<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:58:00 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[JAVA-2763] SCRAM-SHA-1 authenticator preps user name incorrectly</title>
                <link>https://jira.mongodb.org/browse/JAVA-2763</link>
                <project id="10006" key="JAVA">Java Driver</project>
                    <description>&lt;p&gt;The &lt;a href=&quot;https://tools.ietf.org/html/rfc5802&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;SCRAM SASL RFC&lt;/a&gt; states that&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;The characters &apos;,&apos; or &apos;=&apos; in usernames are sent as &apos;=2C&apos; and &apos;=3D&apos; respectively.  If the server receives a username that contains &apos;=&apos; not followed by either &apos;2C&apos; or &apos;3D&apos;, then the server MUST fail the authentication.&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;The driver incorrectly uses &lt;tt&gt;=2D&lt;/tt&gt; instead of &lt;tt&gt;=2C&lt;/tt&gt;&lt;/p&gt;</description>
                <environment></environment>
        <key id="490544">JAVA-2763</key>
            <summary>SCRAM-SHA-1 authenticator preps user name incorrectly</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="4" iconUrl="https://jira.mongodb.org/images/icons/priorities/minor.svg">Minor - P4</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="jeff.yemin@mongodb.com">Jeffrey Yemin</assignee>
                                    <reporter username="jeff.yemin@mongodb.com">Jeffrey Yemin</reporter>
                        <labels>
                    </labels>
                <created>Wed, 31 Jan 2018 23:36:50 +0000</created>
                <updated>Sat, 28 Oct 2023 11:22:58 +0000</updated>
                            <resolved>Fri, 2 Feb 2018 14:36:31 +0000</resolved>
                                    <version>3.0.0</version>
                                    <fixVersion>3.6.2</fixVersion>
                                    <component>Security</component>
                                        <votes>0</votes>
                                    <watches>1</watches>
                                                                                                                <comments>
                            <comment id="1793111" author="xgen-internal-githook" created="Fri, 2 Feb 2018 14:36:01 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;email&apos;: &apos;jeff.yemin@10gen.com&apos;, &apos;name&apos;: &apos;Jeff Yemin&apos;, &apos;username&apos;: &apos;jyemin&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/JAVA-2763&quot; title=&quot;SCRAM-SHA-1 authenticator preps user name incorrectly&quot; class=&quot;issue-link&quot; data-issue-key=&quot;JAVA-2763&quot;&gt;&lt;del&gt;JAVA-2763&lt;/del&gt;&lt;/a&gt;: For SCRAM-SHA-1, test user name prepping required by RFC 5802 by adding a comma and equal sign to the user name&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-java-driver/commit/5be570d1d8a2a91cb47479c61eaaa648ae7d03ae&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-java-driver/commit/5be570d1d8a2a91cb47479c61eaaa648ae7d03ae&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1793110" author="xgen-internal-githook" created="Fri, 2 Feb 2018 14:35:59 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;email&apos;: &apos;brendan@jsonar.com&apos;, &apos;name&apos;: &apos;Brendan Chung&apos;, &apos;username&apos;: &apos;brendanJsonar&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/JAVA-2763&quot; title=&quot;SCRAM-SHA-1 authenticator preps user name incorrectly&quot; class=&quot;issue-link&quot; data-issue-key=&quot;JAVA-2763&quot;&gt;&lt;del&gt;JAVA-2763&lt;/del&gt;&lt;/a&gt;: Replace &apos;,&apos; (comma) with =2C instead of =2D in username for SCRAM-SHA-1 authentication&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-java-driver/commit/1a6a2f3b42ef3e00a0e1cbaece9b8f4fecaf3899&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-java-driver/commit/1a6a2f3b42ef3e00a0e1cbaece9b8f4fecaf3899&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1793106" author="xgen-internal-githook" created="Fri, 2 Feb 2018 14:33:49 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;email&apos;: &apos;jeff.yemin@10gen.com&apos;, &apos;name&apos;: &apos;Jeff Yemin&apos;, &apos;username&apos;: &apos;jyemin&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/JAVA-2763&quot; title=&quot;SCRAM-SHA-1 authenticator preps user name incorrectly&quot; class=&quot;issue-link&quot; data-issue-key=&quot;JAVA-2763&quot;&gt;&lt;del&gt;JAVA-2763&lt;/del&gt;&lt;/a&gt;: For SCRAM-SHA-1, test user name prepping required by RFC 5802 by adding a comma and equal sign to the user name&lt;br/&gt;
Branch: 3.6.x&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-java-driver/commit/b031f9c78e720a642864e42b9b075914e42a9f0c&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-java-driver/commit/b031f9c78e720a642864e42b9b075914e42a9f0c&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1793105" author="xgen-internal-githook" created="Fri, 2 Feb 2018 14:33:46 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;email&apos;: &apos;brendan@jsonar.com&apos;, &apos;name&apos;: &apos;Brendan Chung&apos;, &apos;username&apos;: &apos;brendanJsonar&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/JAVA-2763&quot; title=&quot;SCRAM-SHA-1 authenticator preps user name incorrectly&quot; class=&quot;issue-link&quot; data-issue-key=&quot;JAVA-2763&quot;&gt;&lt;del&gt;JAVA-2763&lt;/del&gt;&lt;/a&gt;: Replace &apos;,&apos; (comma) with =2C instead of =2D in username for SCRAM-SHA-1 authentication&lt;br/&gt;
Branch: 3.6.x&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-java-driver/commit/ea7da88787f39939a412fa0a1122984bc32c37dc&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-java-driver/commit/ea7da88787f39939a412fa0a1122984bc32c37dc&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1791703" author="jeff.yemin" created="Thu, 1 Feb 2018 14:25:08 +0000"  >&lt;p&gt;Thanks to Brendan who pointed it out in this pull request: &lt;a href=&quot;https://github.com/mongodb/mongo-java-driver/pull/447&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-java-driver/pull/447&lt;/a&gt;.&lt;/p&gt;</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|htgtwv:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>