[SERVER-24141] Default uninitialized fields in SSLParams leads to undefined behavior re certificate strength in ESE Created: 07/May/16  Updated: 06/Jun/16  Resolved: 16/May/16

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 3.3.8

Type: Bug Priority: Major - P3
Reporter: Andrew Morrow (Inactive) Assignee: Andrew Morrow (Inactive)
Resolution: Done Votes: 0
Labels: undefined-sanitizer
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Platforms 15 (06/03/16)
Participants:

 Description   

The SSLParams constructor does not initialize its bool fields:

https://github.com/mongodb/mongo/blob/ea20ce71ee1151abc5bbe5ea60713a86d34a751a/src/mongo/util/net/ssl_options.h#L57-L64

The KMIP integration in ESE creates an SSLParams object on the stack in getKeyFromKMIPServer. But it does not initialize the SSLParams::sslWeakCertificateValidation field, leaving its value indeterminate. Then, the KMIPService uses these parameters to construct its SSLManager object. As a result, it is indeterminate whether the encrypted storage engine will or will not allow weak certificates. This was found with the undefined behavior sanitizer (look for 'runtime error'):

https://logkeeper.mongodb.org/build/572cf7809041304e1901cbde/test/572cf780be07c4295208ee89



 Comments   
Comment by Githook User [ 16/May/16 ]

Author:

{u'username': u'acmorrow', u'name': u'Andrew Morrow', u'email': u'acm@mongodb.com'}

Message: SERVER-23826 SERVER-24141 Initialize all fields of SSLParams
Branch: master
https://github.com/mongodb/mongo/commit/5b3e0cd4c4a5238efdf10c93359db37a25b4b139

Comment by Andreas Nilsson [ 07/May/16 ]

The weakCertificateValidation field is a no-op for SSL clients. It is a server parameter only and determines if clients are allowed to connect without certificates. We shouldn't leave the value uinitialized but I can't see that it has any actual affect on the outgoing connections to a KMIP server.

Generated at Thu Feb 08 04:05:29 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.