[SERVER-32396] mongo shell failed to connect with 3.6 connection string SRV Created: 19/Dec/17  Updated: 30/Oct/23  Resolved: 20/Dec/17

Status: Closed
Project: Core Server
Component/s: Shell
Affects Version/s: 3.6.0
Fix Version/s: 3.6.2, 3.7.1

Type: Bug Priority: Major - P3
Reporter: Wan Bachtiar Assignee: ADAM Martin (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: PNG File Screen Shot 2017-12-19 at 11.14.56 am.png    
Issue Links:
Backports
Related
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v3.6
Steps To Reproduce:

1. Create/Open MongoDB Atlas Free Tier cluster
2. Go to "Connect with the Mongo Shell" section, and choose "I am using shell 3.6. or later"
3. Paste the mongo shell command.

Sprint: Platforms 2018-01-01
Participants:

 Description   

Failed to connect using mongo shell to MongoDB Atlas (M0 Free Tier) using the new 3.6. connection URI.

Currently in MongoDB Atlas a user is provided with two option to connect, shell 3.6 or later and shell 3.4. or earlier.

Using mongo shell version 3.6.0 and 3.6.1-rc0, returns below:

> mongo "mongodb+srv://servername-nesbp.mongodb.net/test" --authenticationDatabase admin --username <username> --password <password>
MongoDB shell version v3.6.0
connecting to: mongodb+srv://servername-nesbp.mongodb.net/test
2017-12-19T11:12:58.990+1100 I NETWORK  [thread1] Starting new replica set monitor for servername-shard-0/servername-shard-00-00-nesbp.mongodb.net.:27017,servername-shard-00-01-nesbp.mongodb.net.:27017,servername-shard-00-02-nesbp.mongodb.net.:27017
2017-12-19T11:13:01.460+1100 W NETWORK  [thread1] Unable to reach primary for set servername-shard-0
2017-12-19T11:13:01.461+1100 I NETWORK  [thread1] Cannot reach any nodes for set servername-shard-0. Please check network connectivity and the status of the set. This has happened for 1 checks in a row.

Also tried a different format of mongo "mongodb+srv://<username>:<password>@servername-nesbp.mongodb.net/test" --authenticationDatabase admin with no success.

You can observe in the 'starting new replica set monitor' message when using the DNS lookup (3.6 SRV), it returns an extra dot (FQDN). May or may not be related SERVER-31965

However, using the alternative URI version 3.4 or earlier works:

> mongo "mongodb://servername-shard-00-00-nesbp.mongodb.net:27017,servername-shard-00-01-nesbp.mongodb.net:27017,servername-shard-00-02-nesbp.mongodb.net:27017/admin?ssl=true&replicaSet=servername-shard-0" --username <username> --password <password>
MongoDB shell version v3.6.0
connecting to: mongodb://servername-shard-00-00-nesbp.mongodb.net:27017,servername-shard-00-01-nesbp.mongodb.net:27017,servername-shard-00-02-nesbp.mongodb.net:27017/admin?ssl=true&replicaSet=servername-shard-0
2017-12-19T11:19:24.884+1100 I NETWORK  [thread1] Starting new replica set monitor for servername-shard-0/servername-shard-00-00-nesbp.mongodb.net:27017,servername-shard-00-01-nesbp.mongodb.net:27017,servername-shard-00-02-nesbp.mongodb.net:27017
2017-12-19T11:19:26.318+1100 I NETWORK  [ReplicaSetMonitor-TaskExecutor-0] Successfully connected to servername-shard-00-02-nesbp.mongodb.net:27017 (1 connections now open to servername-shard-00-02-nesbp.mongodb.net:27017 with a 5 second timeout)

Testing the same SRV connection using PyMongo v3.6 works fine.

import pymongo 
mongouri = "mongodb+srv://<username>:<password>@servername-nesbp.mongodb.net/test"
client = pymongo.MongoClient(mongouri)
collection = client.test.atlas 
cursor = collection.find()
for doc in cursor: 
    print(doc)

Looking at the Python driver code, it omits the final dot before returning hosts
https://github.com/mongodb/mongo-python-driver/blob/3.6.0/pymongo/uri_parser.py#L290

Compared to mongo shell code:
https://github.com/mongodb/mongo/blob/r3.6.1-rc0/src/mongo/client/mongo_uri.cpp#L378



 Comments   
Comment by Githook User [ 27/Dec/17 ]

Author:

{'email': 'adam.martin@10gen.com', 'username': 'adamlsd', 'name': 'ADAM David Alan Martin'}

Message: SERVER-32396 Do not pass FQDNs to OpenSSL

OpenSSL makes requests with the exact string passed as an SNI. This
should have the trailing dot elided when present in FQDN form.

(cherry picked from commit 149bf3944a6d372e9e7d1c3c16a543fbd3c656f2)
Branch: v3.6
https://github.com/mongodb/mongo/commit/82f5ff1604c33f4040bb40f39159c354c3bde138

Comment by Githook User [ 20/Dec/17 ]

Author:

{'name': 'ADAM David Alan Martin', 'email': 'adam.martin@10gen.com', 'username': 'adamlsd'}

Message: SERVER-32396 Do not pass FQDNs to OpenSSL

OpenSSL makes requests with the exact string passed as an SNI. This
should have the trailing dot elided when present in FQDN form.
Branch: master
https://github.com/mongodb/mongo/commit/149bf3944a6d372e9e7d1c3c16a543fbd3c656f2

Comment by Daniel Pasette (Inactive) [ 19/Dec/17 ]

I can confirm I'm getting the same error from linux on 3.6.0-rc1. Thanks for the detailed report Wan.

Generated at Thu Feb 08 04:30:06 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.