[SERVER-34418] Disable GCM encryption with ESE on OS X with OpenSSL Created: 11/Apr/18  Updated: 29/Oct/23  Resolved: 12/Apr/18

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 3.6.5, 3.7.4

Type: Task Priority: Major - P3
Reporter: Spencer Jackson Assignee: Spencer Jackson
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
Gantt End to End
has to be finished together with SERVER-34390 Make OS X binaries speak TLS 1.2 Closed
Related
Backwards Compatibility: Fully Compatible
Backport Requested:
v3.6, v3.4
Sprint: Platforms 2018-04-23
Participants:
Linked BF Score: 20

 Description   

ESE on OS X has not historically supported AES256-GCM. This is because it used an old version of OpenSSL. Going forward, it's native cryptography will not support GCM. When built with a new copy of OpenSSL, it should continue to not support GCM to maintain compatibility with the native cryptography.



 Comments   
Comment by Githook User [ 16/Apr/18 ]

Author:

{'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}

Message: SERVER-34418 Disable GCM for ESE on OS X with OpenSSL

(cherry picked from commit 208b4d09ff8f6e8f953c93e648fe7249ecdeaecd)
Branch: v3.6
https://github.com/10gen/mongo-enterprise-modules/commit/a9617c4a7806b400872664ba6392c8b01f916ddc

Comment by Githook User [ 12/Apr/18 ]

Author:

{'email': 'spencer.jackson@mongodb.com', 'name': 'Spencer Jackson', 'username': 'spencerjackson'}

Message: SERVER-34418 Disable GCM for ESE on OS X with OpenSSL
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/208b4d09ff8f6e8f953c93e648fe7249ecdeaecd

Comment by Spencer Jackson [ 11/Apr/18 ]

CR: https://mongodbcr.appspot.com/196530002/
Evgn: https://evergreen.mongodb.com/version/5ace5befe3c3311b167a6a3c

Generated at Thu Feb 08 04:36:37 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.