[CDRIVER-2844] Some errors ignored when loading certs, CAs, CRLs Created: 05/Oct/18  Updated: 10/Feb/23

Status: Backlog
Project: C Driver
Component/s: tls
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: A. Jesse Jiryu Davis Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to CDRIVER-2825 Connecting with an invalid cert path ... Closed
Epic Link: CDRIVER-4576

 Description   

No error if CA configuration fails with Darwin Secure Transport: mongoc_secure_transport_setup_ca returns true even if SSLSetTrustedRoots fails. mongoc_secure_transport_setup_certificate also ignores the return value of SSLSetCertificate and returns true.

On Windows, mongoc_stream_tls_secure_channel_new logs but succeeds if it cannot load the CA, CRL, or cert. Error messages in mongoc-secure-channel.c are sometimes logged with MONGOC_WARNING, they should all be MONGOC_ERROR.

With OpenSSL, on the other hand, failure to load a CRL results in a NULL return with no log message.

Error messages differ from one library to another.

Let's make the error messages consistent, and let's ensure that an error results in a NULL return from mongoc_stream_tls_new_with_hostname, and on error that the base stream is not destroyed.

A test like this in test-mongoc-stream-tls-error.c should pass once everything's fixed:

#define TLS_LOAD_ERR(_msg)                                             \
   do {                                                                \
      capture_logs (true);                                             \
      stream = mongoc_stream_socket_new (                              \
         mongoc_socket_new (AF_INET, SOCK_STREAM, 0)));                \
      BSON_ASSERT (                                                    \
         !mongoc_stream_tls_new_with_hostname (stream, NULL, &opt, 0); \
      ASSERT_CAPTURED_LOG (                                            \
         "bad TLS config file", MONGOC_LOG_LEVEL_ERROR, (_msg));       \
      opt.pem_file = opt.ca_file = opt.ca_dir = opt.crl_file = NULL;   \
   } while (0)
 
 
static void
test_mongoc_tls_load_files (void)
{
   mongoc_ssl_opt_t opt = {0};
   mongoc_stream_t *stream;
   mongoc_stream_t *tls_stream = NULL;
 
   opt.pem_file = "badfile";
   TLS_LOAD_ERR ("Cannot find certificate in 'badfile'");
   opt.ca_file = "badfile";
   TLS_LOAD_ERR ("Cannot load Certificate Authorities from file 'badfile'");
 
#if !defined(MONGOC_ENABLE_SSL_SECURE_TRANSPORT)
   opt.ca_file = opt.ca_dir = "badfile";
   TLS_LOAD_ERR ("Cannot load Certificate Authorities from file 'badfile'");
   opt.crl_file = "badfile";
   TLS_LOAD_ERR ("Cannot find certificate in 'badfile'");
   /* a bad ca_dir causes no error */
   opt.ca_dir = "badfile";
   tls_stream = mongoc_stream_tls_new_with_hostname (stream, NULL, &opt, 0);
   BSON_ASSERT (tls_stream);
   mongoc_stream_destroy (tls_stream);
#endif
}



 Comments   
Comment by Githook User [ 26/Nov/18 ]

Author:

{'name': 'A. Jesse Jiryu Davis', 'email': 'jesse@mongodb.com', 'username': 'ajdavis'}

Message: CDRIVER-2844 log PEM file error with LibreSSL
Branch: master
https://github.com/mongodb/mongo-c-driver/commit/dd266275f8f836f51f909db65b6eac863a7616a6

Generated at Wed Feb 07 21:16:31 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.