Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Critical
Fix Version/s: 7.6.2
Affects Version/s: 7.6.0
Component/s: memcached
Labels:
- approved-for-7.6.2

Triage:
Triaged
Story Points:
0
Is this a Regression?:
Yes
Sprint:
March-June 24

Description

I have an application which uses SCRAM SHA 512 for SASL AUTH and is sending invalid credentials.

Against server 7.1 I see that the server responds with SASL CONTINUE and the SASL STEP then fails with an error from the server.

Against server 7.6 I see that the server responds with SASL CONTINUE but with an invalid iterator value that my scram library is rejecting.

Is this change intentional? I've attached 2 packets caps illustrating this.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

7.1-auth-out.pcapng
11 kB
14/Mar/24 8:24 AM
7.6-auth-out.pcapng
13 kB
14/Mar/24 8:24 AM

Issue Links

relates to

GOCBC-1615 connecting to CBS 7.6 with non TLS bad credentials doesn't return ErrAuthenticationFailure

Closed

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Charles Dixon

Reporter:: Charles Dixon

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 14/Mar/24 8:24 AM

Updated:: 04/Apr/24 9:05 PM

Resolved:: 03/Apr/24 10:00 PM

Gerrit Reviews

There are no open Gerrit changes

Show There are 3 closed Gerrit changes

Hide There are 3 closed Gerrit changes

MB-61174: Don't use 10 iteration counts for unknown users: Gerrit Review:

Merge commit 'couchbase/trinity~2' into trunk: Gerrit Review:

Merge remote-tracking branch 'couchbase/trinity' into trunk: Gerrit Review:

SCRAM SASL AUTH returns invalid iterator value for incorrect credentials

Details

Description

Attachments

Attachments

Issue Links

Gerrit Reviews

Activity

People

Dates

Gerrit Reviews

PagerDuty