[SERVER-36620] Test if we can compile against an old OpenSSL ABI but test against new ABI in Evergreen Created: 13/Aug/18  Updated: 29/Oct/23  Resolved: 25/Feb/19

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 4.1.9

Type: Task Priority: Major - P3
Reporter: Gregory McKeon (Inactive) Assignee: Shreyas Kalyan
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Backwards Compatibility: Fully Compatible
Sprint: Security 2019-02-11, Security 2019-02-25, Security 2019-03-11
Participants:

 Description   

We want to compile against the oldest possible OpenSSL ABI, which may not support ECDHE autonegotiation. We should test running on the more recent ABI that provide this functionality.



 Comments   
Comment by Githook User [ 25/Feb/19 ]

Author:

{'name': 'Shreyas Kalyan', 'email': 'shreyas.kalyan@10gen.com', 'username': 'shreyaskalyan'}

Message: SERVER-36620: Test if we can compile against an old OpenSSL ABI but test against new ABI in Evergreen
Branch: master
https://github.com/mongodb/mongo/commit/35ba3dc7312e082ed56f4908f97832f749cf04b5

Comment by Spencer Jackson [ 04/Dec/18 ]

I've done some preliminary investigation with local containers. Testing was done with an ArchLinux host running OpenSSL 1.1.1a and a CentOS 7 container running OpenSSL 1.02k. The shell running on ArchLinux was modified to set SSL_CTX_set1_curves_list(ctx, "P-521:P-384");, which forces it to only advertise support for P-521 and P-384. The following subsections outline the tests performed.

Running a pre-SERVER-36616 mongod server on CentOS, with an ArchLinux shell.

The server negotiated Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d). This is the expected pre-epic behavior, before we could detect ECHDE auto negotiation support at runtime.

Running a post-SERVER-36616 mongod server on CentOS, with an ArchLinux shell.

The server negotiates Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030). In the Server Key Exchange, it selected

EC Diffie-Hellman Server Params
    Curve Type: named_curve (0x03)
    Named Curve: secp521r1 (0x0019)
    Pubkey Length: 133
    Pubkey: ...
    Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
    Signature Length: 256
    Signature: ...

This demonstrates that the server respected the ECDHE curves advertised by the client, and so had activated ECHDE curve autonegotiation and did not rely on the hardcoded P-256 fallback logic.

Generated at Thu Feb 08 04:43:38 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.