...
BugZero found this defect 2659 days ago.
SCRAM defines the gs2-cbind-flag parameter as follows: gs2-cbind-flag = ("p=" cb-name) / "n" / "y" ;; "n" -> client doesn't support channel binding. ;; "y" -> client does support channel binding ;; but thinks the server does not. ;; "p" -> client requires channel binding. ;; The selected channel binding follows "p=". This is a Man-in-the-Middle protection measure, for clients which must detect if a remote server supports channel binding. If a Man-in-the-Middle manipulates traffic, and tricks the client into believing that the server did not support channel binding, the client must set this flag to "y". If the server supports channel binding and sees "y", that is an error. If, more likely, the MitM edits the client's message, and the server sees "n", then the client and server will not be able to negotiate a shared secret and authentication will fail. MongoDB currently fails authentication attempts which send anything other than "n". Our server and our drivers do not support channel binding, so they send "n", so this hasn't been an issue. However, if a future driver did support channel binding, and detected that an old server did not support it, it would have to send the server "y". Today, that would cause authentication to fail.
xgen-internal-githook commented on Thu, 10 Aug 2017 20:58:09 +0000: Author: {'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com'} Message: SERVER-29915: Respect "y" in gs2-cbind-flag in SCRAM Branch: master https://github.com/mongodb/mongo/commit/07d4d94b06c6899699410312e20ef33d954ddbd1