Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(NODE-6407): use conversationId returned from server in saslContinue #4368

Open
wants to merge 12 commits into
base: main
Choose a base branch
from
Open

fix(NODE-6407): use conversationId returned from server in saslContinue #4368

wants to merge 12 commits into from
+76 −1

Conversation

W-A-James
Copy link
Contributor

@W-A-James W-A-James commented Jan 14, 2025
edited by dariakp
Loading

Description (copied from #4258)

MONGODB-AWS authentication mechanism should follow SASL spec. Current implementation ignores the conversationId sent by the server and uses a hardcoded integer for all saslContinue messages across all conversations.

What is changing?

  • Changing the hardcoded integer for conversationId to utilize the one that gets returned in the saslStart response.
  • Add integration test to verify that saslContinue uses the conversationId returned by saslStart
Is there new documentation needed for these changes?

No. This change brings the implementation to spec.

What is the motivation for this change?

This is a bug. MONGODB-AWS authentication failed on database emulating MongoDB.

Release Highlight

MONGODB-AWS authentication mechanism will now use the conversationId sent by the server

Important

This bug never impacted genuine MongoDB connectivity to Atlas, Enterprise or Community.

AWS IAM authentication has been supported since MongoDB 4.4, and could be used successfully from the Node.js driver's MONGODB-AWS SASL implementation. Unofficial implementations of MongoDB, however, failed when trying to use this authentication mechanism as the conversationId was hardcoded by the driver instead of using the value returned by the server.
Thanks to @kggau for contributing this fix!

Double check the following

  • Ran npm run check:lint script
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: type(NODE-xxxx)[!]: description
    • Example: feat(NODE-1234)!: rewriting everything in coffeescript
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@W-A-James W-A-James mentioned this pull request Jan 14, 2025
Merged
5 tasks
@W-A-James W-A-James marked this pull request as ready for review January 23, 2025 22:03
@baileympearson baileympearson self-assigned this Jan 23, 2025
@baileympearson baileympearson added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Jan 23, 2025
baileympearson
baileympearson previously approved these changes Jan 24, 2025
View reviewed changes
@baileympearson
Copy link
Contributor

@W-A-James Lint failure

@baileympearson baileympearson requested a review from a team as a code owner January 31, 2025 16:02
@baileympearson baileympearson added Team Review Needs review from team and removed Primary Review In Review with primary reviewer, not yet ready for team's eyes labels Jan 31, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dariakp dariakp dariakp approved these changes

@durran durran durran approved these changes

@baileympearson baileympearson Awaiting requested review from baileympearson

Assignees

@baileympearson baileympearson

Labels
Team Review Needs review from team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@W-A-James @baileympearson @durran @dariakp @kggau