[SERVER-48006] getParameter for opensslCipherConfig doesn't return the ciphers string if a custom string isn't set Created: 07/May/20  Updated: 29/Oct/23  Resolved: 26/Jun/20

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 4.7.0

Type: Improvement Priority: Major - P3
Reporter: Emilio Scalise Assignee: Gabriel Marks
Resolution: Fixed Votes: 0
Labels: neweng
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Related
Backwards Compatibility: Fully Compatible
Sprint: Security 2020-06-29
Participants:

 Description   

Currently if you run the following command and the opensslCipherConfig parameter doesn't contain a custom string of OpenSSL ciphers, the result is an empty string:

db.adminCommand( { getParameter : 1, "opensslCipherConfig" : 1 } )
 
{ "opensslCipherConfig" : "", "ok" : 1 }

It would be nice if MongoDB returns the currently used ciphers string for example by calling out SSL_CTX_get_ciphers()

This is only valid for platforms using the OpenSSL library.



 Comments   
Comment by Githook User [ 26/Jun/20 ]

Author:

{'name': 'Gabriel Marks', 'email': 'gabriel.marks@mongodb.com', 'username': 'marksg07'}

Message: SERVER-48006 Fix default for opensslCipherConfig
Branch: master
https://github.com/mongodb/mongo/commit/f31fb14b43c9976803f21558075a3892599d3e76

Generated at Thu Feb 08 05:15:51 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.