Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

added help output for SSL options on mongos/mongod - missing per SERV…

…ER-6320

Signed-off-by: Eric Milkie <milkie@10gen.com>
  • Loading branch information...
commit 17e5e158d7a35417fdb8adcb89ad18d1de68eedd 1 parent 949349d
Adam Comerford authored milkie committed
Showing with 58 additions and 26 deletions.
  1. +41 −26 src/mongo/db/db.cpp
  2. +17 −0 src/mongo/s/server.cpp
View
67 src/mongo/db/db.cpp
@@ -64,7 +64,7 @@
namespace mongo {
- namespace dur {
+ namespace dur {
extern unsigned long long DataLimitPerJournalFile;
}
@@ -305,8 +305,8 @@ namespace mongo {
if ( !h->isCurrentVersion() || forceRepair ) {
if( h->version <= 0 ) {
- uasserted(14026,
- str::stream() << "db " << dbName << " appears corrupt pdfile version: " << h->version
+ uasserted(14026,
+ str::stream() << "db " << dbName << " appears corrupt pdfile version: " << h->version
<< " info: " << h->versionMinor << ' ' << h->fileLength);
}
@@ -358,12 +358,12 @@ namespace mongo {
void checkIfReplMissingFromCommandLine() {
Lock::GlobalWrite lk; // _openAllFiles is false at this point, so this is helpful for the query below to work as you can't open files when readlocked
- if( !cmdLine.usingReplSets() ) {
+ if( !cmdLine.usingReplSets() ) {
Client::GodScope gs;
DBDirectClient c;
- unsigned long long x =
+ unsigned long long x =
c.count("local.system.replset");
- if( x ) {
+ if( x ) {
log() << endl;
log() << "** warning: mongod started without --replSet yet " << x << " documents are present in local.system.replset" << endl;
log() << "** restart with --replSet unless you are doing maintenance and no other clients are connected" << endl;
@@ -429,7 +429,7 @@ namespace mongo {
globalFlushCounters.flushed(time_flushing);
- if( logLevel >= 1 || time_flushing >= 10000 ) {
+ if( logLevel >= 1 || time_flushing >= 10000 ) {
log() << "flushing mmaps took " << time_flushing << "ms " << " for " << numFiles << " files" << endl;
}
}
@@ -538,9 +538,9 @@ namespace mongo {
CmdLine::launchOk();
#endif
- if( !noauth ) {
- // open admin db in case we need to use it later. TODO this is not the right way to
- // resolve this.
+ if( !noauth ) {
+ // open admin db in case we need to use it later. TODO this is not the right way to
+ // resolve this.
Client::WriteContext c("admin",dbpath,false);
}
@@ -553,8 +553,8 @@ namespace mongo {
void testPretouch();
void initAndListen(int listenPort) {
- try {
- _initAndListen(listenPort);
+ try {
+ _initAndListen(listenPort);
}
catch ( DBException &e ) {
log() << "exception in initAndListen: " << e.toString() << ", terminating" << endl;
@@ -616,6 +616,9 @@ static int mongoDbMain(int argc, char* argv[]) {
#if defined(_WIN32)
po::options_description windows_scm_options("Windows Service Control Manager options");
#endif
+#if defined(MONGO_SSL)
+ po::options_description ssl_options("SSL options");
+#endif
po::options_description replication_options("Replication options");
po::options_description ms_options("Master/slave options");
po::options_description rs_options("Replica set options");
@@ -626,7 +629,7 @@ static int mongoDbMain(int argc, char* argv[]) {
po::positional_options_description positional_options;
CmdLine::addGlobalOptions( general_options , hidden_options );
-
+
StringBuilder dbpathBuilder;
dbpathBuilder << "directory for datafiles - defaults to " << dbpath;
@@ -664,6 +667,14 @@ static int mongoDbMain(int argc, char* argv[]) {
("upgrade", "upgrade db if needed")
;
+#if defined(MONGO_SSL)
+ ssl_options.add_options()
+ ("sslOnNormalPorts", "Enable SSL on the defined/default ports")
+ ("sslPEMKeyFile", "Specify the path to the PEM formatted SSL certificate/key file")
+ ("sslPEMKeyPassword", "Enable SSL on the defined/default ports")
+ ;
+#endif
+
#if defined(_WIN32)
CmdLine::addWindowsOptions( windows_scm_options, hidden_options );
#endif
@@ -717,8 +728,12 @@ static int mongoDbMain(int argc, char* argv[]) {
visible_options.add(ms_options);
visible_options.add(rs_options);
visible_options.add(sharding_options);
+#ifdef MONGO_SSL
+ visible_options.add(ssl_options);
+#endif
Module::addOptions( visible_options );
+
setupCoreSignals();
setupSignals( false );
@@ -771,7 +786,7 @@ static int mongoDbMain(int argc, char* argv[]) {
// we need to change dbpath if we fork since we change
// cwd to "/"
// fork only exists on *nix
- // so '/' is safe
+ // so '/' is safe
dbpath = cmdLine.cwd + "/" + dbpath;
}
}
@@ -817,8 +832,8 @@ static int mongoDbMain(int argc, char* argv[]) {
if (params.count("durOptions")) {
cmdLine.durOptions = params["durOptions"].as<int>();
}
- if( params.count("journalCommitInterval") ) {
- // don't check if dur is false here as many will just use the default, and will default to off on win32.
+ if( params.count("journalCommitInterval") ) {
+ // don't check if dur is false here as many will just use the default, and will default to off on win32.
// ie no point making life a little more complex by giving an error on a dev environment.
cmdLine.journalCommitInterval = params["journalCommitInterval"].as<unsigned>();
if( cmdLine.journalCommitInterval <= 1 || cmdLine.journalCommitInterval > 300 ) {
@@ -1226,12 +1241,12 @@ namespace mongo {
addrSignals.sa_sigaction = abruptQuitWithAddrSignal;
sigemptyset( &addrSignals.sa_mask );
addrSignals.sa_flags = SA_SIGINFO;
-
+
verify( sigaction(SIGSEGV, &addrSignals, 0) == 0 );
verify( sigaction(SIGBUS, &addrSignals, 0) == 0 );
verify( sigaction(SIGILL, &addrSignals, 0) == 0 );
verify( sigaction(SIGFPE, &addrSignals, 0) == 0 );
-
+
verify( signal(SIGABRT, abruptQuit) != SIG_ERR );
verify( signal(SIGQUIT, abruptQuit) != SIG_ERR );
verify( signal(SIGPIPE, pipeSigHandler) != SIG_ERR );
@@ -1312,7 +1327,7 @@ namespace mongo {
NULL);
if ( INVALID_HANDLE_VALUE == hFile ) {
DWORD lasterr = GetLastError();
- log() << "failed to open minidump file " << toUtf8String(dumpFilename) << " : "
+ log() << "failed to open minidump file " << toUtf8String(dumpFilename) << " : "
<< errnoWithDescription( lasterr ) << endl;
return;
}
@@ -1332,7 +1347,7 @@ namespace mongo {
NULL);
if ( FALSE == bstatus ) {
DWORD lasterr = GetLastError();
- log() << "failed to create minidump : "
+ log() << "failed to create minidump : "
<< errnoWithDescription( lasterr ) << endl;
}
@@ -1379,23 +1394,23 @@ namespace mongo {
#endif
// In debug builds, give debugger a chance to run
- if( filtLast )
+ if( filtLast )
return filtLast( excPointers );
return EXCEPTION_EXECUTE_HANDLER;
}
// called by mongoAbort()
extern void (*reportEventToSystem)(const char *msg);
- void reportEventToSystemImpl(const char *msg) {
+ void reportEventToSystemImpl(const char *msg) {
static ::HANDLE hEventLog = RegisterEventSource( NULL, TEXT("mongod") );
- if( hEventLog ) {
+ if( hEventLog ) {
std::wstring s = toNativeString(msg);
LPCTSTR txt = s.c_str();
BOOL ok = ReportEvent(
- hEventLog, EVENTLOG_ERROR_TYPE,
+ hEventLog, EVENTLOG_ERROR_TYPE,
0, 0, NULL,
- 1,
- 0,
+ 1,
+ 0,
&txt,
0);
wassert(ok);
View
17 src/mongo/s/server.cpp
@@ -297,6 +297,9 @@ int _main(int argc, char* argv[]) {
#if defined(_WIN32)
po::options_description windows_scm_options("Windows Service Control Manager options");
#endif
+#if defined(MONGO_SSL)
+ po::options_description ssl_options("SSL options");
+#endif
po::options_description sharding_options("Sharding options");
po::options_description visible_options("Allowed options");
po::options_description hidden_options("Hidden options");
@@ -327,11 +330,25 @@ int _main(int argc, char* argv[]) {
;
visible_options.add(general_options);
+
+#ifdef MONGO_SSL
+ ssl_options.add_options()
+ ("sslOnNormalPorts", "Enable SSL on the defined/default ports")
+ ("sslPEMKeyFile", "Specify the path to the PEM formatted SSL certificate/key file")
+ ("sslPEMKeyPassword", "Enable SSL on the defined/default ports")
+ ;
+#endif
+
#if defined(_WIN32)
visible_options.add(windows_scm_options);
#endif
+
visible_options.add(sharding_options);
+#ifdef MONGO_SSL
+ visible_options.add(ssl_options);
+#endif
+
// parse options
po::variables_map params;
if ( ! CmdLine::store( argc, argv, visible_options, hidden_options, positional_options, params ) )
Please sign in to comment.
Something went wrong with that request. Please try again.