Details
-
Improvement
-
Resolution: Fixed
-
Major - P3
-
None
-
Fully Compatible
-
Service Arch 2022-2-21
-
2
Description
The API that ASIOSession exposes to perform SSL handshake (i.e., handshakeSSLForEgressWithLock) comprises two steps:
- Constructing a SSL socket from the existing socket.
- Initiating handshake and returning a future.
To support concurrent accesses to the socket object (e.g., from timers that enforce a timeout for the SSL handshake), the first step is done while holding a mutex:
Future<void> TransportLayerASIO::ASIOSession::handshakeSSLForEgressWithLock( |
stdx::unique_lock<Latch> lk, const HostAndPort& target, const ReactorHandle& reactor) { |
...
|
_sslSocket.emplace(std::move(_socket), *_sslContext->egress, removeFQDNRoot(target.host()));
|
lk.unlock();
|
...
|
return doHandshake().then([this, target, reactor] { |
...
|
});
|
}
|
Separating these steps and ensuring the SSL socket is constructed before setting up timers would obviate the need for having the mutex.
Attachments
Issue Links
- is related to
-
SERVER-62665 Ensure `TransportLayerASIO::TimerService` can safely end the session
-
- Closed
-