Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-3318

Issues running some commands via mongoc when using SSL on macOS

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Critical - P2 Critical - P2
    • 1.16.0, 1.15.3
    • Affects Version/s: None
    • Component/s: None
    • Environment:
      Mac OS X 10.14.5
      mongoc 1.15.0
      MongoDB 4.0.5 standalone

      I am running a standalone mongod (v4.0.5) started as follows using the certs from mongo-orchestration:

      mongod --sslCAFile mongo-orchestration/tests/lib/ca.pem --sslWeakCertificateValidation --sslMode requireSSL --sslPEMKeyFile mongo-orchestration/tests/lib/server.pem

      The first command I noticed issues with is buildInfo.

      I am able to run buildInfo via the shell as follows:

      mongo admin --ssl --sslCAFile code/drivers/mongo-orchestration/tests/lib/ca.pem --eval "db.runCommand({buildInfo: 1})"

      However when I try to run it via mongoc (see attached file), the command hangs for 5 minutes and then fails with the output

      WARNING:       stream: Failed to buffer 600 bytes
failed to run command: Failed to send "buildInfo" command with database "admin": Failed to read 1620 bytes: socket error or timeout

      I have reproduced this both on mongoc 1.14.0 and 1.15.0. 

      This is example #1 in the attached file.

      You will need to replace the absolute path to the CA file with your own local path.

      The second command I ran into issues with is listIndexes. See example 2 in the attached file. This came about running a Swift driver test that creates a couple of indexes and exercises a bunch of options, and then calls mongoc_collection_find_indexes_with_opts to get the results. The function call would hang for a few minutes and eventually print out

      WARNING:       stream: Failed to buffer 1 bytes
WARNING:       stream: Failed to buffer 1 bytes

      I can't quite figure it out, but the issue has something to do with the size of the createIndexes command run before the call to listIndexes. Possibly the issue just occurs after some number of bytes are read and if your initial command was large enough that one would hang, too.

      This only seems to happen in pooled mode. Switching to just creating a new client with the URI solves the problem.

      The issues do not occur on Linux.

      For now I will use serverStatus in place of buildInfo, and skip the problematic index test when using SSL.

      Since we already triggered this issue 2x in our tests inadvertently it seems like it would be fairly easy for a user to encounter as well.

        1. Makefile
          0.2 kB
        2. main.c
          4 kB

            Assignee:
            samantha.ritter@mongodb.com Samantha Ritter (Inactive)
            Reporter:
            kaitlin.mahar@mongodb.com Kaitlin Mahar
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: