diff options
| author | Shreyas Kalyan <shreyas.kalyan@10gen.com> | 2020-12-03 21:55:49 -0800 |
|---|---|---|
| committer | Evergreen Agent <no-reply@evergreen.mongodb.com> | 2021-01-06 23:34:36 +0000 |
| commit | c20e3c5001923d8e8385dab70786da97888b039e (patch) | |
| tree | b9bb4ac32fbbad1057007cb400e6d5f92309e507 /src | |
| parent | b58f5c476af6cfd70f9aad86e1e6007e61ec93d0 (diff) | |
| download | mongo-c20e3c5001923d8e8385dab70786da97888b039e.tar.gz | |
SERVER-51364 Ubuntu 18.04 Server with OCSP and TLS fails to work
Diffstat (limited to 'src')
| -rw-r--r-- | src/mongo/SConscript | 1 | ||||
| -rw-r--r-- | src/mongo/config.h.in | 5 | ||||
| -rw-r--r-- | src/mongo/util/net/ssl_manager_openssl.cpp | 6 |
3 files changed, 11 insertions, 1 deletions
diff --git a/src/mongo/SConscript b/src/mongo/SConscript index df43a86dd71..256bd4aa910 100644 --- a/src/mongo/SConscript +++ b/src/mongo/SConscript @@ -89,6 +89,7 @@ config_header_substs = ( ('@mongo_config_have_std_enable_if_t@', 'MONGO_CONFIG_HAVE_STD_ENABLE_IF_T'), ('@mongo_config_have_strnlen@', 'MONGO_CONFIG_HAVE_STRNLEN'), ('@mongo_config_max_extended_alignment@', 'MONGO_CONFIG_MAX_EXTENDED_ALIGNMENT'), + ('@mongo_config_ocsp_stapling_enabled@', 'MONGO_CONFIG_OCSP_STAPLING_ENABLED'), ('@mongo_config_optimized_build@', 'MONGO_CONFIG_OPTIMIZED_BUILD'), ('@mongo_config_ssl_has_asn1_any_definitions@', 'MONGO_CONFIG_HAVE_ASN1_ANY_DEFINITIONS'), ('@mongo_config_ssl_provider@', 'MONGO_CONFIG_SSL_PROVIDER'), diff --git a/src/mongo/config.h.in b/src/mongo/config.h.in index f2ebbe24e44..faba0dbc543 100644 --- a/src/mongo/config.h.in +++ b/src/mongo/config.h.in @@ -74,6 +74,9 @@ // A number, if we have some extended alignment ability @mongo_config_max_extended_alignment@ +// defined if OCSP Stapling is enabled +@mongo_config_ocsp_stapling_enabled@ + // Defined if building an optimized build @mongo_config_optimized_build@ @@ -99,4 +102,4 @@ @mongo_config_use_raw_latches@ // Defined if WiredTiger storage engine is enabled -@mongo_config_wiredtiger_enabled@ +@mongo_config_wiredtiger_enabled@
\ No newline at end of file diff --git a/src/mongo/util/net/ssl_manager_openssl.cpp b/src/mongo/util/net/ssl_manager_openssl.cpp index a0ef1ec1e42..1dfd01c5805 100644 --- a/src/mongo/util/net/ssl_manager_openssl.cpp +++ b/src/mongo/util/net/ssl_manager_openssl.cpp @@ -1936,6 +1936,7 @@ std::tuple<X509*> getCertificateForContext(SSL_CTX* context) { } #endif +#ifdef MONGO_CONFIG_OCSP_STAPLING_ENABLED Status SSLManagerOpenSSL::stapleOCSPResponse(SSL_CTX* context, bool asyncOCSPStaple) { if (MONGO_unlikely(disableStapling.shouldFail()) || !tlsOCSPEnabled) { return Status::OK(); @@ -1943,6 +1944,11 @@ Status SSLManagerOpenSSL::stapleOCSPResponse(SSL_CTX* context, bool asyncOCSPSta return _fetcher.start(context, asyncOCSPStaple); } +#else +Status SSLManagerOpenSSL::stapleOCSPResponse(SSL_CTX* context, bool asyncOCSPStaple) { + return Status::OK(); +} +#endif // MONGO_CONFIG_OCSP_STAPLING_ENABLED Status OCSPFetcher::start(SSL_CTX* context, bool asyncOCSPStaple) { // Increment the ref count on SSL_CTX by creating a SSL object so that our context lives with |