Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-59067

Fix TLS Race condition

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 5.0.4, 5.1.0-rc0
    • Affects Version/s: 5.1.0, 5.0.0-rc8
    • Component/s: None
    • Fully Compatible
    • ALL
    • v5.0
    • Sharding 2021-08-09, Sharding 2021-08-23
    • 145

      The race is when initializing SSLManagerOpenSSL::_rolesNid, which creates a race. The problem is that this field is not static and OBJ_create() is invoked every time SSLManagerOpenSSL is invoked. The problem was amplified by the tenant migration code, which is using transient SSL state and is instantiating SSLManagerOpenSSL on every migration. The bug was always there but the new logic amplified it.

      The race is present in all versions but is more serious in RHEL 7.0 using old OpenSSL. The difference is that in that old version the OBJ_cleanup() is actually erasing previous record if another OID with same keys is created. This make non properly guarded init to race with cleanup. In new version of OpenSSL OBJ_cleanup() is no-op.

      Form the doc:

      In OpenSSL versions prior to 1.1.0 OBJ_cleanup() cleaned up OpenSSLs internal object table and was called before an application exits if any new objects were added using OBJ_create(). This function is deprecated in version 1.1.0 and now does nothing if called. No explicit de-initialisation is now required. See OPENSSL_init_crypto(3) for further information.

            Assignee:
            andrew.shuvalov@mongodb.com Andrew Shuvalov (Inactive)
            Reporter:
            andrew.shuvalov@mongodb.com Andrew Shuvalov (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: