Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 3.6.14, 4.1.6, 4.0.13
Affects Version/s: None
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Backport Requested:

v4.0, v3.6
Sprint:
Security 2018-11-19, Security 2018-12-03

In ssl_manager_openssl.cpp, the setup code checks to see if the version of openssl supports elliptic curve auto negotiation via the macro MONGO_CONFIG_HAVE_SSL_SET_ECDH_AUTO. The macro is actually defined to be MONGO_CONFIG_HAS_SSL_SET_ECDH_AUTO, so this check always fails and auto negotiation is never enabled.

Fix the naming of elliptic curve related config defines to match the "HAVE" of previous defines.

has to be done before

SERVER-36617 Hardcode a default Diffie-Hellman parameter when ECDHE is enabled

Closed

Assignee:: Patrick Freed

Reporter:: Patrick Freed

Participants:: Githook User, Patrick Freed

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: Nov 14 2018 10:48:53 PM UTC

Updated:: Oct 29 2023 10:26:33 PM UTC

Resolved:: Nov 21 2018 03:59:34 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates