Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Unresolved
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: Security, Sharding
Labels:
- platforms-re-triaged

Assigned Teams:

Server Security

Clear message from config server, but misleading message from mongos.

ubuntu@ip-10-36-133-56:~/mongodb-linux-x86_64-subscription-ubuntu1104-2.4.0-rc0$ ./bin/mongod --dbpath ./data/config/ --configsvr --sslOnNormalPorts --sslPEMKeyFile ../sslCA/gregorFreeBSD.pem Tue Feb 26 13:20:53.064 [initandlisten] MongoDB starting : pid=14244 port=27019 dbpath=./data/config/ master=1 64-bit host=ip-10-36-133-56
Tue Feb 26 13:20:53.064 [initandlisten] db version v2.4.0-rc0, pdfile version 4.5
Tue Feb 26 13:20:53.064 [initandlisten] git version: 09967e98e5d6280305d85553cdb2dd12e2e1e149 modules: subscription
Tue Feb 26 13:20:53.064 [initandlisten] build info: Linux bs-e-ubuntu1104 2.6.38-13-virtual #57-Ubuntu SMP Mon Mar 5 21:16:08 UTC 2012 x86_64 BOOST_LIB_VERSION=1_49
Tue Feb 26 13:20:53.064 [initandlisten] allocator: tcmalloc
Tue Feb 26 13:20:53.064 [initandlisten] options: { configsvr: true, dbpath: "./data/config/", sslOnNormalPorts: true, sslPEMKeyFile: "../sslCA/gregorFreeBSD.pem" }
Tue Feb 26 13:20:53.077 [initandlisten] journal dir=./data/config/journal
Tue Feb 26 13:20:53.077 [initandlisten] recover : no journal files present, no recovery needed
Tue Feb 26 13:20:53.276 [initandlisten] waiting for connections on port 27019 ssl
Tue Feb 26 13:20:53.277 [websvr] admin web console waiting for connections on port 28019 ssl
Tue Feb 26 13:20:55.589 [initandlisten] connection accepted from 10.36.133.56:42888 #1 (1 connection now open)
Tue Feb 26 13:20:55.590 [conn1] ERROR: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Tue Feb 26 13:20:55.590 [conn1] SocketException handling request, closing client connection: 9001 socket exception [6] 
Tue Feb 26 13:20:55.592 [initandlisten] connection accepted from 10.36.133.56:42889 #2 (1 connection now open)
Tue Feb 26 13:20:55.592 [initandlisten] connection accepted from 10.36.133.56:42890 #3 (2 connections now open)
Tue Feb 26 13:20:55.592 [conn2] ERROR: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Tue Feb 26 13:20:55.592 [conn2] SocketException handling request, closing client connection: 9001 socket exception [6] 
Tue Feb 26 13:20:55.592 [conn3] ERROR: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Tue Feb 26 13:20:55.592 [conn3] SocketException handling request, closing client connection: 9001 socket exception [6]

ubuntu@ip-10-36-133-56:~/mongodb-linux-x86_64-subscription-ubuntu1104-2.4.0-rc0$ ./bin/mongos --configdb ip-10-36-133-56 
Tue Feb 26 13:20:55.586 warning: running with 1 config server should be done only for testing purposes and is not recommended for production
Tue Feb 26 13:20:55.587 [mongosMain] MongoS version 2.4.0-rc0 starting: pid=14258 port=27017 64-bit host=ip-10-36-133-56 (--help for usage)
Tue Feb 26 13:20:55.587 [mongosMain] git version: 09967e98e5d6280305d85553cdb2dd12e2e1e149 modules: subscription
Tue Feb 26 13:20:55.587 [mongosMain] build info: Linux bs-e-ubuntu1104 2.6.38-13-virtual #57-Ubuntu SMP Mon Mar 5 21:16:08 UTC 2012 x86_64 BOOST_LIB_VERSION=1_49
Tue Feb 26 13:20:55.587 [mongosMain] options: { configdb: "ip-10-36-133-56" }
Tue Feb 26 13:20:55.590 [mongosMain] Socket recv() errno:104 Connection reset by peer 10.36.133.56:27019
Tue Feb 26 13:20:55.591 [mongosMain] SocketException: remote: 10.36.133.56:27019 error: 9001 socket exception [1] server [10.36.133.56:27019] 
Tue Feb 26 13:20:55.591 [mongosMain] DBClientCursor::init call() failed
Tue Feb 26 13:20:55.591 [mongosMain] Detected bad connection created at 1361884855589939 microSec, clearing pool for ip-10-36-133-56:27019
Tue Feb 26 13:20:55.591 [mongosMain] warning:  couldn't check on config server:ip-10-36-133-56:27019 ok for now : 10276 DBClientBase::findN: transport error: ip-10-36-133-56:27019 ns: admin.$cmd query: { getlasterror: 1 }
Tue Feb 26 13:20:55.592 [mongosMain] Socket recv() errno:104 Connection reset by peer 10.36.133.56:27019
Tue Feb 26 13:20:55.592 [mongosMain] SocketException: remote: 10.36.133.56:27019 error: 9001 socket exception [1] server [10.36.133.56:27019] 
Tue Feb 26 13:20:55.592 [mongosMain] DBClientCursor::init call() failed
Tue Feb 26 13:20:55.592 [CheckConfigServers] Socket recv() errno:104 Connection reset by peer 10.36.133.56:27019
Tue Feb 26 13:20:55.592 [mongosMain] Detected bad connection created at 1361884855592031 microSec, clearing pool for ip-10-36-133-56:27019
Tue Feb 26 13:20:55.592 [CheckConfigServers] SocketException: remote: 10.36.133.56:27019 error: 9001 socket exception [1] server [10.36.133.56:27019] 
Tue Feb 26 13:20:55.592 [mongosMain] ERROR: error upgrading config database to v4 :: caused by :: could not load config version for upgrade :: caused by :: 16625 cursor not found, transport error

is duplicated by

SERVER-6346 Logged Error Message for non-SSL Replica Set Member in SSL enabled set is non-informative

Closed

related to

SERVER-11292 Connecting to ssl-encrypted mongod with non-ssl mongo shell generates confusing error

Backlog

Assignee:: [DO NOT USE] Backlog - Security Team

Reporter:: Gregor Macadam

Participants:: [DO NOT USE] Backlog - Security Team, Gregor Macadam

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: Feb 26 2013 01:21:37 PM UTC

Updated:: Dec 06 2022 05:23:58 AM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates