Uploaded image for project: 'PHP Driver: Extension'
  1. PHP Driver: Extension
  2. PHPC-1022

Sporadic SCRAM-SHA-1 authentication failures due to "storedKey mismatch"

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • 1.3.0
    • 1.5.0
    • None
    • None
    • MongoDB 3.4.9 on Ubuntu 14.04

    Description

      In this thread on mongodb-user, a user reported sporadic authentication failures with SCRAM-SHA-1 in both FPM and CLI environments. The following code is used to connect:

      $sslContext = stream_context_create([
              "ssl" => [
                      "verify_peer" => false,
                      "verify_peer_name" => false,
                      "allow_self_signed" => true,
              ],
      ]);
       
      $this->client = new MongoDB\Client(
              'mongodb://db1:27017,db2:27017,db3:27017/',
              [
                      'username'               => $this->conOpts['username'],
                      'password'               => $this->conOpts['password'],
                      'ssl'                    => true,
                      'replicaSet'             => $this->conOpts['replicaSet'],
                      'authSource'             => $this->conOpts['db'],
              ],
              [
                      'context' => $sslContext,
                      'typeMap' => ['root' => 'array', 'document' => 'array', 'array' => 'array']
              ]
      );
      

      This error only started appearing in PHPC 1.3.0, which leads me to believe it may be related to some change in libmongoc between 1.5.5 (used by PHPC 1.2.x) and 1.8.0 (used by PHPC 1.3.0). It's possible this may be related to SCRAM-SHA-1 caching introduced in fc3ff3b for CDRIVER-2150.

      Attachments

        Issue Links

          Activity

            People

              jmikola@mongodb.com Jeremy Mikola
              jmikola@mongodb.com Jeremy Mikola
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: