[CDRIVER-1555] SSL connections can leak sockets Created: 21/Sep/16 Updated: 19/Oct/16 Resolved: 23/Sep/16 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | libmongoc, tls |
| Affects Version/s: | 1.3.0, 1.4.1 |
| Fix Version/s: | 1.5.0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | John Becker | Assignee: | Hannes Magnusson |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
Windows 2007, Visual Studio 2010 |
||
| Description |
|
When an SSL-enabled mongoc_client_t attempts to communicate to a mongod listening on an unsecure socket it leaks one socket per request. Calling mongoc_client_destroy to clean up the mongoc_client_t does not clean up the sockets. Exiting the applications is the only way to free the sockets. Steps to reproduce:
|
| Comments |
| Comment by Githook User [ 23/Sep/16 ] | |||||||||||||||||||||||||||||||||||||||
|
Author: {u'username': u'bjori', u'name': u'Hannes Magnusson', u'email': u'bjori@php.net'}Message: | |||||||||||||||||||||||||||||||||||||||
| Comment by Hannes Magnusson [ 22/Sep/16 ] | |||||||||||||||||||||||||||||||||||||||
|
Interesting, thanks! | |||||||||||||||||||||||||||||||||||||||
| Comment by John Becker [ 22/Sep/16 ] | |||||||||||||||||||||||||||||||||||||||
|
Yes, the example below produces a socket leak for each call to mongoc_client_get_server_status. The specific misconfiguration that triggers the leak is setting pem_file or ca_file to the empty string in the mongoc_ssl_opt_t structure.
| |||||||||||||||||||||||||||||||||||||||
| Comment by Hannes Magnusson [ 22/Sep/16 ] | |||||||||||||||||||||||||||||||||||||||
|
I'm not able to reproduce this on Windows or Linux, be it when compiled against OpenSSL. Since you reported this against 1.3.0, I'm assuming you are compiling against OpenSSL, and not SChannel. I tried to use our example-ping.c, adding a long Sleep() before the return and cleanups, and passing it "mongodb://server/?ssl=1" as argument. As far as I can tell we successfully call mongoc_socket_close on the underlaying socket, which calls shutdown and closesocket. Do you have an reproduce case where this is not the case? | |||||||||||||||||||||||||||||||||||||||
| Comment by A. Jesse Jiryu Davis [ 21/Sep/16 ] | |||||||||||||||||||||||||||||||||||||||
|
Thanks for the report! |