Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-31965

Mongo Shell does not handle FQDN from SRV target values correctly

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Critical - P2 Critical - P2
    • 3.6.0-rc7, 3.7.1
    • Affects Version/s: None
    • Component/s: Shell
    • Labels:
    • Fully Compatible
    • ALL
    • v3.6
    • Platforms 2017-12-04

      As part of CLOUDP-25143, I am adding SRV support to Atlas. When creating an SRV record on AWS Route 53, the record looks as follows:

      marko$ dig SRV _mongodb._tcp.marko-40x3z.mmscloudteam.com
      ; <<>> DiG 9.8.3-P1 <<>> SRV _mongodb._tcp.marko-40x3z.mmscloudteam.com
      ;; global options: +cmd
      ;; Got answer:
      ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19290
      ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
      ;_mongodb._tcp.marko-40x3z.mmscloudteam.com. IN SRV
      _mongodb._tcp.marko-40x3z.mmscloudteam.com. 59 IN SRV 0 0 27017 marko-shard-00-00-40x3z.mmscloudteam.com.
      _mongodb._tcp.marko-40x3z.mmscloudteam.com. 59 IN SRV 0 0 27017 marko-shard-00-01-40x3z.mmscloudteam.com.
      _mongodb._tcp.marko-40x3z.mmscloudteam.com. 59 IN SRV 0 0 27017 marko-shard-00-02-40x3z.mmscloudteam.com.
      _mongodb._tcp.marko-40x3z.mmscloudteam.com. 59 IN SRV 0 0 27017 marko-shard-00-03-40x3z.mmscloudteam.com.

      When the shell builds the URI connection string from the target values of the SRV record, it appears as if it is not accounting for the trailing dot from the fully qualified domain names in the target DNS records:

      marko$ ./mongo "mongodb+srv://marko-40x3z.mmscloudteam.com/test" --username marko --password 
      MongoDB shell version v3.6.0-rc3
      Enter password: 
      connecting to: mongodb+srv://marko-40x3z.mmscloudteam.com/test
      2017-11-14T11:55:57.657-0500 I NETWORK  [thread1] Starting new replica set monitor for marko-shard-0/marko-shard-00-00-40x3z.mmscloudteam.com.:27017,marko-shard-00-01-40x3z.mmscloudteam.com.:27017,marko-shard-00-02-40x3z.mmscloudteam.com.:27017,marko-shard-00-03-40x3z.mmscloudteam.com.:27017                                                                     
      2017-11-14T11:55:57.820-0500 E NETWORK  [ReplicaSetMonitor-TaskExecutor-0] The server certificate does not match the host name. Hostname: marko-shard-00-03-40x3z.mmscloudteam.com. does not match SAN(s): *.mmscloudteam.com mmscloudteam.com 

      We should remove the trailing dot from fully qualified domain names when parsing the target values for the DNS records.

            adam.martin@mongodb.com ADAM Martin (Inactive)
            marko.vojvodic@mongodb.com Marko Vojvodic
            0 Vote for this issue
            13 Start watching this issue