-
Type:
Improvement
-
Resolution: Unresolved
-
Priority:
Trivial - P5
-
Affects Version/s: None
-
Component/s: Security
-
Labels:None
-
Server Security
When using MongoDB with SSL/TLS you may or may not be using TLS compression depending on a number of factors including:
- The OS provided OpenSSL may have disable it at compile time (recent RHEL releases)
- You're using MongoDB on Windows (we build our vendored OpenSSL without compression)
- The driver and driver version you are using. (C driver recently disabled compression, the python driver will soon, some language TLS libraries may by default.)
Though MongoDB isn't theoretically vulnerable to the CRIME attack, many users consider TLS compression a security problem.
For consistency, if for nothing else, we should explicitly disable TLS compression in the server at runtime. The patch is, essentially:
diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp
index d11d355..6d93210 100644
--- a/src/mongo/util/net/ssl_manager.cpp
+++ b/src/mongo/util/net/ssl_manager.cpp
@@ -614,6 +614,12 @@ Status SSLManager::initSSLContext(SSL_CTX* context,
// SSL_OP_NO_SSLv3 - Disable SSL v3 support
long supportedProtocols = SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
+ // SSL_OP_NO_COMPRESSION - Disables TLS compression
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+ supportedProtocols |= SSL_OP_NO_COMPRESSION;
+#endif
+
+
// Set the supported TLS protocols. Allow --sslDisabledProtocols to disable selected
// ciphers.
if (!params.sslDisabledProtocols.empty()) {