<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 05:46:18 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-59085] Remove _isSelf/saslStart/saslContinue/buildinfo/authenticate from allowlist for OP_QUERY commands</title>
                <link>https://jira.mongodb.org/browse/SERVER-59085</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;At the very late stage of PM-912 project, we realized that repl code is sending _isSelf/saslStart/saslContinue as OP_QUERY commands (see&#160;&lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-58338&quot; title=&quot;Return an error if client attempts an OP_QUERY command other than isMaster/hello&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-58338&quot;&gt;&lt;del&gt;SERVER-58338&lt;/del&gt;&lt;/a&gt;)&#160;and some drivers are still using saslStart/saslContinue/buildinfo/authenticate OP_QUERY commands as part of connection handshake (see&#160;&lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-59069&quot; title=&quot;Add buildinfo to list of commands that can be executed with OP_QUERY&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-59069&quot;&gt;&lt;del&gt;SERVER-59069&lt;/del&gt;&lt;/a&gt;). Unfortunately, we could not change existing code and decided to allow those OP_QUERY commands.&lt;/p&gt;

&lt;p&gt;We should remove _isSelf/saslStart/saslContinue/buildinfo/authenticate OP_QUERY commands from allowlist for the v6.0 release. To remove saslStart/saslContinue/buildinfo/authenticate, we may need to coordinate the efforts with drivers team since some drivers are using them.&lt;/p&gt;</description>
                <environment></environment>
        <key id="1840280">SERVER-59085</key>
            <summary>Remove _isSelf/saslStart/saslContinue/buildinfo/authenticate from allowlist for OP_QUERY commands</summary>
                <type id="3" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14718&amp;avatarType=issuetype">Task</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="10038" iconUrl="https://jira.mongodb.org/images/icons/subtask.gif" description="">Backlog</status>
                    <statusCategory id="2" key="new" colorName="default"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="backlog-query-execution">Backlog - Query Execution</assignee>
                                    <reporter username="yoonsoo.kim@mongodb.com">Yoon Soo Kim</reporter>
                        <labels>
                    </labels>
                <created>Tue, 3 Aug 2021 22:21:34 +0000</created>
                <updated>Wed, 22 Nov 2023 13:08:31 +0000</updated>
                                                                                                <votes>0</votes>
                                    <watches>5</watches>
                                                                                                                <comments>
                            <comment id="5420741" author="david.storch" created="Fri, 12 May 2023 14:42:11 +0000"  >&lt;p&gt;I noticed that this was marked with a &quot;7.0 Desired&quot; fixVersion, but there are no plans for it to go into 7.0. Marking this for re-triage. We could choose to just close it or to work with drivers to figure out a safe plan for making this change that wouldn&apos;t affect users (unless perhaps they were using extremely old driver versions).&lt;/p&gt;</comment>
                            <comment id="4318154" author="jeff.yemin" created="Thu, 27 Jan 2022 14:20:16 +0000"  >&lt;p&gt;I recommend that we defer this work until API Version &quot;2&quot; due to a few facts on the ground:&lt;/p&gt;

&lt;ol&gt;
	&lt;li&gt;Drivers release with API version &quot;1&quot; support rely on the current behavior, and we have been sending the message that as of those releases, it&apos;s not necessary to upgrade to latest drivers when upgrading the server, since both support API version &quot;1&quot;&lt;/li&gt;
	&lt;li&gt;Even with strict mode enabled for API version &quot;1&quot;, the server does not reject OP_QUERY messages for these commands.  While this may have been an oversight (and one that would have caught this problem in drivers sooner), it means that even applications that specify strict mode for API version &quot;1&quot; would not be compatible with a future server release that implemented this ticket, unless they also upgrade their driver.&lt;/li&gt;
&lt;/ol&gt;
</comment>
                            <comment id="4315220" author="david.storch" created="Wed, 26 Jan 2022 14:10:36 +0000"  >&lt;p&gt;I&apos;m marking this ticket to be re-triaged. We should not do this in 6.0 so that pre-existing drivers which use OP_QUERY to authenticate will keep working with a 6.0 server. However, we should consider doing this in some future release where the server need not be compatible with such older drivers.&lt;/p&gt;</comment>
                            <comment id="3992882" author="JIRAUSER1258488" created="Tue, 10 Aug 2021 17:09:01 +0000"  >&lt;p&gt;Would it be possible to try OP_MSG-based connection handshake first and if it fails, we fall back to OP_QUERY-based connection handshake? Do we know the percentage of 3.4 and older servers?&lt;/p&gt;</comment>
                            <comment id="3991968" author="david.storch" created="Tue, 10 Aug 2021 11:48:08 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=ethan.zhang&quot; class=&quot;user-hover&quot; rel=&quot;ethan.zhang&quot;&gt;ethan.zhang&lt;/a&gt; I don&apos;t think it&apos;s worth filing a follow-up project. We&apos;ve achieved the most of the code simplifications that we set out to do. The remaining work which we&apos;ve chosen to cut is quite minor, with the exception of &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-58491&quot; title=&quot;Consolidate the C++ native cursor implementation with the DBCommandCursor-based one in the shell js&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-58491&quot;&gt;SERVER-58491&lt;/a&gt;. The remaining work can be scheduled via quick wins, neweng, or simply not scheduled at all.&lt;/p&gt;

&lt;p&gt;This particular ticket is in a different category because it cannot be done for correctness reasons at least until at least after releasing the 6.0 LTS release.&lt;/p&gt;</comment>
                            <comment id="3991591" author="JIRAUSER1257640" created="Tue, 10 Aug 2021 06:10:43 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=david.storch&quot; class=&quot;user-hover&quot; rel=&quot;david.storch&quot;&gt;david.storch&lt;/a&gt;&#160;Now seeing this and some other tickets being removed from PM-912 I start to think maybe we should create another PM ticket to group them together. Like a follow-up project. Do you think that makes sense? Or I can see them go to the quick win epic as well.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                                                <inwardlinks description="is depended on by">
                                                        </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                                        </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>6.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                <customfield id="customfield_12751" key="com.atlassian.jira.plugin.system.customfieldtypes:multiselect">
                        <customfieldname>Assigned Teams</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="25125"><![CDATA[Query Execution]]></customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10012"><![CDATA[Major Change]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 3 Aug 2021 23:54:13 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        38 weeks, 5 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_17052" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>Downstream Changes Summary</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>When this is done, any driver that uses OP_QUERY for the entire handshake, instead of switching to OP_MSG after receiving a hello/ismaster reply indicating a 3.6+ wire version, will fail to connect.</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_17050" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Downstream Team Attention</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="16942"><![CDATA[Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>jeff.yemin@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            38 weeks, 5 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>backlog-query-execution</customfieldvalue>
            <customfieldvalue>david.storch@mongodb.com</customfieldvalue>
            <customfieldvalue>ethan.zhang@mongodb.com</customfieldvalue>
            <customfieldvalue>jeff.yemin@mongodb.com</customfieldvalue>
            <customfieldvalue>yoonsoo.kim@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hzvwjr:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hr2607:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_17051" key="com.atlassian.jira.plugin.system.customfieldtypes:multicheckboxes">
                        <customfieldname>Teams Impacted</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="16945"><![CDATA[Drivers]]></customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hzvisv:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>