[TOOLS-2066] MongoDB 3.4's vendored github.com/10gen/openssl doesn't define FIPS functions - MongoDB Jira

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major - P3
Resolution: Fixed
Affects Version/s: 3.4.15
Fix Version/s: 3.4.17
Component/s: go-openssl
Labels:
- ssl

Documentation Changes:
Not Needed
Backport Requested:

v3.4

Description

MongoDB 3.4's `openssl_fips` unconditionally references `openssl.FIPSModeSet` when SSL is being used with OpenSSL post-1.0: https://github.com/mongodb/mongo/blob/v3.4/src/mongo/gotools/common/db/openssl/openssl_fips.go#L21

However, its vendored version of `github.com/10gen/openssl` doesn't build its FIPS wrappers on Darwin: https://github.com/mongodb/mongo/blob/0d6a9242c11b99ddadcfb6e86a850b6ba487530a/src/mongo/gotools/vendor/src/github.com/10gen/openssl/fips.go#L2 This causes the build to fail on Darwin since the referenced function doesn't exist.

This doesn't seem to affect the 3.6 and 4.0 branches, which vendor a newer commit from this project which doesn't have the `+build !darwin` tag.

Attachments

Activity

People

Assignee:: David Golden

Reporter:: Misty De Meo

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: Jul 04 2018 06:17:10 PM UTC

Updated:: Apr 14 2019 08:06:57 PM UTC

Resolved:: Jul 11 2018 09:47:44 AM UTC