Uploaded image for project: 'PHP Driver: Extension'
  1. PHP Driver: Extension
  2. PHPC-1022

Sporadic SCRAM-SHA-1 authentication failures due to "storedKey mismatch"

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 1.3.0
    • Fix Version/s: 1.5.0
    • Labels:
      None
    • Environment:
      MongoDB 3.4.9 on Ubuntu 14.04

      Description

      In this thread on mongodb-user, a user reported sporadic authentication failures with SCRAM-SHA-1 in both FPM and CLI environments. The following code is used to connect:

      $sslContext = stream_context_create([
              "ssl" => [
                      "verify_peer" => false,
                      "verify_peer_name" => false,
                      "allow_self_signed" => true,
              ],
      ]);
       
      $this->client = new MongoDB\Client(
              'mongodb://db1:27017,db2:27017,db3:27017/',
              [
                      'username'               => $this->conOpts['username'],
                      'password'               => $this->conOpts['password'],
                      'ssl'                    => true,
                      'replicaSet'             => $this->conOpts['replicaSet'],
                      'authSource'             => $this->conOpts['db'],
              ],
              [
                      'context' => $sslContext,
                      'typeMap' => ['root' => 'array', 'document' => 'array', 'array' => 'array']
              ]
      );
      

      This error only started appearing in PHPC 1.3.0, which leads me to believe it may be related to some change in libmongoc between 1.5.5 (used by PHPC 1.2.x) and 1.8.0 (used by PHPC 1.3.0). It's possible this may be related to SCRAM-SHA-1 caching introduced in fc3ff3b for CDRIVER-2150.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                1 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: