[SERVER-60630] Add back default as a prerequisite to the SetupOpenSSL initializer Created: 12/Oct/21  Updated: 29/Oct/23  Resolved: 19/Oct/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 5.1.0-rc0

Type: Bug Priority: Major - P3
Reporter: Erwin Pe Assignee: Erwin Pe
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Backwards Compatibility: Fully Compatible
Operating System: ALL
Sprint: Security 2021-10-18, Security 2021-11-01
Participants:
Linked BF Score: 144

 Description   

In the "SetupOpenSSL" initializer, it is sometimes possible for the sslGlobalParams.sslFIPSMode variable to have a value of "false" even though the startup option net.tls.FIPSMode is"true" if the initializer happens to execute before the startup option's value has been parsed and stored in sslGlobalParams.sslFIPSMode. This causes the server to skip enabling FIPS mode, or to NOT crash if FIPS is not supported by the crypto library.



 Comments   
Comment by Githook User [ 19/Oct/21 ]

Author:

{'name': 'Erwin Pe', 'email': 'erwin.pe@mongodb.com', 'username': 'erwee'}

Message: SERVER-60630 Add back default as a prerequisite to the SetupOpenSSL initializer
Branch: master
https://github.com/mongodb/mongo/commit/feb46137c3b14dd0864fcbff3688844b2e832ee6

Generated at Thu Feb 08 05:50:19 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.