[SERVER-28997] Limit SCRAM-SHA-1 Cache's use of Secure Memory Created: 27/Apr/17 Updated: 30/Oct/23 Resolved: 16/May/17 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Internal Code, Security |
| Affects Version/s: | 3.4.4 |
| Fix Version/s: | 3.2.16, 3.4.6, 3.5.8 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Spencer Jackson | Assignee: | Spencer Jackson |
| Resolution: | Fixed | Votes: | 1 |
| Labels: | bkp | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||||||||||
| Operating System: | ALL | ||||||||||||||||||||||||
| Backport Requested: |
v3.4, v3.2
|
||||||||||||||||||||||||
| Sprint: | Platforms 2017-05-08, Platforms 2017-05-29 | ||||||||||||||||||||||||
| Participants: | |||||||||||||||||||||||||
| Case: | (copied to CRM) | ||||||||||||||||||||||||
| Description |
|
SaslSCRAMSHA1ClientConversations have a SCRAMSecrets which they 'll pull out of the cache. SCRAMSecrets allocate secure storage in their default constructor, so they may be populated. Instead, SaslSCRAMSHA1ClientConversation and the cache should store shared_ptrs to SCRAMSecret. |
| Comments |
| Comment by Githook User [ 11/Jul/17 ] |
|
Author: {u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}Message: (cherry picked from commit 7ca9cebf2623865fd0077f90baf61132d866a674) |
| Comment by Githook User [ 19/Jun/17 ] |
|
Author: {u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}Message: (cherry picked from commit 7ca9cebf2623865fd0077f90baf61132d866a674) |
| Comment by Spencer Jackson [ 13/Jun/17 ] |
|
victorgp Yes, this ticket will be backported to 3.4. |
| Comment by VictorGP [ 12/Jun/17 ] |
|
Is there any chance we will get the backport for 3.4 version? We, at ThousandEyes, are affected by this issue |
| Comment by Githook User [ 16/May/17 ] |
|
Author: {u'username': u'spencerjackson', u'name': u'Spencer Jackson', u'email': u'spencer.jackson@mongodb.com'}Message: |