Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-38141

Incorrect usage of MONGO_CONFIG_HAS_SSL_SET_ECDH_AUTO prevents enabling of elliptic curve auto negotiation

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major - P3
    • Resolution: Fixed
    • None
    • 3.6.14, 4.1.6, 4.0.13
    • None
    • None
    • Fully Compatible
    • ALL
    • v4.0, v3.6
    • Security 2018-11-19, Security 2018-12-03

    Description

      In ssl_manager_openssl.cpp, the setup code checks to see if the version of openssl supports elliptic curve auto negotiation via the macro MONGO_CONFIG_HAVE_SSL_SET_ECDH_AUTO. The macro is actually defined to be MONGO_CONFIG_HAS_SSL_SET_ECDH_AUTO, so this check always fails and auto negotiation is never enabled.

      Fix the naming of elliptic curve related config defines to match the "HAVE" of previous defines.

      Attachments

        Issue Links

          Activity

            People

              patrick.freed@mongodb.com Patrick Freed
              patrick.freed@mongodb.com Patrick Freed
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: