Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-65832

Block mongod's CompactStructuredEncryptionData on shard server

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None
    • 6.0.0-rc5, 6.1.0-rc0
    • None
    • None
    • Fully Compatible
    • ALL
    • v6.0
    • Security 2022-05-02, Security 2022-05-16

    Description

      There are two implementations of CompactStructuredEncryptionData. One for sharded clusters and one for just replica sets. The replica set version (src/mongo/db/commands/fle2_compact_cmd.cpp) should not be run in a sharded cluster. If a client were to directly connect to a shard server, the command should error saying they should run the command through mongos.

      There are two methods we can use to check if we are shard svr instead of just a replica set. The method `ShardingState::get(opCtx)->enabled() ` should be a sufficient check.

      Reference:
      https://github.com/mongodb/mongo/blob/d84c2eff3e5bd195caadf8b202c736ae69e5735e/src/mongo/db/s/sharding_state.h#L77-L93

      Attachments

        Activity

          People

            mark.benvenuto@mongodb.com Mark Benvenuto
            mark.benvenuto@mongodb.com Mark Benvenuto
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: