Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-11489

Fail gracefully when more than 2 distinct sslMode settings are interacting

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Minor - P4 Minor - P4
    • None
    • None
    • Replication, Security
    • None
    • Server Security

    Description

      The new sslMode feature allows many more combinations of connection types between members of a mongodb cluster, which also means there are many more ways to set up an cluster incorrectly. As an example:

      If one sets up a replica set where each node is a different sslMode, some pretty weird behavior occurs. A set using require, preferSSL, and allowSSL can end up in a position where the"require" primary thinks the "allowSSL" secondary is up and properly replicating, but the "allowSSL" secondary thinks the primary is down. If we look at the log file it is clear that something is going horribly wrong, but from a mongo client perspective, things look okay, and will be okay until the primary goes down temporarily, in which case things could go haywire.

      It would be nice if we could recognize asymmetric cluster setups like these and alert the user / fail accordingly.

      Attachments

        Activity

          People

            backlog-server-security Backlog - Security Team
            kyle.erf Kyle Erf
            Votes:
            1 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated: