Uploaded image for project: 'MongoDB ETL Tools'
  1. MongoDB ETL Tools
  2. TOOLS-1948

Use Go-native TLS dialer on platforms with openssl 0.9.x

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Critical - P2
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.7.4, 3.4.15, 3.6.5, 4.0.0-rc0
    • Component/s: All Tools
    • Labels:
      None

      Description

      Atlas is likely to start offering a TLS 1.2 only mode. This isn't possible with the system openssl on macosx or the openssl with suse11 (or RHEL 5.5). As the openssl wrapper is needed for FIPS support and we don't support FIPS on older versions of openssl anyway, we should implement a Go-native TLS dialer on platforms with 0.9.x.

      We can identify ones that have 'openssl_pre_1.0' as a Go build tag – which we're already asking for in SERVER-32922 for the wrapper. After this change, that build tag will turn off the wrapper and turn on the Go-native TLS dialer.

      The Go-native TLS dialer can likely be adapted from the one that exists for the new Go driver.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                david.golden David Golden
                Reporter:
                david.golden David Golden
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: