-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: kerberos
Kerberos crashes when used on RHEL8 with Node.js 18+ because the RHEL8 version of Kerberos links against the system OpenSSL 1.1, while Node.js 18+ comes with OpenSSL 3 by default and the respective symbols end up conflicting with each other.
A workaround is to install kerberos via env GYP_DEFINES=kerberos_use_rtld=true npm install kerberos --build-from-source.
A potential solution could be to enable the kerberos_use_rtld=true flag by default.
Example reports:
MONGOSH-1628- https://github.com/mongodb-js/kerberos/pull/172#issuecomment-2207020333
- https://mongodb.slack.com/archives/C0V8RU15L/p1717024362566649
Use Case
As a... RHEL8 user
I want... my kerberos addon not to crash when using Node.js 18+
So that... I can keep using kerberos
User Impact
kerberos flat out crashes.
Dependencies
Shouldn't have any. (NODE-5746 already enabled us to fix this for mongosh; I was wrong to assume that this wouldn't impact regular Node.js usage where the addon is a dynamic/shared library rather than statically linked).
Unknowns
- questions that need to be answered to determine implementation
Acceptance Criteria
Implementation Requirements
- functional reqs, potential snafus to avoid, performance targets, etc
Testing Requirements
- unit test, spec test sync, etc
Documentation Requirements
- DOCSP ticket, API docs, etc
Follow Up Requirements
- additional tickets to file, required releases, etc
- is related to
-
NODE-6320 Revert kerberos_use_rtld flag default on macOS
- Closed
- related to
-
MONGOSH-1628 Statically linking kerberos leads to OpenSSL version conflict on RHEL8 distros
- Closed
-
NODE-5746 Allow runtime linking against system kerberos libraries
- Closed