<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:21:29 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-4635] Speculative authentication state is incorrectly kept</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-4635</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;The topology scanner does not correctly reset authentication status when using speculative authentication. This affects single-threaded mode only, where authentication is done on the monitoring connection, which is also used for data. When resetting auth state, the previous result of a speculative authentication is not cleared. On subsequent handshakes, the previous authentication result is re-used. For SCRAM authentication, the conversation will be continued and will fail due to an outdated result. For X.509 however, the stale result means that the client will incorrectly assume the connection to be authenticated, while the server rejects any commands due to missing authentication.&lt;/p&gt;

&lt;p&gt;The fix should be backported to 1.23 to allow the PHP team to fix this in the current stable release.&lt;/p&gt;</description>
                <environment></environment>
        <key id="2331695">CDRIVER-4635</key>
            <summary>Speculative authentication state is incorrectly kept</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="andreas.braun@mongodb.com">Andreas Braun</assignee>
                                    <reporter username="andreas.braun@mongodb.com">Andreas Braun</reporter>
                        <labels>
                    </labels>
                <created>Thu, 4 May 2023 06:35:11 +0000</created>
                <updated>Sat, 28 Oct 2023 11:27:51 +0000</updated>
                            <resolved>Fri, 5 May 2023 17:57:49 +0000</resolved>
                                    <version>1.23.3</version>
                                    <fixVersion>1.23.4</fixVersion>
                                                        <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="5410856" author="xgen-internal-githook" created="Tue, 9 May 2023 11:16:32 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Jeremy Mikola&apos;, &apos;email&apos;: &apos;jmikola@gmail.com&apos;, &apos;username&apos;: &apos;jmikola&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/PHPC-2218&quot; title=&quot;Speculative authentication state is incorrectly kept&quot; class=&quot;issue-link&quot; data-issue-key=&quot;PHPC-2218&quot;&gt;&lt;del&gt;PHPC-2218&lt;/del&gt;&lt;/a&gt;: Update libmongoc to 1.23.4 (#1419)&lt;/p&gt;

&lt;p&gt;Includes &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-4635&quot; title=&quot;Speculative authentication state is incorrectly kept&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-4635&quot;&gt;&lt;del&gt;CDRIVER-4635&lt;/del&gt;&lt;/a&gt;, which fixes tracking of speculative auth state&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-php-driver/commit/0dd7a669409abc07480d3c265eb6bc3fa1ffa72d&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-php-driver/commit/0dd7a669409abc07480d3c265eb6bc3fa1ffa72d&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5404920" author="xgen-internal-githook" created="Fri, 5 May 2023 17:56:48 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Andreas Braun&apos;, &apos;email&apos;: &apos;alcaeus@users.noreply.github.com&apos;, &apos;username&apos;: &apos;alcaeus&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-4635&quot; title=&quot;Speculative authentication state is incorrectly kept&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-4635&quot;&gt;&lt;del&gt;CDRIVER-4635&lt;/del&gt;&lt;/a&gt; Reset speculative_auth_response when resetting auth state (#1258)&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;&lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-4635&quot; title=&quot;Speculative authentication state is incorrectly kept&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-4635&quot;&gt;&lt;del&gt;CDRIVER-4635&lt;/del&gt;&lt;/a&gt; add regression test&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;reset authentication state before creating stream&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;remove unnecessary state reset in `mongoc_topology_scanner_node_disconnect`&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;`mongoc_topology_scanner_node_disconnect` sets `stream` to NULL. That will result in the stream being recreated and state being reset in `mongoc_topology_scanner_node_setup`&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;skip `/Client/authenticate_cached/client` when using speculativeAuthentication&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;This previously passed because SCRAM would fail speculativeAuthentication and restart the authentication steps. The restart would use the SCRAM cache.&lt;/p&gt;

&lt;p&gt;Now speculativeAuthentication succeeds. speculativeAuthentication in the topology scanner does not use the SCRAM cache (refer: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-3642&quot; title=&quot;Store scram secrets in topology scanner&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-3642&quot;&gt;CDRIVER-3642&lt;/a&gt;). This does not result in the expected error.&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;Reset scram step along with speculative authentication&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;---------&lt;/p&gt;

&lt;p&gt;Co-authored-by: Kevin Albertson &amp;lt;kevin.albertson@mongodb.com&amp;gt;&lt;br/&gt;
Branch: r1.23&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/42a818429d6d586a6abf22367ac6fea1e9ce3f2c&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/42a818429d6d586a6abf22367ac6fea1e9ce3f2c&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5404875" author="xgen-internal-githook" created="Fri, 5 May 2023 17:45:04 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Andreas Braun&apos;, &apos;email&apos;: &apos;alcaeus@users.noreply.github.com&apos;, &apos;username&apos;: &apos;alcaeus&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-4635&quot; title=&quot;Speculative authentication state is incorrectly kept&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-4635&quot;&gt;&lt;del&gt;CDRIVER-4635&lt;/del&gt;&lt;/a&gt; Reset speculative_auth_response when resetting auth state (#1258)&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;&lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-4635&quot; title=&quot;Speculative authentication state is incorrectly kept&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-4635&quot;&gt;&lt;del&gt;CDRIVER-4635&lt;/del&gt;&lt;/a&gt; add regression test&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;reset authentication state before creating stream&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;remove unnecessary state reset in `mongoc_topology_scanner_node_disconnect`&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;`mongoc_topology_scanner_node_disconnect` sets `stream` to NULL. That will result in the stream being recreated and state being reset in `mongoc_topology_scanner_node_setup`&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;skip `/Client/authenticate_cached/client` when using speculativeAuthentication&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;This previously passed because SCRAM would fail speculativeAuthentication and restart the authentication steps. The restart would use the SCRAM cache.&lt;/p&gt;

&lt;p&gt;Now speculativeAuthentication succeeds. speculativeAuthentication in the topology scanner does not use the SCRAM cache (refer: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-3642&quot; title=&quot;Store scram secrets in topology scanner&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-3642&quot;&gt;CDRIVER-3642&lt;/a&gt;). This does not result in the expected error.&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;Reset scram step along with speculative authentication&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;---------&lt;/p&gt;

&lt;p&gt;Co-authored-by: Kevin Albertson &amp;lt;kevin.albertson@mongodb.com&amp;gt;&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/b2afc3d01940b133df1beb05b24c8970c9099df6&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/b2afc3d01940b133df1beb05b24c8970c9099df6&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5399743" author="andreas.braun" created="Thu, 4 May 2023 06:57:34 +0000"  >&lt;p&gt;&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/pull/1258&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/pull/1258&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                                                <inwardlinks description="is depended on by">
                                        <issuelink>
            <issuekey id="2331711">PHPC-2218</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                    <customfield id="customfield_13552" key="com.go2group.jira.plugin.crm:crm_generic_field">
                        <customfieldname>Case</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[[5006R00001sqy1xQAA]]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i1px0w:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>