Uploaded image for project: 'Ruby Driver'
  1. Ruby Driver
  2. RUBY-2055

Driver sends null pwd field in createUser when password is not specified

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor - P4
    • Resolution: Fixed
    • Affects Version/s: 2.10.3
    • Fix Version/s: 2.11.3, 2.10.4, 2.12.0.rc0
    • Component/s: Authentication
    • Labels:
      None
    • Environment:
      Redhat 6.8, Mongodb-enterprise-4.0.14 single server, Ruby 2.1.9

      Description

      I am attempting to write a puppet provider that uses the ruby driver to manage a mongodb single server.  In this specific use case I am trying to create a user entry w/out a pwd field. 

      When I run this code...

      begin
      client = Mongo::Client.new(["#{Facter.value(:hostname)}:#{config['net']['port']}"],
                                                   auth_mech: :mongodb_x509,
                                                   ssl: true,
                                                   ssl_cert: "#{config['net']['ssl']['PEMKeyFile']}",
                                                   ssl_key: "#{config['net']['ssl']['PEMKeyFile']}",
                                                   ssl_ca_cert: "#{config['net']['ssl']['CAFile']}",
                                                   :database => '$external',
                                                   :connect => 'direct')

      client.use(:$external).database.users  #probably redundant
      user = Mongo::Auth::User.new({ :auth_source => '$external',
                                                          :database => '$external',
                                                          :user => 'CN=mike.uber.septim,OU=Mike',
                                                          :auth_mech => :mongodb_x509,
                                                          :roles => [ Mongo::Auth::Roles::READ_WRITE_ANY_DATABASE ]})

      client.database.users.create(user)
      rescue => err
        puts "Security block #{err.message}"
        puts err.backtrace.join("\n")
      ensure
        client.close unless client.nil?
      end

      I get this error...

      D, 2019-12-19T22:12:11.534489 #9631 DEBUG – : MONGODB | EVENT: #<TopologyOpening topology=Unknown[]>
      D, 2019-12-19T22:12:11.534747 #9631 DEBUG – : MONGODB | Topology type 'unknown' initializing.
      D, 2019-12-19T22:12:11.535349 #9631 DEBUG – : MONGODB | EVENT: #<TopologyChanged prev=Unknown[] new=Single[dev16-iop1m:27017]>
      D, 2019-12-19T22:12:11.535482 #9631 DEBUG – : MONGODB | Topology type 'Unknown' changed to type 'Single'.
      D, 2019-12-19T22:12:11.535588 #9631 DEBUG – : MONGODB | EVENT: #<ServerOpening address=dev16-iop1m:27017 topology=Single[dev16-iop1m:27017]>
      D, 2019-12-19T22:12:11.535682 #9631 DEBUG – : MONGODB | Server dev16-iop1m:27017 initializing.
      D, 2019-12-19T22:12:11.634824 #9631 DEBUG – : MONGODB | EVENT: #<ServerDescriptionChanged address=dev16-iop1m:27017 topology=Single[dev16-iop1m:27017] prev=#<Mongo::Server:Description:0x14728760 config={} average_round_trip_time=> new=#<Mongo::Server:Description:0x14619760 config={"hosts"=>["dev16-iop1m.unclass.iesil:27017"], "setName"=>"rs0", "setVersion"=>1, "ismaster"=>true, "secondary"=>false, "primary"=>"dev16-iop1m.unclass.iesil:27017", "me"=>"dev16-iop1m.unclass.iesil:27017", "electionId"=>BSON::ObjectId('7fffffff000000000000001b'), "lastWrite"=>{"opTime"=>

      {"ts"=>#<BSON::Timestamp:0x00000001be38f8 @seconds=1576793526, @increment=1>, "t"=>27}

      , "lastWriteDate"=>2019-12-19 22:12:06 UTC, "majorityOpTime"=>{"ts"=>#<BSON::Timestamp:0x00000001be35d8 @seconds=1576793526, @increment=1>, "t"=>27}, "majorityWriteDate"=>2019-12-19 22:12:06 UTC}, "maxBsonObjectSize"=>16777216, "maxMessageSizeBytes"=>48000000, "maxWriteBatchSize"=>100000, "localTime"=>2019-12-19 22:12:11 UTC, "logicalSessionTimeoutMinutes"=>30, "minWireVersion"=>0, "maxWireVersion"=>7, "readOnly"=>false, "ok"=>1.0, "operationTime"=>#<BSON::Timestamp:0x00000001be2ea8 @seconds=1576793526, @increment=1>, "$clusterTime"=>{"clusterTime"=>#<BSON::Timestamp:0x00000001be2d90 @seconds=1576793526, @increment=1>, "signature"=>

      {"hash"=><BSON::Binary:0x14620040 type=generic data=0xe5618a7f3b0be9b3...>, "keyId"=>6753688068386979841}

      }} average_round_trip_time=0.097861371>>
      D, 2019-12-19T22:12:11.634938 #9631 DEBUG – : MONGODB | Server description for dev16-iop1m:27017 changed from 'unknown' to 'other'.
      D, 2019-12-19T22:12:11.635015 #9631 DEBUG – : MONGODB | EVENT: #<TopologyChanged prev=Single[dev16-iop1m:27017] new=Single[dev16-iop1m:27017]>
      D, 2019-12-19T22:12:11.635048 #9631 DEBUG – : MONGODB | Topology type 'Single' changed to type 'Single'.
      D, 2019-12-19T22:12:11.721086 #9631 DEBUG – : MONGODB | dev16-iop1m:27017 | $external.authenticate | STARTED | {}
      D, 2019-12-19T22:12:11.722648 #9631 DEBUG – : MONGODB | dev16-iop1m:27017 | $external.authenticate | SUCCEEDED | 0.001s
      D, 2019-12-19T22:12:11.723030 #9631 DEBUG – : MONGODB | dev16-iop1m:27017 | $external.createUser | STARTED | {}
      D, 2019-12-19T22:12:11.723565 #9631 DEBUG – : MONGODB | dev16-iop1m:27017 | $external.createUser | FAILED | "pwd" had the wrong type. Expected string, found null (14) | 0.000372697s
      Security block "pwd" had the wrong type. Expected string, found null (14)
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/result.rb:297:in `raise_operation_failure'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/result.rb:268:in `validate!'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/shared/specifiable.rb:574:in `block (2 levels) in validate_result'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/shared/specifiable.rb:587:in `add_error_labels'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/shared/specifiable.rb:573:in `block in validate_result'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/shared/unpinnable.rb:30:in `unpin_maybe'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/shared/specifiable.rb:572:in `validate_result'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/shared/executable.rb:35:in `block in execute'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/shared/executable.rb:34:in `tap'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/shared/executable.rb:34:in `execute'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/operation/shared/op_msg_or_command.rb:27:in `execute'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/auth/user/view.rb:51:in `block in create'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/cluster.rb:679:in `with_session'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/client.rb:813:in `with_session'
      /opt/puppetlabs/puppet/lib/ruby/gems/2.1.0/gems/mongo-2.10.0/lib/mongo/auth/user/view.rb:46:in `create'
      ./mongo-provider.rb:30:in `<main>'
      D, 2019-12-19T22:12:11.724289 #9631 DEBUG – : MONGODB | EVENT: #<ServerClosed address=dev16-iop1m:27017 topology=Single[dev16-iop1m:27017]>
      D, 2019-12-19T22:12:11.724334 #9631 DEBUG – : MONGODB | Server dev16-iop1m:27017 connection closed.
      D, 2019-12-19T22:12:11.724373 #9631 DEBUG – : MONGODB | EVENT: #<TopologyClosed topology=Single[dev16-iop1m:27017]>
      D, 2019-12-19T22:12:11.724403 #9631 DEBUG – : MONGODB | Topology type 'single' closed.

      I have also tried...

      client.use(:$external).database.users 

      client.database.users.create('CN=mike.uber.septim,OU=Mike', :roles => [ Mongo::Auth::Roles::READ_WRITE_ANY_DATABASE ])

      I get the same result as before.

      Is the client.database.users.create() method sending a 'pwd' field by default??

        Attachments

          Activity

            People

            Assignee:
            oleg.pudeyev Oleg Pudeyev
            Reporter:
            zechs195@gmail.com Joseph Haroun
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: