<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 04:43:38 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-36616] Enable ECDHE support if platform supports it</title>
                <link>https://jira.mongodb.org/browse/SERVER-36616</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;At runtime:&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;Continue to call SSL_CTX_set_ecdh_auto, if present at compile time.
	&lt;ul&gt;
		&lt;li&gt;This will activate ECDHE when built against OpenSSL 1.0.2, and leave it activated when running on OpenSSL 1.1.0 or above.&lt;/li&gt;
	&lt;/ul&gt;
	&lt;/li&gt;
	&lt;li&gt;If SSL_CTX_set_ecdh_auto is not present, attempt to call SSL_CTX_ctrl and set option SSL_CTRL_SET_ECDH_AUTO, which is equivalent to the integer literal 94, to &apos;true&apos;.
	&lt;ul&gt;
		&lt;li&gt;If, at runtime, we have been linked against OpenSSL 1.0.2, this will enable ECDHE auto-negotiation.&lt;/li&gt;
		&lt;li&gt;If, at runtime, we have been linked against OpenSSL 1.0.1, this function will return an error and be ignored.&lt;/li&gt;
		&lt;li&gt;OpenSSL 1.0.2 defines SSL_CTRL_SET_ECDH_AUTO to 94. Vendor patches to OpenSSL 1.0.1 should not have been able to repurpose 94 to another configuration option, as doing so would likely harm forward ABI compatibility with OpenSSL 1.0.2.&lt;/li&gt;
	&lt;/ul&gt;
	&lt;/li&gt;
	&lt;li&gt;If SSL_CTX_ctrl fails, and OpenSSL has defined the types necessary to hardcode an ECDHE curve, hardcode the named curve prime256v1.
	&lt;ul&gt;
		&lt;li&gt;This is the named curve hard coded by both Python and Apache, when SSL_CTX_set_ecdh_auto is not present&lt;span class=&quot;error&quot;&gt;&amp;#91;6&amp;#93;&lt;/span&gt;.&lt;/li&gt;
	&lt;/ul&gt;
	&lt;/li&gt;
	&lt;li&gt;Otherwise, if SSL_CTX_set_ecdh_auto is not defined at compile time, SSL_CTX_ctrl fails, and we failed to detect ECDHE support at compile time, do not enable ECDHE.&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;We should also extend jstests/ssl/ssl_ECDHE_suites.js to assert that ECDHE cipher suites are offered on all platforms.&lt;/p&gt;</description>
                <environment></environment>
        <key id="587755">SERVER-36616</key>
            <summary>Enable ECDHE support if platform supports it</summary>
                <type id="3" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14718&amp;avatarType=issuetype">Task</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="patrick.freed@mongodb.com">Patrick Freed</assignee>
                                    <reporter username="greg.mckeon@mongodb.com">Gregory McKeon</reporter>
                        <labels>
                    </labels>
                <created>Mon, 13 Aug 2018 20:14:43 +0000</created>
                <updated>Sun, 29 Oct 2023 22:29:01 +0000</updated>
                            <resolved>Tue, 30 Oct 2018 15:23:51 +0000</resolved>
                                                    <fixVersion>4.1.5</fixVersion>
                                    <component>Security</component>
                                        <votes>0</votes>
                                    <watches>5</watches>
                                                                                                                <comments>
                            <comment id="2244612" author="ian@10gen.com" created="Mon, 13 May 2019 16:08:47 +0000"  >&lt;p&gt;work caught under &lt;a href=&quot;https://jira.mongodb.org/browse/DRIVERS-551&quot; title=&quot;Support Elliptic Curve Auto Negotiation with OpenSSL everywhere&quot; class=&quot;issue-link&quot; data-issue-key=&quot;DRIVERS-551&quot;&gt;&lt;del&gt;DRIVERS-551&lt;/del&gt;&lt;/a&gt;.&lt;/p&gt;</comment>
                            <comment id="2046243" author="xgen-internal-githook" created="Tue, 30 Oct 2018 15:22:43 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Patrick Freed&apos;, &apos;email&apos;: &apos;patrick.freed@mongodb.com&apos;, &apos;username&apos;: &apos;patrickfreed&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-36616&quot; title=&quot;Enable ECDHE support if platform supports it&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-36616&quot;&gt;&lt;del&gt;SERVER-36616&lt;/del&gt;&lt;/a&gt; Enable ECDHE support if platform supports it&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/b9f13ea4f0f8e5a3e69ed99c954d94629e7e2d4a&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/b9f13ea4f0f8e5a3e69ed99c954d94629e7e2d4a&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="2031896" author="spencer.jackson@10gen.com" created="Fri, 12 Oct 2018 20:01:24 +0000"  >&lt;p&gt;When we merge this, and update the TLS protocol version probe test, we should add a tag to it which suggests it should not run on burn in. We&apos;d then mark that tag as excluded for the burn in suite.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10010">
                    <name>Duplicate</name>
                                            <outwardlinks description="duplicates">
                                        <issuelink>
            <issuekey id="545940">SERVER-35064</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="is duplicated by">
                                        <issuelink>
            <issuekey id="1368876">SERVER-48533</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>3.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18555" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname># of Sprints</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1.0</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10038"><![CDATA[Fully Compatible]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Fri, 12 Oct 2018 20:01:24 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        4 years, 39 weeks, 2 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>PM-1171</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>luke.bonanomi@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            4 years, 39 weeks, 2 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>greg.mckeon@mongodb.com</customfieldvalue>
            <customfieldvalue>ian@mongodb.com</customfieldvalue>
            <customfieldvalue>patrick.freed@mongodb.com</customfieldvalue>
            <customfieldvalue>spencer.jackson@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hu5eev:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hr8ipj:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="2597">Security 2018-11-05</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|hu50o7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>