Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-49487

Use of SSL{Manager,Connection}Interface in `socket` module is not assured to work

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Duplicate
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Build
    • None
    • Server Security
    • ALL
    • Hide

      With the enterprise module enabled:

      /buildscripts/scons.py --variables-files=etc/scons/mongodbtoolchain_v3_clang.vars --dbg=on --opt=on --allocator=system --sanitize=undefined,address --ssl -j30 --nostrip --link-model=dynamic --detect-odr-violations --separate-debug --install-mode=hygienic --install-action=hardlink --implicit-cache --build-fast-and-loose=on install-all install-all-debug -k

      Will result in:

      ...
build/cached/mongo/util/net/libsocket.so: error: undefined reference to 'typeinfo for mongo::SSLManagerInterface'
build/cached/mongo/util/net/libsocket.so: error: undefined reference to 'typeinfo for mongo::SSLConnectionInterface'
clang-7: error: linker command failed with exit code 1 (use -v to see invocation)
...
scons: *** [build/cached/mongo/transport/transport_test] Error 1
...
      Show
      With the enterprise module enabled: /buildscripts/scons.py --variables-files=etc/scons/mongodbtoolchain_v3_clang.vars --dbg=on --opt=on --allocator=system --sanitize=undefined,address --ssl -j30 --nostrip --link-model=dynamic --detect-odr-violations --separate-debug --install-mode=hygienic --install-action=hardlink --implicit-cache --build-fast-and-loose=on install-all install-all-debug -k Will result in: ... build/cached/mongo/util/net/libsocket.so: error: undefined reference to 'typeinfo for mongo::SSLManagerInterface' build/cached/mongo/util/net/libsocket.so: error: undefined reference to 'typeinfo for mongo::SSLConnectionInterface' clang-7: error: linker command failed with exit code 1 (use -v to see invocation) ... scons: *** [build/cached/mongo/transport/transport_test] Error 1 ...

      The files that make up the socket module make use of types like SSLManagerInterface and SSLConnectionInterface that are defined in the library ssl_manager module. However, the socket library doesn't link to the ssl_manager.

      For static builds, this isn't a problem. And for a number of dynamic builds, we happen to get away with it. But not for all builds. In particular, for the "!{A,UB}SAN Enterprise Ubuntu 18.04 DEBUG" build with the "--link-model=dynamic" flag, we find that some tests (such as transport_test) fail to link, presumably because their link graph include socket but not ssl_manager.

      The goal of this task is to clarify the relationship between these two modules, and to make changes to scons and do whatever code movement/refactoring is needed to get the "!{A,UB}SAN Enterprise Ubuntu 18.04 DEBUG" build with the "--link-model=dynamic" flag working.

      Take a look atĀ SERVER-48736 to see an example of a similar issue involving the query_exec module and the index_access_methods module and how the issue was fixed.

      It looks like this might be the last issue blockingĀ SERVER-48892 .

            Assignee:
            backlog-server-security [DO NOT USE] Backlog - Security Team
            Reporter:
            andrew.paroski@mongodb.com Drew Paroski
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: