[CXX-124] The client auth code should make sure there are no invalid entries in the auth BSON document Created: 07/Mar/14 Updated: 19/May/14 Resolved: 19/May/14 |
|
| Status: | Closed |
| Project: | C++ Driver |
| Component/s: | Implementation |
| Affects Version/s: | legacy-0.0-26compat-2.6.0-rc1 |
| Fix Version/s: | legacy-0.9.0 |
| Type: | Bug | Priority: | Trivial - P5 |
| Reporter: | Kaloian Manassiev | Assignee: | Mira Carey |
| Resolution: | Won't Fix | Votes: | 0 |
| Labels: | legacy-cxx | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Windows 8.1 |
||
| Description |
|
DBClientConnection::auth and sub-calls should ensure that the authentication parameters BSON does not contain invalid entries. For example, the password entry below is incorrect, but the client will not report any error and just proceed as if no password was specified.
|
| Comments |
| Comment by Tyler Brock [ 19/May/14 ] |
|
strict set verification for bson object keys in bson accepting apis isn't consistent with the rest of our api and fuzzy matching for possible keys isn't a reasonable api. Elsewhere we like have functions that can accept a set of keys in the existing rev, without breaking on possibly new keys in later versions, let's stick with that and not fix this. |
| Comment by Mira Carey [ 13/Mar/14 ] |
|
Kicking this to 0.9 as a possible feature enhancement given the easy workaround (provide valid auth parameters) and the change in semantics (loose -> strict parameter checking). |