SERVER-26952: Cache SCRAM-SHA-1 ClientKey

(cherry picked from commit 47da0b5)

buildscripts/resmokeconfig/suites/multiversion_auth.yml

@@ -0,0 +1,37 @@
+# Section that is ignored by resmoke.py.
+config_variables:
+- &keyFile jstests/libs/authTestsKey
+- &keyFileData Thiskeyisonlyforrunningthesuitewithauthenticationdontuseitinanytestsdirectly
+
+selector:
+  js_test:
+    roots:
+    - jstests/multiVersion/*.js
+    exclude_files:
+      # Needs extra work to support MONGODB-CR
+      - jstests/multiVersion/upgrade_cluster_v5_to_v6.js
+      # Uses threads which don't propagate jsTest() information
+      - jstests/multiVersion/mixed_storage_version_replication.js
+      # Uses ToolTest, which doesn't start servers with keyFile
+      - jstests/multiVersion/transitioning_to_and_from_WT.js
+      # TODO: SERVER-21578
+      - jstests/multiVersion/balancer_multiVersion_detect.js
+
+# Multiversion tests start their own mongod's.
+executor:
+  js_test:
+    config:
+      shell_options:
+        global_vars:
+          TestData:
+            auth: true
+            authMechanism: SCRAM-SHA-1
+            keyFile: *keyFile
+            keyFileData: *keyFileData
+        authenticationDatabase: local
+        authenticationMechanism: SCRAM-SHA-1
+        password: *keyFileData
+        username: __system
+        nodb: ''
+        readMode: legacy
+        writeMode: legacy

etc/evergreen.yml

@@ -1362,6 +1362,17 @@ tasks:
       resmoke_args: --suites=multiversion
       run_multiple_jobs: true
 
+- <<: *task_template
+  name: multiversion_auth
+  commands:
+  - func: "do setup"
+  - func: "do multiversion setup"
+  - func: "run tests"
+    vars:
+      path_prefix: PATH=$PATH:/data/multiversion
+      resmoke_args: --suites=multiversion_auth
+      run_multiple_jobs: true
+
 - <<: *task_template
   name: noPassthrough
   commands:
@@ -3523,6 +3534,7 @@ buildvariants:
   - name: mmap
   - name: mongosTest
   - name: multiversion
+  - name: multiversion_auth
   - name: noPassthrough
   - name: noPassthrough_WT
   - name: noPassthroughWithMongod
@@ -4306,6 +4318,7 @@ buildvariants:
   - name: mmap
   - name: mongosTest
   - name: multiversion
+  - name: multiversion_auth
   - name: noPassthrough
   - name: noPassthroughWithMongod
   - name: noPassthroughWithMongod_WT
@@ -6114,6 +6127,7 @@ buildvariants:
   - name: mmap
   - name: mongosTest
   - name: multiversion
+  - name: multiversion_auth
   - name: noPassthrough
   - name: noPassthroughWithMongod
   - name: noPassthroughWithMongod_WT

jstests/libs/test_background_ops.js

@@ -84,6 +84,10 @@ var getResult = function(mongo, name) {
  * Overrides the parallel shell code in mongo
  */
 function startParallelShell(jsCode, port) {
+    if (TestData) {
+        jsCode = "TestData = " + tojson(TestData) + ";" + jsCode;
+    }
+
     var x;
     if (port) {
         x = startMongoProgramNoConnect("mongo", "--port", port, "--eval", jsCode);

jstests/multiVersion/libs/multi_rs.js

@@ -45,6 +45,7 @@ ReplSetTest.prototype.upgradeNode = function(node, opts, user, pwd) {
     if (user != undefined) {
         assert.eq(1, node.getDB("admin").auth(user, pwd));
     }
+    jsTest.authenticate(node);
 
     var isMaster = node.getDB('admin').runCommand({isMaster: 1});
 

src/mongo/client/SConscript

@@ -60,6 +60,7 @@ saslClientSource = [
     'sasl_client_session.cpp',
     'sasl_plain_client_conversation.cpp',
     'sasl_scramsha1_client_conversation.cpp',
+    'scram_sha1_client_cache.cpp',
 ]
 
 # Add in actual sasl dependencies if sasl is enabled, otherwise

src/mongo/client/authenticate.cpp

@@ -237,7 +237,7 @@ void authX509(RunCommandHook runCommand,
 
 void auth(RunCommandHook runCommand,
           const BSONObj& params,
-          StringData hostname,
+          const HostAndPort& hostname,
           StringData clientName,
           AuthCompletionHandler handler) {
     std::string mechanism;
@@ -273,7 +273,7 @@ bool needsFallback(const AuthResponse& response) {
 
 void asyncAuth(RunCommandHook runCommand,
                const BSONObj& params,
-               StringData hostname,
+               const HostAndPort& hostname,
                StringData clientName,
                AuthCompletionHandler handler) {
     auth(runCommand,
@@ -297,7 +297,7 @@ void asyncAuth(RunCommandHook runCommand,
 }  // namespace
 
 void authenticateClient(const BSONObj& params,
-                        StringData hostname,
+                        const HostAndPort& hostname,
                         StringData clientName,
                         RunCommandHook runCommand,
                         AuthCompletionHandler handler) {

src/mongo/client/authenticate.h

@@ -92,7 +92,7 @@ extern const char* const kMechanismScramSha1;
  * tantamount to authentication failure, but may also indicate more serious problems.
  */
 void authenticateClient(const BSONObj& params,
-                        StringData hostname,
+                        const HostAndPort& hostname,
                         StringData clientSubjectName,
                         RunCommandHook runCommand,
                         AuthCompletionHandler handler = AuthCompletionHandler());

src/mongo/client/authenticate_test.cpp

@@ -173,13 +173,13 @@ class AuthClientTest : public mongo::unittest::Test {
 
 TEST_F(AuthClientTest, MongoCR) {
     auto params = loadMongoCRConversation();
-    auth::authenticateClient(std::move(params), "", "", _runCommandCallback);
+    auth::authenticateClient(std::move(params), HostAndPort(), "", _runCommandCallback);
 }
 
 TEST_F(AuthClientTest, asyncMongoCR) {
     auto params = loadMongoCRConversation();
     auth::authenticateClient(std::move(params),
-                             "",
+                             HostAndPort(),
                              "",
                              _runCommandCallback,
                              [this](auth::AuthResponse response) { ASSERT(response.isOK()); });
@@ -188,13 +188,13 @@ TEST_F(AuthClientTest, asyncMongoCR) {
 #ifdef MONGO_CONFIG_SSL
 TEST_F(AuthClientTest, X509) {
     auto params = loadX509Conversation();
-    auth::authenticateClient(std::move(params), "", _username, _runCommandCallback);
+    auth::authenticateClient(std::move(params), HostAndPort(), _username, _runCommandCallback);
 }
 
 TEST_F(AuthClientTest, asyncX509) {
     auto params = loadX509Conversation();
     auth::authenticateClient(std::move(params),
-                             "",
+                             HostAndPort(),
                              _username,
                              _runCommandCallback,
                              [this](auth::AuthResponse response) { ASSERT(response.isOK()); });

src/mongo/client/dbclient.cpp

@@ -536,7 +536,7 @@ void DBClientWithCommands::_auth(const BSONObj& params) {
 
     auth::authenticateClient(
         params,
-        HostAndPort(getServerAddress()).host(),
+        HostAndPort(getServerAddress()),
         clientName,
         [this](RemoteCommandRequest request, auth::AuthCompletionHandler handler) {
             BSONObj info;

src/mongo/client/native_sasl_client_session.cpp

@@ -33,6 +33,7 @@
 #include "mongo/client/sasl_client_conversation.h"
 #include "mongo/client/sasl_plain_client_conversation.h"
 #include "mongo/client/sasl_scramsha1_client_conversation.h"
+#include "mongo/client/scram_sha1_client_cache.h"
 #include "mongo/util/mongoutils/str.h"
 
 namespace mongo {
@@ -47,6 +48,9 @@ MONGO_INITIALIZER(NativeSaslClientContext)(InitializerContext* context) {
     return Status::OK();
 }
 
+// Global cache for SCRAM-SHA-1 credentials
+SCRAMSHA1ClientCache* scramsha1ClientCache = new SCRAMSHA1ClientCache;
+
 }  // namespace
 
 NativeSaslClientSession::NativeSaslClientSession()
@@ -63,7 +67,7 @@ Status NativeSaslClientSession::initialize() {
     if (mechanism == "PLAIN") {
         _saslConversation.reset(new SaslPLAINClientConversation(this));
     } else if (mechanism == "SCRAM-SHA-1") {
-        _saslConversation.reset(new SaslSCRAMSHA1ClientConversation(this));
+        _saslConversation.reset(new SaslSCRAMSHA1ClientConversation(this, scramsha1ClientCache));
     } else {
         return Status(ErrorCodes::BadValue,
                       mongoutils::str::stream() << "SASL mechanism " << mechanism

src/mongo/client/sasl_client_authenticate.cpp

@@ -39,7 +39,7 @@ namespace mongo {
 using namespace mongoutils;
 
 void (*saslClientAuthenticate)(auth::RunCommandHook runCommand,
-                               StringData hostname,
+                               const HostAndPort& hostname,
                                const BSONObj& saslParameters,
                                auth::AuthCompletionHandler handler) = nullptr;
 

src/mongo/client/sasl_client_authenticate.h

@@ -68,7 +68,7 @@ class BSONObj;
  * returned.
  */
 extern void (*saslClientAuthenticate)(auth::RunCommandHook runCommand,
-                                      StringData hostname,
+                                      const HostAndPort& hostname,
                                       const BSONObj& saslParameters,
                                       auth::AuthCompletionHandler handler);
 

src/mongo/client/sasl_client_authenticate_impl.cpp

@@ -116,7 +116,7 @@ Status extractPassword(const BSONObj& saslParameters,
  * Returns Status::OK() on success.
  */
 Status configureSession(SaslClientSession* session,
-                        StringData hostname,
+                        const HostAndPort& hostname,
                         StringData targetDatabase,
                         const BSONObj& saslParameters) {
     std::string mechanism;
@@ -134,10 +134,11 @@ Status configureSession(SaslClientSession* session,
     session->setParameter(SaslClientSession::parameterServiceName, value);
 
     status = bsonExtractStringFieldWithDefault(
-        saslParameters, saslCommandServiceHostnameFieldName, hostname, &value);
+        saslParameters, saslCommandServiceHostnameFieldName, hostname.host(), &value);
     if (!status.isOK())
         return status;
     session->setParameter(SaslClientSession::parameterServiceHostname, value);
+    session->setParameter(SaslClientSession::parameterServiceHostAndPort, hostname.toString());
 
     status = bsonExtractStringField(saslParameters, saslCommandUserFieldName, &value);
     if (!status.isOK())
@@ -247,7 +248,7 @@ void asyncSaslConversation(auth::RunCommandHook runCommand,
  * "client".
  */
 void saslClientAuthenticateImpl(auth::RunCommandHook runCommand,
-                                StringData hostname,
+                                const HostAndPort& hostname,
                                 const BSONObj& saslParameters,
                                 auth::AuthCompletionHandler handler) {
     int saslLogLevel = getSaslClientLogLevel(saslParameters);

src/mongo/client/sasl_client_session.h

@@ -63,6 +63,7 @@ class SaslClientSession {
     enum Parameter {
         parameterServiceName = 0,
         parameterServiceHostname,
+        parameterServiceHostAndPort,
         parameterMechanism,
         parameterUser,
         parameterPassword,

src/mongo/client/sasl_scramsha1_client_conversation.cpp

@@ -34,6 +34,7 @@
 
 #include "mongo/base/parse_number.h"
 #include "mongo/client/sasl_client_session.h"
+#include "mongo/client/scram_sha1_client_cache.h"
 #include "mongo/platform/random.h"
 #include "mongo/util/base64.h"
 #include "mongo/util/mongoutils/str.h"
@@ -46,13 +47,12 @@ using std::unique_ptr;
 using std::string;
 
 SaslSCRAMSHA1ClientConversation::SaslSCRAMSHA1ClientConversation(
-    SaslClientSession* saslClientSession)
-    : SaslClientConversation(saslClientSession), _step(0), _authMessage(""), _clientNonce("") {}
-
-SaslSCRAMSHA1ClientConversation::~SaslSCRAMSHA1ClientConversation() {
-    // clear the _saltedPassword memory
-    memset(_saltedPassword, 0, scram::hashSize);
-}
+    SaslClientSession* saslClientSession, SCRAMSHA1ClientCache* clientCache)
+    : SaslClientConversation(saslClientSession),
+      _step(0),
+      _authMessage(),
+      _clientCache(clientCache),
+      _clientNonce() {}
 
 StatusWith<bool> SaslSCRAMSHA1ClientConversation::step(StringData inputData,
                                                        std::string* outputData) {
@@ -159,7 +159,7 @@ StatusWith<bool> SaslSCRAMSHA1ClientConversation::_secondStep(const std::vector<
     }
 
     std::string salt = input[1].substr(2);
-    int iterationCount;
+    size_t iterationCount;
 
     Status status = parseNumberFromStringWithBase(input[2].substr(2), 10, &iterationCount);
     if (status != Status::OK()) {
@@ -178,14 +178,30 @@ StatusWith<bool> SaslSCRAMSHA1ClientConversation::_secondStep(const std::vector<
         return StatusWith<bool>(ex.toStatus());
     }
 
-    scram::generateSaltedPassword(
-        _saslClientSession->getParameter(SaslClientSession::parameterPassword),
-        reinterpret_cast<const unsigned char*>(decodedSalt.c_str()),
-        decodedSalt.size(),
-        iterationCount,
-        _saltedPassword);
+    scram::SCRAMPresecrets presecrets(
+        _saslClientSession->getParameter(SaslClientSession::parameterPassword).toString(),
+        std::vector<std::uint8_t>(decodedSalt.begin(), decodedSalt.end()),
+        iterationCount);
+
+    StatusWith<HostAndPort> targetHost = HostAndPort::parse(
+        _saslClientSession->getParameter(SaslClientSession::parameterServiceHostAndPort));
+
+    if (targetHost.isOK()) {
+        auto cachedSecrets = _clientCache->getCachedSecrets(targetHost.getValue(), presecrets);
+
+        if (cachedSecrets) {
+            _credentials = *cachedSecrets;
+        } else {
+            _credentials = scram::generateSecrets(presecrets);
+
+            _clientCache->setCachedSecrets(
+                std::move(targetHost.getValue()), std::move(presecrets), _credentials);
+        }
+    } else {
+        _credentials = scram::generateSecrets(presecrets);
+    }
 
-    std::string clientProof = scram::generateClientProof(_saltedPassword, _authMessage);
+    std::string clientProof = scram::generateClientProof(_credentials, _authMessage);
 
     StringBuilder sb;
     sb << "c=biws,r=" << nonce << ",p=" << clientProof;
@@ -224,7 +240,7 @@ StatusWith<bool> SaslSCRAMSHA1ClientConversation::_thirdStep(const std::vector<s
     }
 
     bool validServerSignature =
-        scram::verifyServerSignature(_saltedPassword, _authMessage, input[0].substr(2));
+        scram::verifyServerSignature(_credentials, _authMessage, input[0].substr(2));
 
     if (!validServerSignature) {
         *outputData = "e=Invalid server signature";

src/mongo/client/sasl_scramsha1_client_conversation.h

@@ -38,6 +38,8 @@
 #include "mongo/crypto/mechanism_scram.h"
 
 namespace mongo {
+
+class SCRAMSHA1ClientCache;
 /**
  *  Client side authentication session for SASL PLAIN.
  */
@@ -48,9 +50,8 @@ class SaslSCRAMSHA1ClientConversation : public SaslClientConversation {
     /**
      * Implements the client side of a SASL PLAIN mechanism session.
      **/
-    explicit SaslSCRAMSHA1ClientConversation(SaslClientSession* saslClientSession);
-
-    virtual ~SaslSCRAMSHA1ClientConversation();
+    SaslSCRAMSHA1ClientConversation(SaslClientSession* saslClientSession,
+                                    SCRAMSHA1ClientCache* clientCache);
 
     /**
      * Takes one step in a SCRAM-SHA-1 conversation.
@@ -79,7 +80,10 @@ class SaslSCRAMSHA1ClientConversation : public SaslClientConversation {
 
     int _step;
     std::string _authMessage;
-    unsigned char _saltedPassword[scram::hashSize];
+
+    // Secrets and secrets cache
+    scram::SCRAMSecrets _credentials;
+    SCRAMSHA1ClientCache* const _clientCache;
 
     // client and server nonce concatenated
     std::string _clientNonce;