Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-60630

Add back default as a prerequisite to the SetupOpenSSL initializer

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 5.1.0-rc0
    • Affects Version/s: None
    • Component/s: None
    • Labels:
      None
    • Fully Compatible
    • ALL
    • Security 2021-10-18, Security 2021-11-01
    • 144

      In the "SetupOpenSSL" initializer, it is sometimes possible for the sslGlobalParams.sslFIPSMode variable to have a value of "false" even though the startup option net.tls.FIPSMode is"true" if the initializer happens to execute before the startup option's value has been parsed and stored in sslGlobalParams.sslFIPSMode. This causes the server to skip enabling FIPS mode, or to NOT crash if FIPS is not supported by the crypto library.

            Assignee:
            erwin.pe@mongodb.com Erwin Pe
            Reporter:
            erwin.pe@mongodb.com Erwin Pe
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: