Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-46877

saslStart command fails without an error message

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Major - P3 Major - P3
    • None
    • 4.3.4
    • None
    • None
    • ALL
    • v4.4
    • Hide

      Send the following command to a 4.3.4 server:

      {saslStart: 1, '$db' => 'test'}
      
      

      Show
      Send the following command to a 4.3.4 server: {saslStart: 1, '$db' => 'test'}
    • Security 2020-04-06, Security 2020-04-20, Security 2020-05-04, Security 2020-06-01

    Description

      If I issue a saslContinue:1 command on a connection with no fields, the server responds with a failure and provides a message explaining why the command failed:

      irb(main):023:0> a.cluster.next_primary.with_connection { |c| c.dispatch([Mongo::Protocol::Msg.new([], {}, {saslContinue: 1, '$db' => 'test'})])  }
      D, [2020-03-15T18:37:03.610646 #102446] DEBUG -- : MONGODB | [18] localhost:27017 #1 | test.saslContinue | STARTED | {}
      D, [2020-03-15T18:37:03.612064 #102446] DEBUG -- : MONGODB | [18] localhost:27017 | test.saslContinue | FAILED | No SASL session state found (17) | 0.000614045s
      => #<Mongo::Protocol::Msg:0x00005619018332e8 @flags=[], @sections=[{"ok"=>0.0, "errmsg"=>"No SASL session state found", "code"=>17, "codeName"=>"ProtocolError"}]>
      

      If I issue a saslStart:1 command in the same manner, the server responds with a failure but does not provide any diagnostic information:

      irb(main):024:0> a.cluster.next_primary.with_connection { |c| c.dispatch([Mongo::Protocol::Msg.new([], {}, {saslStart: 1, '$db' => 'test'})])  }
      D, [2020-03-15T18:37:08.082373 #102446] DEBUG -- : MONGODB | [19] localhost:27017 #1 | test.saslStart | STARTED | {}
      D, [2020-03-15T18:37:08.084307 #102446] DEBUG -- : MONGODB | [19] localhost:27017 | test.saslStart | FAILED |  () | 0.000454597s
      => #<Mongo::Protocol::Msg:0x0000561901d3c988 @flags=[], @sections=[{"ok"=>0.0, "errmsg"=>""}]>
      

      As far as I can tell there is no output in the server log either as to what might be the problem.

      The lack of diagnostic information makes it very difficult to troubleshoot why authentication is not working (I get the same empty failure response when providing, as far as I can tell, valid data for an aws authentication mechanism).

      Attachments

        Activity

          People

            adam.cooper@mongodb.com Adam Cooper (Inactive)
            oleg.pudeyev@mongodb.com Oleg Pudeyev (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: