[SERVER-66806] Add the "getnonce" command to the "allowedOpQueryCommands" list Created: 26/May/22  Updated: 26/May/22  Resolved: 26/May/22

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Blocker - P1
Reporter: Edwin Zhou Assignee: Edwin Zhou
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
Related
is related to SERVER-58338 Return an error if client attempts an... Closed
Operating System: ALL
Backport Requested:
v6.0
Sprint: QE 2022-05-30
Participants:

 Description   

SERVER-58338 made a change that causes the server to return an error (through uassert) if the client attempts to run an OP_QUERY other than isMaster/hello. In this case, the client is running getnonce, which is not in the allowed-list defined by SERVER-58338.

This happens as part of parsing the sourced RPC message and causes the server to close the connection: https://github.com/mongodb/mongo/blob/012db1b7bd4aa161368a28ffdc581ebb102e2fbe/src/mongo/transport/service_state_machine.cpp#L298-L299

The class comment for CmdGetNonce suggests to me the appropriate action will be to add the getnonce command to the allowedOpQueryCommands list.


Generated at Thu Feb 08 06:06:28 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.