Uploaded image for project: 'MongoDB Database Tools'
  1. MongoDB Database Tools
  2. TOOLS-1948

Use Go-native TLS dialer on platforms with openssl 0.9.x

      Atlas is likely to start offering a TLS 1.2 only mode. This isn't possible with the system openssl on macosx or the openssl with suse11 (or RHEL 5.5). As the openssl wrapper is needed for FIPS support and we don't support FIPS on older versions of openssl anyway, we should implement a Go-native TLS dialer on platforms with 0.9.x.

      We can identify ones that have 'openssl_pre_1.0' as a Go build tag – which we're already asking for in SERVER-32922 for the wrapper. After this change, that build tag will turn off the wrapper and turn on the Go-native TLS dialer.

      The Go-native TLS dialer can likely be adapted from the one that exists for the new Go driver.

            david.golden@mongodb.com David Golden
            david.golden@mongodb.com David Golden
            0 Vote for this issue
            4 Start watching this issue