diff --git a/lib/mongo/repl_set_connection.rb b/lib/mongo/repl_set_connection.rb index 4203a34..1c45e9b 100644 --- a/lib/mongo/repl_set_connection.rb +++ b/lib/mongo/repl_set_connection.rb @@ -189,7 +189,7 @@ module Mongo socket = TCPSocket.new(host, port) socket.setsockopt(Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1) - config = self['admin'].command({:ismaster => 1}, :sock => socket) + config = self['admin'].command({:ismaster => 1}, :socket => socket) check_set_name(config, socket) rescue OperationFailure, SocketError, SystemCallError, IOError => ex @@ -232,7 +232,7 @@ module Mongo def check_set_name(config, socket) if @replica_set config = self['admin'].command({:replSetGetStatus => 1}, - :sock => socket, :check_response => false) + :socket => socket, :check_response => false) if !Mongo::Support.ok?(config) raise ReplicaSetConnectionError, config['errmsg'] diff --git a/lib/mongo/util/pool.rb b/lib/mongo/util/pool.rb index fbcb522..2043e75 100644 --- a/lib/mongo/util/pool.rb +++ b/lib/mongo/util/pool.rb @@ -88,7 +88,7 @@ module Mongo socket end - # If a use calls DB#authentication, and several sockets exist, + # If a user calls DB#authenticate, and several sockets exist, # then we need a way to apply the authentication on each socket. # So we store the apply_authentication method, and this will be # applied right before the next use of each socket. diff --git a/test/auxillary/repl_set_auth_test.rb b/test/auxillary/repl_set_auth_test.rb new file mode 100644 index 0000000..03af340 --- /dev/null +++ b/test/auxillary/repl_set_auth_test.rb @@ -0,0 +1,58 @@ +$:.unshift(File.join(File.dirname(__FILE__), '..', 'lib')) +require './test/test_helper' +require './test/tools/auth_repl_set_manager' + +class AuthTest < Test::Unit::TestCase + include Mongo + + def setup + @manager = AuthReplSetManager.new(:start_port => 40000) + @manager.start_set + end + + def teardown + @manager.cleanup_set + end + + def test_repl_set_auth + @conn = ReplSetConnection.new([@manager.host, @manager.ports[0]], [@manager.host, @manager.ports[1]], + [@manager.host, @manager.ports[2]], :name => @manager.name) + + # Add an admin user + @conn['admin'].add_user("me", "secret") + + # Ensure that insert fails + assert_raise_error Mongo::OperationFailure, "unauthorized" do + @conn['foo']['stuff'].insert({:a => 2}, :safe => {:w => 3}) + end + + # Then authenticate + assert @conn['admin'].authenticate("me", "secret") + + # Insert should succeed now + assert @conn['foo']['stuff'].insert({:a => 2}, :safe => {:w => 3}) + + # So should a query + assert @conn['foo']['stuff'].find_one + + # But not when we logout + @conn['admin'].logout + + assert_raise_error Mongo::OperationFailure, "unauthorized" do + @conn['foo']['stuff'].find_one + end + + # Same should apply to a random secondary + @slave1 = Connection.new(@conn.secondary_pools[0].host, + @conn.secondary_pools[0].port, :slave_ok => true) + + # Find should fail + assert_raise_error Mongo::OperationFailure, "unauthorized" do + @slave1['foo']['stuff'].find_one + end + + # But not when authenticated + @slave1['admin'].authenticate("me", "secret") + assert @slave1['foo']['stuff'].find_one + end +end diff --git a/test/tools/auth_repl_set_manager.rb b/test/tools/auth_repl_set_manager.rb new file mode 100644 index 0000000..06a39b1 --- /dev/null +++ b/test/tools/auth_repl_set_manager.rb @@ -0,0 +1,14 @@ +require File.join((File.expand_path(File.dirname(__FILE__))), 'repl_set_manager') + +class AuthReplSetManager < ReplSetManager + def initialize(opts={}) + super(opts) + + @key_path = opts[:key_path] || File.join(File.expand_path(File.dirname(__FILE__)), "keyfile.txt") + system("chmod 600 #{@key_path}") + end + + def start_cmd(n) + super + " --keyFile #{@key_path}" + end +end diff --git a/test/tools/keyfile.txt b/test/tools/keyfile.txt new file mode 100644 index 0000000..f15d680 --- /dev/null +++ b/test/tools/keyfile.txt @@ -0,0 +1 @@ +THIS IS A SECRET KEYFILE FOR REPLICA SETS BWAHAHAHAH diff --git a/test/tools/repl_set_manager.rb b/test/tools/repl_set_manager.rb index 6054083..25219aa 100644 --- a/test/tools/repl_set_manager.rb +++ b/test/tools/repl_set_manager.rb @@ -61,6 +61,13 @@ class ReplSetManager ensure_up end + def cleanup_set + system("killall mongod") + @count.times do |n| + system("rm -rf #{@mongods[n]['db_path']}") + end + end + def init_node(n) @mongods[n] ||= {} port = @start_port + n @@ -71,9 +78,7 @@ class ReplSetManager system("rm -rf #{@mongods[n]['db_path']}") system("mkdir -p #{@mongods[n]['db_path']}") - @mongods[n]['start'] = "mongod --replSet #{@name} --logpath '#{@mongods[n]['log_path']}' " + - " --dbpath #{@mongods[n]['db_path']} --port #{@mongods[n]['port']} --fork" - + @mongods[n]['start'] = start_cmd(n) start(n) member = {'_id' => n, 'host' => "#{@host}:#{@mongods[n]['port']}"} @@ -88,6 +93,11 @@ class ReplSetManager @config['members'] << member end + def start_cmd(n) + @mongods[n]['start'] = "mongod --replSet #{@name} --logpath '#{@mongods[n]['log_path']}' " + + " --dbpath #{@mongods[n]['db_path']} --port #{@mongods[n]['port']} --fork" + end + def kill(node) pid = @mongods[node]['pid'] puts "** Killing node with pid #{pid} at port #{@mongods[node]['port']}"