Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-10875

mongo segfaults while authenticating user with x509 and no command line ops specified

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 2.5.2
    • Fix Version/s: 2.5.3
    • Component/s: None
    • Labels:
    • Environment:
      OS X 10.8.5, mongo 2.5.3 and 2.4.5 (built with SSL)
    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      ALL
    • Steps To Reproduce:
      Hide

      I am able to reproduce this with the latest version of mongod on github (2.5.3-pre-) as well as 2.4.5 (must be compiled with SSL).

      # This is how I compiled mongodb
      scons --ssl all

      1. Start up a mongod without any of the options specified on the docs

      ./mongod # no command-line opts

      2. Start up a mongo shell without any of the options given in the above documentation.

      ./mongo # no command line opts

      3. Follow these instructions for adding an x509 subject as a user

      $ mongo --version
      MongoDB shell version: 2.4.5
      $ mongo
      > db.addUser({
          user:"CN=client,OU=kerneluser,O=10Gen,L=New York City,ST=New York,C=US",
          roles:["readAnyDatabase","readWriteAnyDatabase"],
          userSource:"$external"
      });
       
      # or
      $ mongo --version
      MongoDB shell version: 2.5.3-pre-
      $ mongo
      > db.addUser({
          user:"CN=client,OU=kerneluser,O=10Gen,L=New York City,ST=New York,C=US",
          pwd:"anypwd",
          roles:["readWrite","dbAdmin"]
      })

      4. Follow these instructions for attempting to authenticate with a certificate

      > db.getSiblingDB("$external").auth({
          mechanism:"MONGODB-X509",
          user:"CN=client,OU=kerneluser,O=10Gen,L=New York City,ST=New York,C=US"
      });

      The mongo shell will crash after the 4th step

      Show
      I am able to reproduce this with the latest version of mongod on github (2.5.3-pre-) as well as 2.4.5 (must be compiled with SSL). # This is how I compiled mongodb scons --ssl all 1. Start up a mongod without any of the options specified on the docs ./mongod # no command-line opts 2. Start up a mongo shell without any of the options given in the above documentation. ./mongo # no command line opts 3. Follow these instructions for adding an x509 subject as a user $ mongo --version MongoDB shell version: 2.4.5 $ mongo > db.addUser({ user:"CN=client,OU=kerneluser,O=10Gen,L=New York City,ST=New York,C=US", roles:["readAnyDatabase","readWriteAnyDatabase"], userSource:"$external" });   # or $ mongo --version MongoDB shell version: 2.5.3-pre- $ mongo > db.addUser({ user:"CN=client,OU=kerneluser,O=10Gen,L=New York City,ST=New York,C=US", pwd:"anypwd", roles:["readWrite","dbAdmin"] }) 4. Follow these instructions for attempting to authenticate with a certificate > db.getSiblingDB("$external").auth({ mechanism:"MONGODB-X509", user:"CN=client,OU=kerneluser,O=10Gen,L=New York City,ST=New York,C=US" }); The mongo shell will crash after the 4th step

      Description

      mongod will crash with a segmentation fault if you attempt to authenticate a user with x509 through the mongo shell when you haven't specified any SSL command line options.

        Attachments

          Activity

            People

            Assignee:
            andreas.nilsson Andreas Nilsson
            Reporter:
            luke.lovett Luke Lovett
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: