[CDRIVER-1115] Read X.509 only once Created: 13/Feb/16  Updated: 13/Apr/16  Resolved: 13/Apr/16

Status: Closed
Project: C Driver
Component/s: None
Affects Version/s: 1.4.0
Fix Version/s: 1.4.0

Type: Bug Priority: Major - P3
Reporter: Hannes Magnusson Assignee: Hannes Magnusson
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to CDRIVER-1116 mongoc_ssl_config_t Closed
Epic Link: Native TLS and SCRAM-SHA-1

 Description   

We read the X.509 everytime we need to present it or extract information to it.

In normal scenarios this is only once; when starting up the client and creating sockets.

However, if the X.509 is then removed, and a socket breaks and we need to recreate it, we'll fail as we can't read the file.



 Comments   
Comment by Hannes Magnusson [ 13/Apr/16 ]

This is intentional and expected.

The resource itself is expected to be available for the lifetime of its use.
When attempting to re-read it, to reconnect to a server, the resource is expected to be there.

This is also inline with the general expectations from OpenSSL, not only Native TLS bindings.

Comment by Hannes Magnusson [ 13/Feb/16 ]

Note from Jesse: Let's have the topology own the cache: then it will have the right lifetime, both for pooled clients and regular clients.

Comment by Hannes Magnusson [ 13/Feb/16 ]

This should be easily reproducible in the /SSL/extract_subject test for example

Generated at Wed Feb 07 21:11:36 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.