Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-56937

upgradeSet() in multi_rs.js may lose authentication state while upgrading primary

    XMLWordPrintable

    Details

    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      ALL
    • Backport Requested:
      v4.4, v4.2, v4.0
    • Sprint:
      Sharding 2021-05-17
    • Linked BF Score:
      20

      Description

      jstests/multiVersion/libs/multi_rs.js has two distinct issues around authentication:

      1. ReplSetTest.prototype.reconnect() replaces the connection in the nodes array with a new connection. Any non-function properties on the original connection object are copied over to the new connection object. This includes the '_defaultSession' property which is a DriverSession object bound to the original connection object and leads to commands being sent through the original connection object despite methods being called on DB objects from the new connection object.
      2. ReplSetTest.prototype.upgradePrimary() calls waitForState() which internally uses asCluster() on the current primary or first node in the replica set and will run the logout command. This has been addressed on more recent branches via SERVER-53812 by having asCluster() not call authutil.asCluster() when the connection is already authenticated.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              max.hirschhorn Max Hirschhorn
              Reporter:
              max.hirschhorn Max Hirschhorn
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: