Uploaded image for project: 'Drivers'
  1. Drivers
  2. DRIVERS-2823

Ensure openssl legacy unsafe renegotiation can be configured via the MongoClient

    • Type: Icon: Improvement Improvement
    • Resolution: Unresolved
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Component/s: Security, URI Options
    • None
    • Needed
    • Hide

      Summary of necessary driver changes
      Ruby, Python, C, C++, and PHP, and Node all depend on OpenSSL by default and can encounter "unsafe legacy renegotiation disabled" errors when using OpenSSL version >=3 in some environments. These types of errors occur due to outdated or buggy SSL proxies. Such proxies mistakenly enforce legacy TLS renegotiation. A real example can be found in openssl/issues/21296.

      These drivers should document how to workaround this issue by setting the OP_LEGACY_SERVER_CONNECT option. For example in Ruby:

      Mongo.tls_context_hooks.push(
        Proc.new { |context| context.options |= OpenSSL::SSL::OP_LEGACY_SERVER_CONNECT }
      )
      client = Mongo::Client.new('mongodb+srv://...')
      

      And Node:

      import { MongoClient } from 'mongodb';
      import { * as crypto } from 'crypto';
      
      const client = new MongoClient("mongodb+srv://...", {
        secureContext: {
          secureOptions: crypto.constants.SSL_OP_LEGACY_SERVER_CONNECT
        }
      });
      

      Python, C, C++, and PHP should document how to workaround this issue via the UnsafeLegacyServerConnect option with the OPENSSL_CONF env var:

      $ cat openssl.cnf
      openssl_conf = openssl_init
      
      [openssl_init]
      ssl_conf = ssl_sect
      
      [ssl_sect]
      system_default = system_default_sect
      
      [system_default_sect]
      Options = UnsafeLegacyServerConnect
      
      $ OPENSSL_CONF=openssl.cnf python ...
      

      Note that UnsafeLegacyServerConnect in OPENSSL_CONF requires OpenSSL >= 3.0.4 to get the fix for this bug: https://github.com/openssl/openssl/issues/18295

      The documentation should explain that these workarounds should only be used as a last resort to address "unsafe legacy renegotiation disabled" errors.

      Show
      Summary of necessary driver changes Ruby, Python, C, C++, and PHP, and Node all depend on OpenSSL by default and can encounter "unsafe legacy renegotiation disabled" errors when using OpenSSL version >=3 in some environments. These types of errors occur due to outdated or buggy SSL proxies. Such proxies mistakenly enforce legacy TLS renegotiation. A real example can be found in openssl/issues/21296 . These drivers should document how to workaround this issue by setting the OP_LEGACY_SERVER_CONNECT option. For example in Ruby: Mongo.tls_context_hooks.push( Proc.new { |context| context.options |= OpenSSL::SSL::OP_LEGACY_SERVER_CONNECT } ) client = Mongo::Client.new( 'mongodb+srv://...' ) And Node: import { MongoClient } from 'mongodb' ; import { * as crypto } from 'crypto' ; const client = new MongoClient( "mongodb+srv: //..." , { secureContext: { secureOptions: crypto.constants.SSL_OP_LEGACY_SERVER_CONNECT } }); Python, C, C++, and PHP should document how to workaround this issue via the UnsafeLegacyServerConnect option with the OPENSSL_CONF env var: $ cat openssl.cnf openssl_conf = openssl_init [openssl_init] ssl_conf = ssl_sect [ssl_sect] system_default = system_default_sect [system_default_sect] Options = UnsafeLegacyServerConnect $ OPENSSL_CONF=openssl.cnf python ... Note that UnsafeLegacyServerConnect in OPENSSL_CONF requires OpenSSL >= 3.0.4 to get the fix for this bug: https://github.com/openssl/openssl/issues/18295 The documentation should explain that these workarounds should only be used as a last resort to address "unsafe legacy renegotiation disabled" errors.
    • $i18n.getText("admin.common.words.hide")
      Key Status/Resolution FixVersion
      CDRIVER-5512 Backlog
      CXX-2992 Backlog
      CSHARP-5008 Backlog
      GODRIVER-3160 Works as Designed
      JAVA-5368 Works as Designed
      NODE-6025 Works as Designed
      MOTOR-1280 Duplicate
      PYTHON-4279 Fixed 4.9
      PHPLIB-1411 Blocked
      RUBY-3422 Backlog
      RUST-1884 Backlog
      $i18n.getText("admin.common.words.show")
      #scriptField, #scriptField *{ border: 1px solid black; } #scriptField{ border-collapse: collapse; } #scriptField td { text-align: center; /* Center-align text in table cells */ } #scriptField td.key { text-align: left; /* Left-align text in the Key column */ } #scriptField a { text-decoration: none; /* Remove underlines from links */ border: none; /* Remove border from links */ } /* Add green background color to cells with FixVersion */ #scriptField td.hasFixVersion { background-color: #00FF00; /* Green color code */ } /* Center-align the first row headers */ #scriptField th { text-align: center; } Key Status/Resolution FixVersion CDRIVER-5512 Backlog CXX-2992 Backlog CSHARP-5008 Backlog GODRIVER-3160 Works as Designed JAVA-5368 Works as Designed NODE-6025 Works as Designed MOTOR-1280 Duplicate PYTHON-4279 Fixed 4.9 PHPLIB-1411 Blocked RUBY-3422 Backlog RUST-1884 Backlog

      Drivers that use TLS libraries or runtime TLS APIs based on openssl 3 may throw errors such as MongoServerSelectionError: C8320000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:c:\ws\deps\openssl\openssl\ssl\statem\extensions.c:922: in certain environments (such as when run behind corporate firewalls).

      To ensure developers can work around this, the SSL_OP_LEGACY_SERVER_CONNECT SSL option flag should be configurable via the MongoClient.

            Assignee:
            shane.harvey@mongodb.com Shane Harvey
            Reporter:
            alex.bevilacqua@mongodb.com Alex Bevilacqua
            James Kovacs James Kovacs
            Alex Bevilacqua Alex Bevilacqua
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated: