[SERVER-35032] Non-SSL connections to requireSSL instances get non-informative log message in 3.6.4 Created: 16/May/18  Updated: 29/Oct/23  Resolved: 23/Jul/18

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 3.6.7

Type: Improvement Priority: Major - P3
Reporter: Spencer Brown Assignee: Jonathan Reams
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Backwards Compatibility: Fully Compatible
Sprint: Platforms 2018-07-16, Platforms 2018-07-30
Participants:

 Description   

With MongoDB 3.4.15, mongod running with mode: requireSSL, connection attempts without SSL get a nicely informative mongod log message: 

2018-05-16T15:38:07.351-0500 D -        [conn2] User Assertion: 17189:The server is configured to only allow SSL connections src/mongo/util/net/message_port.cpp 154

In 3.6.4, the log message in this case is:

2018-05-15T14:20:13.067+0000 I NETWORK [conn3] Error receiving request from client: SSLHandshakeFailed: SSLHandshakeFailed. Ending connection from 10.53.32.39:57277 (connection id: 3)

You can see that the 3.6.4 log message is much less informative and clear about the cause of the connection failure. Can we make the log message mention that it's because the server is configured to require SSL connections?



 Comments   
Comment by Githook User [ 23/Jul/18 ]

Author:

{'username': 'jbreams', 'name': 'Jonathan Reams', 'email': 'jbreams@mongodb.com'}

Message: SERVER-35032 Make ASIOSession work with Status over std::error_code
Branch: v3.6
https://github.com/mongodb/mongo/commit/5e1b2d0af5b73d49fd51a1b11cc5e970a1abe773

Comment by Spencer Jackson [ 16/May/18 ]

This behavior appears to be fixed on Master, and goes away on 3.6 when started with –transportLayer legacy. jonathan.reams, can you take a look at this?

Generated at Thu Feb 08 04:38:37 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.