<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:16:55 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-3012] Authentication attempted after parsing empty username in URI</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-3012</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;In &lt;a href=&quot;https://github.com/mongodb/mongo-php-driver/issues/966#issuecomment-471700182&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;mongodb/mongo-php-driver#966&lt;/a&gt;, a user attempted to connect to the database with the following connection string:&lt;/p&gt;

&lt;p/&gt;
&lt;div id=&quot;syntaxplugin&quot; class=&quot;syntaxplugin&quot; style=&quot;border: 1px dashed #bbb; border-radius: 5px !important; overflow: auto; max-height: 30em;&quot;&gt;
&lt;table cellspacing=&quot;0&quot; cellpadding=&quot;0&quot; border=&quot;0&quot; width=&quot;100%&quot; style=&quot;font-size: 1em; line-height: 1.4em !important; font-weight: normal; font-style: normal; color: black;&quot;&gt;
		&lt;tbody &gt;
				&lt;tr id=&quot;syntaxplugin_code_and_gutter&quot;&gt;
						&lt;td  style=&quot; line-height: 1.4em !important; padding: 0em; vertical-align: top;&quot;&gt;
					&lt;pre style=&quot;font-size: 1em; margin: 0 10px;  margin-top: 10px;   margin-bottom: 10px;  width: auto; padding: 0;&quot;&gt;&lt;span style=&quot;color: black; font-family: &apos;Consolas&apos;, &apos;Bitstream Vera Sans Mono&apos;, &apos;Courier New&apos;, Courier, monospace !important;&quot;&gt;mongodb://@localhost:27017&lt;/span&gt;&lt;/pre&gt;
			&lt;/td&gt;
		&lt;/tr&gt;
			&lt;/tbody&gt;
&lt;/table&gt;
&lt;/div&gt;
&lt;p/&gt;

&lt;p&gt;I believe &lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/blob/1.13.0/src/libmongoc/src/mongoc/mongoc-uri.c#L1033&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;&lt;tt&gt;mongoc_uri_parse_before_slash()&lt;/tt&gt;&lt;/a&gt; parsed this string and yielded an empty string for the &lt;tt&gt;username&lt;/tt&gt; and a null &lt;tt&gt;password&lt;/tt&gt;. As a result, &lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/blob/1.13.0/src/libmongoc/src/mongoc/mongoc-cluster.c#L2024&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;&lt;tt&gt;mongoc_cluster_init()&lt;/tt&gt;&lt;/a&gt; later decided that authentication was required due to a non-null username (no auth source was specified). This led to a very cryptic &quot;Authentication failed.&quot; error message from the server. I assume the &quot;@&quot; was a typo, as the user originally reported that they were not using authentication.&lt;/p&gt;

&lt;p&gt;I&apos;m not sure if there is any valid use case where an empty username would be accepted by the server. If not, perhaps we can consider adding some validation around this to raise a client-side error during URI parsing &amp;#8211; or at least not decide to require auth if &lt;tt&gt;username&lt;/tt&gt; is an empty string.&lt;/p&gt;
</description>
                <environment></environment>
        <key id="714912">CDRIVER-3012</key>
            <summary>Authentication attempted after parsing empty username in URI</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="4" iconUrl="https://jira.mongodb.org/images/icons/priorities/minor.svg">Minor - P4</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="haris.sheikh@mongodb.com">Haris Sheikh</assignee>
                                    <reporter username="jmikola@mongodb.com">Jeremy Mikola</reporter>
                        <labels>
                    </labels>
                <created>Mon, 11 Mar 2019 20:10:04 +0000</created>
                <updated>Sat, 28 Oct 2023 11:29:22 +0000</updated>
                            <resolved>Mon, 17 Jun 2019 14:28:05 +0000</resolved>
                                                    <fixVersion>1.15.0</fixVersion>
                                    <component>auth</component>
                    <component>libmongoc</component>
                    <component>uri</component>
                                        <votes>0</votes>
                                    <watches>1</watches>
                                                                                                                <comments>
                            <comment id="2285623" author="xgen-internal-githook" created="Fri, 14 Jun 2019 18:22:06 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Haris Sheikh&apos;, &apos;email&apos;: &apos;harissheikh@Hariss-MacBook-Pro.local&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-3012&quot; title=&quot;Authentication attempted after parsing empty username in URI&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-3012&quot;&gt;&lt;del&gt;CDRIVER-3012&lt;/del&gt;&lt;/a&gt; updated uri functions to not accept the empty string as a username&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/ef2a50a71482318861d35efe59317d47dd53ceef&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/ef2a50a71482318861d35efe59317d47dd53ceef&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                                                <inwardlinks description="is depended on by">
                                        <issuelink>
            <issuekey id="714917">PHPC-1346</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|htrnin:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>