-
Type:
Bug
-
Resolution: Duplicate
-
Priority:
Major - P3
-
None
-
Affects Version/s: 4.3.4
-
Component/s: None
-
None
-
ALL
-
v4.4
-
-
Security 2020-04-06, Security 2020-04-20, Security 2020-05-04, Security 2020-06-01
If I issue a saslContinue:1 command on a connection with no fields, the server responds with a failure and provides a message explaining why the command failed:
irb(main):023:0> a.cluster.next_primary.with_connection { |c| c.dispatch([Mongo::Protocol::Msg.new([], {}, {saslContinue: 1, '$db' => 'test'})]) }
D, [2020-03-15T18:37:03.610646 #102446] DEBUG -- : MONGODB | [18] localhost:27017 #1 | test.saslContinue | STARTED | {}
D, [2020-03-15T18:37:03.612064 #102446] DEBUG -- : MONGODB | [18] localhost:27017 | test.saslContinue | FAILED | No SASL session state found (17) | 0.000614045s
=> #<Mongo::Protocol::Msg:0x00005619018332e8 @flags=[], @sections=[{"ok"=>0.0, "errmsg"=>"No SASL session state found", "code"=>17, "codeName"=>"ProtocolError"}]>
If I issue a saslStart:1 command in the same manner, the server responds with a failure but does not provide any diagnostic information:
irb(main):024:0> a.cluster.next_primary.with_connection { |c| c.dispatch([Mongo::Protocol::Msg.new([], {}, {saslStart: 1, '$db' => 'test'})]) }
D, [2020-03-15T18:37:08.082373 #102446] DEBUG -- : MONGODB | [19] localhost:27017 #1 | test.saslStart | STARTED | {}
D, [2020-03-15T18:37:08.084307 #102446] DEBUG -- : MONGODB | [19] localhost:27017 | test.saslStart | FAILED | () | 0.000454597s
=> #<Mongo::Protocol::Msg:0x0000561901d3c988 @flags=[], @sections=[{"ok"=>0.0, "errmsg"=>""}]>
As far as I can tell there is no output in the server log either as to what might be the problem.
The lack of diagnostic information makes it very difficult to troubleshoot why authentication is not working (I get the same empty failure response when providing, as far as I can tell, valid data for an aws authentication mechanism).
- is duplicated by
-
-
- Closed
-