[SERVER-35781] ssl on macOS 10.10 [MongoDB (master) @ 2a604021] (ssl_client_certificate_warning_suppression.js) fix Created: 25/Jun/18  Updated: 29/Oct/23  Resolved: 02/Jul/18

Status: Closed
Project: Core Server
Component/s: Security, Testing Infrastructure
Affects Version/s: None
Fix Version/s: 4.1.1

Type: Bug Priority: Major - P3
Reporter: Adam Cooper (Inactive) Assignee: Adam Cooper (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
Backwards Compatibility: Minor Change
Operating System: OS X
Backport Requested:
v4.0
Steps To Reproduce:

Build on OSX, run resmoke with the jstest ssl_client_certificate_warning.js, and observe that a log message is printed, but it's not the one the test is looking for.

Sprint: Platforms 2018-07-02
Participants:
Linked BF Score: 46

 Description   

As described in BF-9546, there is an automatic build failure when running the ssl_client_certificate_warning.js test. This is a result of our OSX SSL manager giving different log messages than the other SSL managers.

 

Because of this behavior, the test case is fooled into thinking a log message is not printed, when it actually is, because it is not looking for the right log message. This will be fixed by changing the OSX log message to be consistent with the others.

 

The current message, used in ssl_manager_apple.cpp is:

return badCert(str::stream() << "Unable to retreive SSL trust from peer: "
                             << stringFromOSStatus(status)

This will be changed to:

return badCert(str::stream() << "no SSL certificate provided by peer: "
                             << stringFromOSStatus(status)

which will make it consistent with the other SSL managers



 Comments   
Comment by Adam Cooper (Inactive) [ 08/Aug/18 ]

Ah right. Sorry, I should have remembered that.

Comment by Dianna Hohensee (Inactive) [ 08/Aug/18 ]

Ah, I see what happened. It looks like this fix got backported to v4.0 in with SERVER-27264's v4.0 backport. Closing the backport, since it's already done.

Comment by Adam Cooper (Inactive) [ 08/Aug/18 ]

dianna.hohensee I just ran the test on the most updated version of 4.0 and it passed. Was the commit that caused the BF rebased on top of the latest update? I also tried to cherry pick my change over from this ticket and the commit was empty, so the change appears to already be in 4.0 (looking at ssl_manager_apple.cpp confirms this as well).

Comment by Dianna Hohensee (Inactive) [ 08/Aug/18 ]

Requesting a backport to v4.0 because the bug this fixes has occurred there: BF-10174.

adam.cooper

Comment by Githook User [ 02/Jul/18 ]

Author:

{'username': 'super-cooper', 'name': 'Adam Cooper', 'email': 'adam.cooper@mongodb.com'}

Message: SERVER-35781 Fix BF related to log message in OSX SSL manager
Branch: master
https://github.com/mongodb/mongo/commit/c97980bcf06a8a7452b9066101ab6ab91de89ffe

Generated at Thu Feb 08 04:40:58 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.