1
2 /**
3 * Copyright (C) 2018-present MongoDB, Inc.
4 *
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the Server Side Public License, version 1,
7 * as published by MongoDB, Inc.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * Server Side Public License for more details.
13 *
14 * You should have received a copy of the Server Side Public License
15 * along with this program. If not, see
16 * <http://www.mongodb.com/licensing/server-side-public-license>.
17 *
18 * As a special exception, the copyright holders give permission to link the
19 * code of portions of this program with the OpenSSL library under certain
20 * conditions as described in each individual source file and distribute
21 * linked combinations including the program with the OpenSSL library. You
22 * must comply with the Server Side Public License in all respects for
23 * all of the code used other than as permitted herein. If you modify file(s)
24 * with this exception, you may extend this exception to your version of the
25 * file(s), but you are not obligated to do so. If you do not wish to do so,
26 * delete this exception statement from your version. If you delete this
27 * exception statement from all source files in the program, then also delete
28 * it in the license file.
29 */
30
31 #include "mongo/platform/basic.h"
32
33 #include "mongo/client/native_sasl_client_session.h"
34
35 #include "mongo/base/init.h"
36 #include "mongo/client/sasl_client_conversation.h"
37 #include "mongo/client/sasl_plain_client_conversation.h"
38 #include "mongo/client/sasl_scramsha1_client_conversation.h"
39 #include "mongo/client/scram_sha1_client_cache.h"
40 #include "mongo/util/mongoutils/str.h"
41
42 namespace mongo {
43 namespace {
44
createNativeSaslClientSession(const std::string mech)45 SaslClientSession* createNativeSaslClientSession(const std::string mech) {
46 return new NativeSaslClientSession();
47 }
48
MONGO_INITIALIZER(NativeSaslClientContext)49 MONGO_INITIALIZER(NativeSaslClientContext)(InitializerContext* context) {
50 SaslClientSession::create = createNativeSaslClientSession;
51 return Status::OK();
52 }
53
54 // Global cache for SCRAM-SHA-1 credentials
55 SCRAMSHA1ClientCache* scramsha1ClientCache = new SCRAMSHA1ClientCache;
56
57 } // namespace
58
NativeSaslClientSession()59 NativeSaslClientSession::NativeSaslClientSession()
60 : SaslClientSession(), _step(0), _done(false), _saslConversation(nullptr) {}
61
~NativeSaslClientSession()62 NativeSaslClientSession::~NativeSaslClientSession() {}
63
initialize()64 Status NativeSaslClientSession::initialize() {
65 if (_saslConversation)
66 return Status(ErrorCodes::AlreadyInitialized,
67 "Cannot reinitialize NativeSaslClientSession.");
68
69 std::string mechanism = getParameter(parameterMechanism).toString();
70 if (mechanism == "PLAIN") {
71 _saslConversation.reset(new SaslPLAINClientConversation(this));
72 } else if (mechanism == "SCRAM-SHA-1") {
73 _saslConversation.reset(new SaslSCRAMSHA1ClientConversation(this, scramsha1ClientCache));
74 } else {
75 return Status(ErrorCodes::BadValue,
76 mongoutils::str::stream() << "SASL mechanism " << mechanism
77 << " is not supported");
78 }
79
80 return Status::OK();
81 }
82
step(StringData inputData,std::string * outputData)83 Status NativeSaslClientSession::step(StringData inputData, std::string* outputData) {
84 if (!_saslConversation) {
85 return Status(ErrorCodes::BadValue,
86 mongoutils::str::stream()
87 << "The client authentication session has not been properly initialized");
88 }
89
90 StatusWith<bool> status = _saslConversation->step(inputData, outputData);
91 if (status.isOK()) {
92 _done = status.getValue();
93 }
94 return status.getStatus();
95 }
96 } // namespace
97