mongoDB 2.3.0.4 → 2.3.0.5
raw patch · 3 files changed
+7/−2 lines, 3 filesdep ~noncePVP ok
version bump matches the API change (PVP)
Dependency ranges changed: nonce
API changes (from Hackage documentation)
Files
- CHANGELOG.md +5/−0
- Database/MongoDB/Query.hs +1/−1
- mongoDB.cabal +1/−1
CHANGELOG.md view
@@ -2,6 +2,11 @@ All notable changes to this project will be documented in this file. This project adheres to [Package Versioning Policy](https://wiki.haskell.org/Package_versioning_policy). +## [2.3.0.5] - 2018-03-15++### Fixed+- Resource leak in SCRAM authentication+ ## [2.3.0.4] - 2018-02-11 ### Fixed
Database/MongoDB/Query.hs view
@@ -263,7 +263,7 @@ -- ^ Authenticate with the current database, using the SCRAM-SHA-1 authentication mechanism (default in MongoDB server >= 3.0) authSCRAMSHA1 un pw = do let hmac = HMAC.hmac SHA1.hash 64- nonce <- (Nonce.new >>= Nonce.nonce128 >>= return . B64.encode)+ nonce <- liftIO (Nonce.withGenerator Nonce.nonce128 >>= return . B64.encode) let firstBare = B.concat [B.pack $ "n=" ++ (T.unpack un) ++ ",r=", nonce] let client1 = ["saslStart" =: (1 :: Int), "mechanism" =: ("SCRAM-SHA-1" :: String), "payload" =: (B.unpack . B64.encode $ B.concat [B.pack "n,,", firstBare]), "autoAuthorize" =: (1 :: Int)] server1 <- runCommand client1
mongoDB.cabal view
@@ -1,5 +1,5 @@ Name: mongoDB-Version: 2.3.0.4+Version: 2.3.0.5 Synopsis: Driver (client) for MongoDB, a free, scalable, fast, document DBMS Description: This package lets you connect to MongoDB servers and