Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-3453

Ensure server proof has been validated during SCRAM conversation

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 1.16.0
    • Affects Version/s: None
    • Component/s: auth
    • None
    • Minor Change

      SCRAM authentication should not be considered complete until the client has validated server proof from the server's second message. Currently, a {done:1} sent during the first or second message will bypass this validation.

            Assignee:
            sara.golemon@mongodb.com Sara Golemon
            Reporter:
            sara.golemon@mongodb.com Sara Golemon
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: