[SERVER-12693] Inserting an invalid doc into new_users and setting authSchemaVersion to 2 makes auth fail after authSchemaUpgrade Created: 12/Feb/14  Updated: 10/Dec/14  Resolved: 26/Feb/14

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Minor - P4
Reporter: Valeri Karpov Assignee: Andy Schwerin
Resolution: Won't Fix Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Operating System: ALL
Steps To Reproduce:

See above. Code available at https://github.com/10gen/QA/blob/master/QA-424/sharded_upgrade_invalid_new_users.js

Participants:

 Description   

See https://github.com/10gen/QA/blob/master/QA-424/sharded_upgrade_invalid_new_users.js

Essentially what this test does is:

1) Set up a 2.4 sharded cluster with 2 users
2) Manually insert a bad document into admin.system.new_users
3) Upgrade to 2.5.x
4) Set authSchema currentVersion to 2
5) Run authSchemaUpgrade

What ends up happening is that the auth schema version is 3, but I'm unable to log in after the upgrade. Any ideas what's going on here?



 Comments   
Comment by Valeri Karpov [ 26/Feb/14 ]

Hi schwerin

Sorry it took me so long to get back to you. At a glance, it looks like everything works just fine if you omit step 4 above. I don't see this as a huge issue because it requires a concerted effort at breaking things, but it may be worth taking a look at.

Comment by Andy Schwerin [ 19/Feb/14 ]

If you'd skipped step 4, valeri.karpov, would you have been able to log in after step 5?

Comment by Spencer Brody (Inactive) [ 19/Feb/14 ]

Assigning to Andy for triage

Comment by Valeri Karpov [ 14/Feb/14 ]

schwerin I'm not logging in after setting currentVersion to 2, I'm logging in after running authSchemaUpgrade with the currentVersion set to 2 with invalid new_users. Do you think its worth adding some validation to scrap invalid new_users? Also, perhaps its worth adding some validation to make sure that all criteria for being in authSchemaVersion=2 are met if you're running an authSchemaUpgradeStep and you see that authSchemaVersion is 2?

Comment by Andy Schwerin [ 12/Feb/14 ]

There's no validation of documents in admin.system.new_users when transferring them to admin.system.users.

I'm surprised you were able to log in after you set currentVersion to 2, since when currentVersion is 2, the contents of new_users are used for access control and authentication.

Generated at Thu Feb 08 03:29:17 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.