Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-14158

ShardingTest and authutil js incorrectly handle keyfile authentication

    XMLWordPrintable

    Details

    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      ALL
    • Sprint:
      Server 2.7.3

      Description

      Based on

      https://github.com/mongodb/mongo/blob/c27e46eceedfd68801ae79af4a5bf87b86a6319d/src/mongo/db/auth/security_key.cpp#L121-L124

      the server strips out all forms of whitespace from keyfiles.

      However, ShardingTest and authutil.asCluster both incorrectly strip only spaces and newlines, instead of everything between 011 and 015, and space (040).

      diff --git a/src/mongo/shell/shardingtest.js b/src/mongo/shell/shardingtest.js
      index 282ccd0..b3c0a11 100644
      --- a/src/mongo/shell/shardingtest.js
      +++ b/src/mongo/shell/shardingtest.js
      @@ -387,7 +387,7 @@ ShardingTest = function( testName , numShards , verboseLevel , numMongos , other
                   authutil.assertAuthenticate(this._mongos, 'admin', {
                       user: '__system',
                       mechanism: 'MONGODB-CR',
      -                pwd: cat(keyFile).replace(/[ \n]/g, '')
      +                pwd: cat(keyFile).replace(/[\011-\015\040]/g, '')
                   });
       
                   try {
      diff --git a/src/mongo/shell/utils_auth.js b/src/mongo/shell/utils_auth.js
      index 67e44d1..ff8f154 100644
      --- a/src/mongo/shell/utils_auth.js
      +++ b/src/mongo/shell/utils_auth.js
      @@ -72,7 +72,7 @@ var authutil;
               authutil.assertAuthenticate(conn, 'local', {
                   user: '__system',
                   mechanism: 'MONGODB-CR',
      -            pwd: cat(keyfile).replace(/[ \n]/g, '')
      +            pwd: cat(keyfile).replace(/[\011-\015\040]/g, '')
               });
       
               try {

        Attachments

          Activity

            People

            Assignee:
            matt.kangas Matt Kangas
            Reporter:
            kevin.pulo Kevin Pulo
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: