[CDRIVER-4562] Auth tests fail with OpenSSL 1.1.0 Created: 24/Jan/23  Updated: 28/Oct/23  Resolved: 25/Jan/23

Status: Closed
Project: C Driver
Component/s: None
Affects Version/s: None
Fix Version/s: 1.24.0

Type: Bug Priority: Unknown
Reporter: Ezra Chung Assignee: Ezra Chung
Resolution: Fixed Votes: 0
Labels: failing-on-waterfall
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to CDRIVER-3620 Audit evergreen matrix Closed

 Description   

After auditing compilation and test scripts (GitHub PR; CDRIVER-3620) it was discovered that tests were not compiling and linking against the intended custom OpenSSL libraries. Fixing this issue resulted in task failure of build-and-run-authentication-tests-openssl-1.1.0 whose cause is still unknown.

Ping failure: No suitable servers found: `serverselectiontimeoutms` timed out:
[TLS handshake failed: certificate verify failed (20): unable to get local issuer certificate calling hello on '<host00>:27017']
[TLS handshake failed: certificate verify failed (20): unable to get local issuer certificate calling hello on '<host01>:27017']
[TLS handshake failed: <truncated>

Patch testing validated that the correct OpenSSL library is being compiled and linked against during execution. Other possibilities include incorrect SSL certificate installation (unlikely given other auth tests succeed), an OpenSSL 1.1.0-specific incompatibility (unlikely given auth tests running against OpenSSL 1.1.1 succeed; check release notes?), or some sort of conflict/confusion with the system-installed OpenSSL library (unlikely given correct dynamic loading of OpenSSL 1.1.0 library?).



 Comments   
Comment by Githook User [ 25/Jan/23 ]

Author:

{'name': 'Ezra Chung', 'email': '88335979+eramongodb@users.noreply.github.com', 'username': 'eramongodb'}

Message: CDRIVER-3620 Audit compile and test scripts (#1187)

  • Reorder maintainer flags to permit manual disabling of warnings
  • Improve behavior of bypass_dlclose()
  • Add support for add_expansions_to_env to shell_exec
  • Format .codecov.yml
  • Format scripts
  • Sanitize abi-compliance-check.sh
  • Sanitize add-build-dirs-to-paths.sh
  • Sanitize build-and-test-with-toolchain.sh
  • Sanitize compile*.sh scripts
  • Sanitize install-ssl.sh and run*.sh scripts
  • Do not run tests in compile tasks
  • Move all code coverage test-coverage-* tasks
  • Add env-var-utils.sh
  • Use env-var-utils.sh
  • Use nproc to specify Make job count
  • Support linking with custom OpenSSL library without system conflicts
  • CDRIVER-4562 Add SSL_CERT_DIR to resolve cert verify failure with 1.1.0
Generated at Wed Feb 07 21:21:17 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.