Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-2846

OpenSSL 1.1.1 compatibility

    • Type: Icon: New Feature New Feature
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 1.14.0
    • Affects Version/s: None
    • Component/s: tls
    • None

      Our Evergreen Archlinux images just upgraded to OpenSSL 1.1.1, revealing at least 3 issues:

      • Our ASN1_STRING_get0_data config check in CMake is broken and doesn't detect that the new function is available.
      • Our test certs are signed with SHA1. I've heard this is now prohibited but can't find OpenSSL docs that say so; anyway we must regenerate them with SHA256.
      • The mock server tests fail instantly now, even with new certs. TLS handshake succeeds and the client can send isMaster to the mock server, but it gets some error reading the mock server's reply.

      Update: The test certs are ok for now, the original report that OpenSSL 1.1.1 bans SHA1 signatures was wrong, it's actually a Debian policy that bans them. I've opened DRIVERS-575 to regenerate them, but that's not the bug here.

      Some clues about the mock server test failures. OpenSSL 1.1.1 supports TLS 1.3:

      "TLSv1.3 sends more non-application data records after the handshake is finished. At least the session ticket and possibly a key update is send after the finished message. With TLSv1.2 it happened in case of renegotiation. SSL_read() has always documented that it can return SSL_ERROR_WANT_READ after processing non-application data, even when there is still data that can be read. When SSL_MODE_AUTO_RETRY is set using SSL_CTX_set_mode() OpenSSL will try to process the next record, and so not return SSL_ERROR_WANT_READ while it still has data available. Because many applications did not handle this properly, SSL_MODE_AUTO_RETRY has been made the default. If the application is using blocking sockets and SSL_MODE_AUTO_RETRY is enabled, and select() is used to check if a socket is readable this results in SSL_read() processing the non-application data records, but then try to read an application data record which might not be available and hang."

      The C Driver isn't hanging with blocking sockets, it's getting an error with non-blocking sockets. Still, the problem must be in this vicinity, because disabling TLS 1.3 in _mongoc_openssl_ctx_new with "SSL_CTX_set_max_proto_version (ctx, TLS1_2_VERSION)" makes the bug disappear.

       

            Assignee:
            jesse@mongodb.com A. Jesse Jiryu Davis
            Reporter:
            jesse@mongodb.com A. Jesse Jiryu Davis
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: