mongodb

package
v0.0.0-...-5c79d48 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2024 License: AGPL-3.0 Imports: 38 Imported by: 0

Documentation

Overview

Package mongodb implements database access proxy that handles authentication, authorization and protocol parsing of connections from MongoDB clients to MongoDB clusters.

After accepting a connection from a MongoDB client and authorizing it, the proxy dials to the target MongoDB cluster, performs x509 authentication and starts relaying wire messages between client and server.

Server selection ================ When connecting to a MongoDB replica set, the proxy will establish connection to the server determined by the "readPreference" setting from the config's connection string.

For example, this configuration will make Teleport to connect to a secondary:

  • name: "mongo-rs" protocol: "mongodb" uri: "mongodb://mongo1:27017,mongo2:27017/?replicaSet=rs0&readPreference=secondary"

Command authorization ===================== Each MongoDB command is executed in a particular database. Client commands going through the proxy are inspected and their database is checked against user role's "db_names".

In case of authorization failure the command is not passed to the server, instead an "access denied" error is sent back to the MongoDB client in the standard wire message error format.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func MakeTestClient 

func MakeTestClient(ctx context.Context, config common.TestClientConfig, opts ...*options.ClientOptions) (*mongo.Client, error)

MakeTestClient returns MongoDB client connection according to the provided parameters.

func NewEngine 

func NewEngine(ec common.EngineConfig) common.Engine

NewEngine create new MongoDB engine.

Types

type Engine 

type Engine struct {
	// EngineConfig is the common database engine configuration.
	common.EngineConfig
	// contains filtered or unexported fields
}

Engine implements the MongoDB database service that accepts client connections coming over reverse tunnel from the proxy and proxies them between the proxy and the MongoDB database instance.

Implements common.Engine.

func (*Engine) ActivateUser 

func (e *Engine) ActivateUser(ctx context.Context, sessionCtx *common.Session) error

ActivateUser creates or enables the database user.

func (*Engine) DeactivateUser 

func (e *Engine) DeactivateUser(ctx context.Context, sessionCtx *common.Session) error

DeactivateUser disables the database user.

func (*Engine) DeleteUser 

func (e *Engine) DeleteUser(ctx context.Context, sessionCtx *common.Session) error

DeleteUser deletes the database user.

func (*Engine) HandleConnection 

func (e *Engine) HandleConnection(ctx context.Context, sessionCtx *common.Session) error

HandleConnection processes the connection from MongoDB proxy coming over reverse tunnel.

It handles all necessary startup actions, authorization and acts as a middleman between the proxy and the database intercepting and interpreting all messages i.e. doing protocol parsing.

func (*Engine) InitializeConnection 

func (e *Engine) InitializeConnection(clientConn net.Conn, _ *common.Session) error

InitializeConnection initializes the client connection.

func (*Engine) SendError 

func (e *Engine) SendError(err error)

SendError sends an error to the connected client in MongoDB understandable format.

type TestServer 

type TestServer struct {
	// contains filtered or unexported fields
}

TestServer is a test MongoDB server used in functional database access tests.

func NewTestServer 

func NewTestServer(config common.TestServerConfig, opts ...TestServerOption) (svr *TestServer, err error)

NewTestServer returns a new instance of a test MongoDB server.

func (*TestServer) Close 

func (s *TestServer) Close() error

Close closes the server listener.

func (*TestServer) GetActiveConnectionsCount 

func (s *TestServer) GetActiveConnectionsCount() int32

GetActiveConnectionsCount returns the current value of activeConnection counter.

func (*TestServer) Port 

func (s *TestServer) Port() string

Port returns the port server is listening on.

func (*TestServer) Serve 

func (s *TestServer) Serve() error

Serve starts serving client connections.

func (*TestServer) UserEventsCh 

func (t *TestServer) UserEventsCh() <-chan UserEvent

UserEventsCh returns channel that receives user activate/deactivate events.

type TestServerOption 

type TestServerOption func(*TestServer)

TestServerOption allows to set test server options.

func TestServerMaxMessageSize 

func TestServerMaxMessageSize(maxMessageSize uint32) TestServerOption

TestServerMaxMessageSize sets the test MongoDB server max message size.

func TestServerWireVersion 

func TestServerWireVersion(wireVersion int) TestServerOption

TestServerWireVersion sets the test MongoDB server wire protocol version.

type UserEvent 

type UserEvent struct {
	// DatabaseUser is the in-database username.
	DatabaseUser string
	// Roles are the user Roles.
	Roles []string
	// Type defines the type of the UserEventType.
	Type UserEventType
}

UserEvent represents a user activation/deactivation event.

type UserEventType 

type UserEventType int

UserEventType defines the type of the UserEventType. 

const (
	UserEventActivate UserEventType = iota
	UserEventDeactivate
	UserEventDelete
)

Source Files

View all Source files

Directories

Path Synopsis
Package protocol implements reading/writing MongoDB wire protocol messages from/to client/server and converting them into parsed data structures.
 Package protocol implements reading/writing MongoDB wire protocol messages from/to client/server and converting them into parsed data structures.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.