Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-658

GSSAPI Authentication implementation is broken and does not work

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Blocker - P1 Blocker - P1
    • 1.1.6
    • Affects Version/s: None
    • Component/s: auth, libmongoc
    • None

      The GSSAPI auth mechanism does not seem to be working in the intended manner. Looks like the code at https://github.com/mongodb/mongo-c-driver/blob/master/src/mongoc/mongoc-sasl.c#L303-L310 seem to be breaking for the step = 0. This condition seems to be valid only for sasl step 1 onwards when the inbuflen should not be 0.

       if (!sasl->step && !*outbuflen) {
            bson_set_error (error,
                            MONGOC_ERROR_SASL,
                            MONGOC_ERROR_CLIENT_AUTHENTICATE,
                            "SASL Failure: no data received from SASL request. "
                            "Does server have SASL support enabled?");
            return false;
         }
      

      should rather be:

       if (sasl->step && !inbuflen) {
            bson_set_error (error,
                            MONGOC_ERROR_SASL,
                            MONGOC_ERROR_CLIENT_AUTHENTICATE,
                            "SASL Failure: no data received from SASL request. "
                            "Does server have SASL support enabled?");
            return false;
         }
      

            Assignee:
            jesse@mongodb.com A. Jesse Jiryu Davis
            Reporter:
            anil.kumar Anil Kumar
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: