket *mongoSocket) loginSASL(cred Credential) error {
249
 
        sasl, err := saslNew(cred, socket.Server().Addr)
 
275
        var sasl saslStepper
 
276
        var err error
 
277
        if cred.Mechanism == "SCRAM-SHA-1" {
 
278
                // SCRAM is handled without external libraries.
 
279
                sasl = saslNewScram(cred)
 
280
        } else if len(cred.ServiceHost) > 0 {
 
281
                sasl, err = saslNew(cred, cred.ServiceHost)
 
282
        } else {
 
283
                sasl, err = saslNew(cred, socket.Server().Addr)
 
284
        }
250
285
        if err != nil {
251
286
                return err
252
287
        }
318
353
        return nil
319
354
}
320
355
 
 
356
func saslNewScram(cred Credential) *saslScram {
 
357
        credsum := md5.New()
 
358
        credsum.Write([]byte(cred.Username + ":mongo:" + cred.Password))
 
359
        client := scram.NewClient(sha1.New, cred.Username, hex.EncodeToString(credsum.Sum(nil)))
 
360
        return &saslScram{cred: cred, client: client}
 
361
}
 
362
 
 
363
type saslScram struct {
 
364
        cred   Credential
 
365
        client *scram.Client
 
366
}
 
367
 
 
368
func (s *saslScram) Close() {}
 
369
 
 
370
func (s *saslScram) Step(serverData []byte) (clientData []byte, done bool, err error) {
 
371
        more := s.client.Step(serverData)
 
372
        return s.client.Out(), !more, s.client.Err()
 
373
}
 
374
 
321
375
func (socket *mongoSocket) loginRun(db string, query, result interface{}, f func() error) error {
322
376
        var mutex sync.Mutex
323
377
        var replyErr error