Uploaded image for project: 'Drivers'
  1. Drivers
  2. DRIVERS-466

Handshake changes for SDAM and Auth

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Fixed
    • Icon: Major - P3 Major - P3
    • None
    • None
    • None
    • Needed
    • $i18n.getText("admin.common.words.hide")
      Key Status/Resolution FixVersion
      NODE-1394 Done
      SCALA-389 Done 2.4.0
      PYTHON-1514 Duplicate
      CSHARP-2231 Fixed 2.8.0
      PERL-881 Won't Fix
      RUBY-1319 Fixed 2.7.0.rc0
      JAVA-2824 Fixed 3.8.0
      CXX-1541 Fixed 3.4.0
      PHPC-1153 Fixed 1.5.0
      MOTOR-210 Fixed 2.0
      GODRIVER-322 Works as Designed
      CDRIVER-2579 Fixed 1.11.0
      RUST-78 Fixed 0.9.0-alpha
      SWIFT-432 Done
      $i18n.getText("admin.common.words.show")
      #scriptField, #scriptField *{ border: 1px solid black; } #scriptField{ border-collapse: collapse; } #scriptField td { text-align: center; /* Center-align text in table cells */ } #scriptField td.key { text-align: left; /* Left-align text in the Key column */ } #scriptField a { text-decoration: none; /* Remove underlines from links */ border: none; /* Remove border from links */ } /* Add green background color to cells with FixVersion */ #scriptField td.hasFixVersion { background-color: #00FF00; /* Green color code */ } /* Center-align the first row headers */ #scriptField th { text-align: center; } Key Status/Resolution FixVersion NODE-1394 Done SCALA-389 Done 2.4.0 PYTHON-1514 Duplicate CSHARP-2231 Fixed 2.8.0 PERL-881 Won't Fix RUBY-1319 Fixed 2.7.0.rc0 JAVA-2824 Fixed 3.8.0 CXX-1541 Fixed 3.4.0 PHPC-1153 Fixed 1.5.0 MOTOR-210 Fixed 2.0 GODRIVER-322 Works as Designed CDRIVER-2579 Fixed 1.11.0 RUST-78 Fixed 0.9.0-alpha SWIFT-432 Done

    Description

      tl;dr:

      • Monitoring-only sockets must not send SCRAM mechanism negotiation in isMaster and must not authenticate at all.
      • Non-monitoring sockets (e.g. connection pool or single-threaded client) do a "normal" handshake and authenticate if there are credentials.
      • An authentication error on a socket must close all (and only) non-monitoring sockets to the same server.

      Possible backward breaking change:

      • Some drivers were resetting a server's topology description to Unknown on an authentication error and should stop doing so. This means the topology will always be "correct" even when authentication fails.
      • It will no longer be possible for authentication errors to be masked as server selection errors.

      Detailed changes:

      Attachments

        Activity

          People

            Unassigned Unassigned
            david.golden@mongodb.com David Golden
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: