Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-2783

test-valgrind-latest-sharded-auth-openssl cannot initialize MongoDB

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 1.12.0
    • Fix Version/s: 1.13.0
    • Component/s: tests
    • Labels:
      None

      Description

      Seen here:

      https://evergreen.mongodb.com/task/mongo_c_driver_valgrind_ubuntu_test_valgrind_latest_sharded_auth_openssl_patch_bb34c6f2fdf52a2c91ab0fcb67e8aed1e7a5a5b4_5b61185dc9ec444d01677620_18_08_01_02_18_05

      Mongo Orchestration tries to start a sharded cluster of replica sets with SSL and auth. According to the log file in mongo-agxOY7/mongod.log, the replica on port 27219 seems to reject connection attempts from the other replicas:

      2018-08-01T22:36:37.579+0000 I NETWORK  [listener] connection accepted from 127.0.0.1:56037 #12 (3 connections now open)
      2018-08-01T22:36:37.584+0000 W NETWORK  [conn12] SSL peer certificate validation failed: unsupported certificate purpose
      2018-08-01T22:36:37.584+0000 I NETWORK  [conn12] end connection 127.0.0.1:56037 (2 connections now open)
      

      The replica seems to accept connections from Mongo Orchestration itself, which uses PyMongo to connect.

      Later, it logs errors like:

      2018-08-01T22:40:39.605+0000 I NETWORK  [listener] connection accepted from 127.0.0.1:57142 #75 (6 connections now open)
      2018-08-01T22:40:39.609+0000 W NETWORK  [conn75] SSL peer certificate validation failed: unsupported certificate purpose
      2018-08-01T22:40:39.609+0000 I NETWORK  [conn75] received client metadata from 127.0.0.1:57142 conn75: { driver: { name: "MongoDB Internal Client", version: "4.1.1-175-g075d7fe" }, os: { type: "Linux", name: "Ubuntu", architecture: "x86_64", version: "14.04" } }
      2018-08-01T22:40:39.610+0000 I ACCESS   [conn75] SASL SCRAM-SHA-1 authentication failed for __system on local from client 127.0.0.1:57142 ; AuthenticationFailed: It is not possible to authenticate as the __system user on servers started without a --keyFile parameter
      2018-08-01T22:40:39.610+0000 I NETWORK  [conn75] end connection 127.0.0.1:57142 (5 connections now open)
      

      I don't know whether the SSL error is the root cause, or a symptom, or doesn't matter. The AuthenticationFailed error seems crucial.

      The other replicas log similarly. mongos logs:

      2018-08-01T22:37:04.241+0000 I NETWORK  [ReplicaSetMonitor-TaskExecutor] can't authenticate to localhost:27218 as internal user, error: Authentication failed.
      

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: