Uploaded image for project: 'MongoDB ETL Tools'
  1. MongoDB ETL Tools
  2. TOOLS-2066

MongoDB 3.4's vendored github.com/10gen/openssl doesn't define FIPS functions

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 3.4.15
    • Fix Version/s: 3.4.17
    • Component/s: go-openssl
    • Labels:

      Description

      MongoDB 3.4's `openssl_fips` unconditionally references `openssl.FIPSModeSet` when SSL is being used with OpenSSL post-1.0: https://github.com/mongodb/mongo/blob/v3.4/src/mongo/gotools/common/db/openssl/openssl_fips.go#L21

      However, its vendored version of `github.com/10gen/openssl` doesn't build its FIPS wrappers on Darwin: https://github.com/mongodb/mongo/blob/0d6a9242c11b99ddadcfb6e86a850b6ba487530a/src/mongo/gotools/vendor/src/github.com/10gen/openssl/fips.go#L2 This causes the build to fail on Darwin since the referenced function doesn't exist.

      This doesn't seem to affect the 3.6 and 4.0 branches, which vendor a newer commit from this project which doesn't have the `+build !darwin` tag.

        Attachments

          Activity

            People

            • Assignee:
              david.golden David Golden
              Reporter:
              misty Misty De Meo
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: