[SERVER-8731] ssl config server, non-ssl mongos - misleading message from mongos Created: 26/Feb/13  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Security, Sharding
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Gregor Macadam Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: platforms-re-triaged
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
Duplicate
is duplicated by SERVER-6346 Logged Error Message for non-SSL Repl... Closed
Related
related to SERVER-11292 Connecting to ssl-encrypted mongod wi... Backlog
Assigned Teams:
Server Security
Participants:

 Description   

Clear message from config server, but misleading message from mongos.

ubuntu@ip-10-36-133-56:~/mongodb-linux-x86_64-subscription-ubuntu1104-2.4.0-rc0$ ./bin/mongod --dbpath ./data/config/ --configsvr --sslOnNormalPorts --sslPEMKeyFile ../sslCA/gregorFreeBSD.pem Tue Feb 26 13:20:53.064 [initandlisten] MongoDB starting : pid=14244 port=27019 dbpath=./data/config/ master=1 64-bit host=ip-10-36-133-56
Tue Feb 26 13:20:53.064 [initandlisten] db version v2.4.0-rc0, pdfile version 4.5
Tue Feb 26 13:20:53.064 [initandlisten] git version: 09967e98e5d6280305d85553cdb2dd12e2e1e149 modules: subscription
Tue Feb 26 13:20:53.064 [initandlisten] build info: Linux bs-e-ubuntu1104 2.6.38-13-virtual #57-Ubuntu SMP Mon Mar 5 21:16:08 UTC 2012 x86_64 BOOST_LIB_VERSION=1_49
Tue Feb 26 13:20:53.064 [initandlisten] allocator: tcmalloc
Tue Feb 26 13:20:53.064 [initandlisten] options: { configsvr: true, dbpath: "./data/config/", sslOnNormalPorts: true, sslPEMKeyFile: "../sslCA/gregorFreeBSD.pem" }
Tue Feb 26 13:20:53.077 [initandlisten] journal dir=./data/config/journal
Tue Feb 26 13:20:53.077 [initandlisten] recover : no journal files present, no recovery needed
Tue Feb 26 13:20:53.276 [initandlisten] waiting for connections on port 27019 ssl
Tue Feb 26 13:20:53.277 [websvr] admin web console waiting for connections on port 28019 ssl
Tue Feb 26 13:20:55.589 [initandlisten] connection accepted from 10.36.133.56:42888 #1 (1 connection now open)
Tue Feb 26 13:20:55.590 [conn1] ERROR: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Tue Feb 26 13:20:55.590 [conn1] SocketException handling request, closing client connection: 9001 socket exception [6] 
Tue Feb 26 13:20:55.592 [initandlisten] connection accepted from 10.36.133.56:42889 #2 (1 connection now open)
Tue Feb 26 13:20:55.592 [initandlisten] connection accepted from 10.36.133.56:42890 #3 (2 connections now open)
Tue Feb 26 13:20:55.592 [conn2] ERROR: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Tue Feb 26 13:20:55.592 [conn2] SocketException handling request, closing client connection: 9001 socket exception [6] 
Tue Feb 26 13:20:55.592 [conn3] ERROR: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
Tue Feb 26 13:20:55.592 [conn3] SocketException handling request, closing client connection: 9001 socket exception [6] 

ubuntu@ip-10-36-133-56:~/mongodb-linux-x86_64-subscription-ubuntu1104-2.4.0-rc0$ ./bin/mongos --configdb ip-10-36-133-56 
Tue Feb 26 13:20:55.586 warning: running with 1 config server should be done only for testing purposes and is not recommended for production
Tue Feb 26 13:20:55.587 [mongosMain] MongoS version 2.4.0-rc0 starting: pid=14258 port=27017 64-bit host=ip-10-36-133-56 (--help for usage)
Tue Feb 26 13:20:55.587 [mongosMain] git version: 09967e98e5d6280305d85553cdb2dd12e2e1e149 modules: subscription
Tue Feb 26 13:20:55.587 [mongosMain] build info: Linux bs-e-ubuntu1104 2.6.38-13-virtual #57-Ubuntu SMP Mon Mar 5 21:16:08 UTC 2012 x86_64 BOOST_LIB_VERSION=1_49
Tue Feb 26 13:20:55.587 [mongosMain] options: { configdb: "ip-10-36-133-56" }
Tue Feb 26 13:20:55.590 [mongosMain] Socket recv() errno:104 Connection reset by peer 10.36.133.56:27019
Tue Feb 26 13:20:55.591 [mongosMain] SocketException: remote: 10.36.133.56:27019 error: 9001 socket exception [1] server [10.36.133.56:27019] 
Tue Feb 26 13:20:55.591 [mongosMain] DBClientCursor::init call() failed
Tue Feb 26 13:20:55.591 [mongosMain] Detected bad connection created at 1361884855589939 microSec, clearing pool for ip-10-36-133-56:27019
Tue Feb 26 13:20:55.591 [mongosMain] warning:  couldn't check on config server:ip-10-36-133-56:27019 ok for now : 10276 DBClientBase::findN: transport error: ip-10-36-133-56:27019 ns: admin.$cmd query: { getlasterror: 1 }
Tue Feb 26 13:20:55.592 [mongosMain] Socket recv() errno:104 Connection reset by peer 10.36.133.56:27019
Tue Feb 26 13:20:55.592 [mongosMain] SocketException: remote: 10.36.133.56:27019 error: 9001 socket exception [1] server [10.36.133.56:27019] 
Tue Feb 26 13:20:55.592 [mongosMain] DBClientCursor::init call() failed
Tue Feb 26 13:20:55.592 [CheckConfigServers] Socket recv() errno:104 Connection reset by peer 10.36.133.56:27019
Tue Feb 26 13:20:55.592 [mongosMain] Detected bad connection created at 1361884855592031 microSec, clearing pool for ip-10-36-133-56:27019
Tue Feb 26 13:20:55.592 [CheckConfigServers] SocketException: remote: 10.36.133.56:27019 error: 9001 socket exception [1] server [10.36.133.56:27019] 
Tue Feb 26 13:20:55.592 [mongosMain] ERROR: error upgrading config database to v4 :: caused by :: could not load config version for upgrade :: caused by :: 16625 cursor not found, transport error


Generated at Thu Feb 08 03:18:14 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.