Details
-
Bug
-
Resolution: Fixed
-
Major - P3
-
4.0.0, 4.0.3, 4.1.3
-
None
-
Fully Compatible
-
ALL
-
v4.0
-
Security 2018-11-05, Security 2018-11-19, Security 2018-12-03
Description
The ServerMechanismBase class has isDone method. Comment in the source code of this method say:
/** |
* Returns true if the conversation has completed.
|
* Note that this does not mean authentication succeeded!
|
* An error may have occurred.
|
*/ |
The problem is that if SASL error occurs isDone will never return true because of this code in ServerMechanismBase::step:
auto result = stepImpl(opCtx, input);
|
if (result.isOK()) { |
bool isDone;
|
std::string responseMessage;
|
std::tie(isDone, responseMessage) = result.getValue();
|
_done = isDone;
|
return responseMessage; |
}
|
As you can see _done variable is only assigned if step's result is OK.
This bug affects AuthenticationSession's lifecycle management implemented in CmdSaslStart::run and CmdSaslContinue::run methods. In case of authentication error (for example in case of the wrong password) those methods fail to destroy current client's AuthenticationSession instance because mechanism.isDone() returns false.
Attachments
Issue Links
- is duplicated by
-
SERVER-38403 Could not create audit log for invalid login in MongoDB 4.0.4
-
- Closed
-