[SERVER-78193] setParameter ldapForceMultiThreadMode is not respected Created: 16/Jun/23  Updated: 06/Feb/24  Resolved: 24/Jul/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: 6.0.6
Fix Version/s: 7.0.6, 6.0.14

Type: Bug Priority: Major - P3
Reporter: Spencer Jackson Assignee: Backlog - Security Team
Resolution: Duplicate Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Duplicate
duplicates SERVER-78188 Permit default use of multithreaded L... Closed
Problem/Incident
is caused by SERVER-56617 Reconsider advice to switch to the li... Closed
Related
Assigned Teams:
Server Security
Operating System: ALL
Backport Requested:
v7.0, v6.0
Steps To Reproduce:

1) Spawn a mongod on RHEL 8, enabling LDAP using libldap.so, and enabling ldapForceMultiThreadMode and ldapUseConnectionPool.
2) Authenticate to the mongod using PLAIN
3) Check that the numbers returned by db.serverStatus().ldapConnPool are greater than zero

Participants:
Case:

 Description   

Prior to SERVER-56617, LDAPConnectionFactory::create would create a pooled connection if isNativeImplThreadSafe is true. This would be true if OpenLDAPConnection::isThreadSafe(). This would be true if ldapForceMultiThreadMode had been enabled.

Now LDAPConnectionFactory::create creates a pooled connection if isNativeImplPoolingSafe() is true. isNativeImplPoolingSafe() is true if the new library traits system says the underlying LDAP library is poolingSafe. It does not consider if ldapForceMultiThreadMode is enabled.



 Comments   
Comment by Varun Ravichandran [ 24/Jul/23 ]

The fix for this ticket was rolled into the PR for SERVER-78188.

Generated at Thu Feb 08 06:37:42 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.