Uploaded image for project: 'C Driver'
  1. C Driver
  2. CDRIVER-4284

Empty OpenSSL error reported when connecting to a load balancer fronting a nonexistent server

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Minor - P4 Minor - P4
    • 1.22.0, 1.22.0-beta0
    • Affects Version/s: 1.20.1
    • Component/s: libmongoc, tls
    • None

      This came up in this patch build for PHPC-2047.

      In that patch build, I neglected to specify the correct mongo orchestration config, so a sharded cluster (with SSL) was launched with two mongos servers listening on ports 27017 and 27018. The load balancer on port 8000 was proxying a single mongos on port 27050 (which did not actually exist).

      The connection string was: mongodb://127.0.0.1:8000/?loadBalanced=true&ssl=true&sslallowinvalidcertificates=true

      Most tests in the patch build were skipped due to the following error:

      Could not establish stream for node 127.0.0.1:8000: [TLS handshake failed: error:00000000:lib(0):func(0):reason(0) calling hello on '127.0.0.1:8000']

      openssl/openssl#1272 suggests that "error:00000000:lib(0):func(0):reason(0)" indicates that there is no OpenSSL error to report. Looking at the format of that error message, I believe this topology scanner error message originates from this line in _mongoc_stream_tls_openssl_handshake when _mongoc_stream_tls_openssl_cert_verify_failed returns false.

      I imagine some error is to be expected here, since the server is clearly inaccessible and cannot complete a handshake, but it seems odd that libmongoc would report an empty OpenSSL error.

            Assignee:
            ezra.chung@mongodb.com Ezra Chung
            Reporter:
            jmikola@mongodb.com Jeremy Mikola
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: