<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:11:06 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-948] TLS / SSL connections fail in pooled mode</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-948</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;Client operations over SSL will always fail in version 1.2.0 if the client is from a mongoc_pool_t.&lt;/p&gt;

&lt;p&gt;Beginning in 1.2.0, clients from a pool all share a set of sockets for server monitoring, but use distinct per-client sockets for application operations (such as queries, writes, etc.). When the pool creates sockets for monitoring, it begins a non-blocking connect on each and uses &quot;poll&quot; to wait asynchronously for all of them to finish connecting. When an individual client creates a socket for application operations, the client connects the socket synchronously.&lt;/p&gt;

&lt;p&gt;In the process of a series of refactorings (mainly related to &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-894&quot; title=&quot;test_exhaust_cursor fails on new reconnect code&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-894&quot;&gt;&lt;del&gt;CDRIVER-894&lt;/del&gt;&lt;/a&gt;) we introduced a new internal function mongoc_stream_wait that a pooled client uses to await connection on a socket before doing application operations on it. We didn&apos;t re-test SSL connections in pooled mode after those refactorings were completed.&lt;/p&gt;

&lt;p&gt;This allowed a bug to slip through: the new mongoc_stream_wait calls mongoc_stream_poll on a buffered TLS stream, but buffered TLS streams don&apos;t implement &quot;poll&quot;. So mongoc_stream_poll always errors (&quot;invalid argument&quot;, EINVAL) and the connection is considered failed.&lt;/p&gt;

&lt;p&gt;Symptom: a &quot;find&quot; and &quot;mongoc_cursor_next&quot; operation with a pooled client and SSL enabled fails, with the error, &quot;Cursor Failure: Failed to connect to target host&quot;.&lt;/p&gt;</description>
                <environment></environment>
        <key id="235431">CDRIVER-948</key>
            <summary>TLS / SSL connections fail in pooled mode</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="1" iconUrl="https://jira.mongodb.org/images/icons/priorities/blocker.svg">Blocker - P1</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="9">Done</resolution>
                                        <assignee username="jesse@mongodb.com">A. Jesse Jiryu Davis</assignee>
                                    <reporter username="jesse@mongodb.com">A. Jesse Jiryu Davis</reporter>
                        <labels>
                    </labels>
                <created>Tue, 20 Oct 2015 20:53:27 +0000</created>
                <updated>Mon, 8 May 2017 16:43:36 +0000</updated>
                            <resolved>Thu, 22 Oct 2015 20:20:43 +0000</resolved>
                                    <version>1.2.0</version>
                                    <fixVersion>1.2.1</fixVersion>
                                    <component>libmongoc</component>
                    <component>tls</component>
                                        <votes>0</votes>
                                    <watches>1</watches>
                                                                                                                <comments>
                            <comment id="1068369" author="xgen-internal-githook" created="Thu, 22 Oct 2015 20:36:42 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;bjori&apos;, u&apos;name&apos;: u&apos;Hannes Magnusson&apos;, u&apos;email&apos;: u&apos;bjori@php.net&apos;}
&lt;p&gt;Message: Merge branch &apos;r1.2&apos;&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;r1.2:&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-940&quot; title=&quot;Build errors and warnings on mingw-w64&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-940&quot;&gt;&lt;del&gt;CDRIVER-940&lt;/del&gt;&lt;/a&gt;: Fix build on (older) mingw&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-948&quot; title=&quot;TLS / SSL connections fail in pooled mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-948&quot;&gt;&lt;del&gt;CDRIVER-948&lt;/del&gt;&lt;/a&gt; enable poll on buffered streams&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-948&quot; title=&quot;TLS / SSL connections fail in pooled mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-948&quot;&gt;&lt;del&gt;CDRIVER-948&lt;/del&gt;&lt;/a&gt; don&apos;t stream_wait in fetch_stream_pooled&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-673&quot; title=&quot;Test with and without SSL, incl. FIPS mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-673&quot;&gt;&lt;del&gt;CDRIVER-673&lt;/del&gt;&lt;/a&gt; fix some tests that fail with SSL&lt;br/&gt;
  fix URI used in tests&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-673&quot; title=&quot;Test with and without SSL, incl. FIPS mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-673&quot;&gt;&lt;del&gt;CDRIVER-673&lt;/del&gt;&lt;/a&gt; add test certificates&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-673&quot; title=&quot;Test with and without SSL, incl. FIPS mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-673&quot;&gt;&lt;del&gt;CDRIVER-673&lt;/del&gt;&lt;/a&gt; add SSL mongo-orchestration config&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/f635aa6ee7a8fe4f617fa284c98b4219bc5c3016&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/f635aa6ee7a8fe4f617fa284c98b4219bc5c3016&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
</comment>
                            <comment id="1068368" author="xgen-internal-githook" created="Thu, 22 Oct 2015 20:36:41 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;bjori&apos;, u&apos;name&apos;: u&apos;Hannes Magnusson&apos;, u&apos;email&apos;: u&apos;bjori@php.net&apos;}
&lt;p&gt;Message: Merge branch &apos;r1.2&apos;&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;r1.2:&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-940&quot; title=&quot;Build errors and warnings on mingw-w64&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-940&quot;&gt;&lt;del&gt;CDRIVER-940&lt;/del&gt;&lt;/a&gt;: Fix build on (older) mingw&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-948&quot; title=&quot;TLS / SSL connections fail in pooled mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-948&quot;&gt;&lt;del&gt;CDRIVER-948&lt;/del&gt;&lt;/a&gt; enable poll on buffered streams&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-948&quot; title=&quot;TLS / SSL connections fail in pooled mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-948&quot;&gt;&lt;del&gt;CDRIVER-948&lt;/del&gt;&lt;/a&gt; don&apos;t stream_wait in fetch_stream_pooled&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-673&quot; title=&quot;Test with and without SSL, incl. FIPS mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-673&quot;&gt;&lt;del&gt;CDRIVER-673&lt;/del&gt;&lt;/a&gt; fix some tests that fail with SSL&lt;br/&gt;
  fix URI used in tests&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-673&quot; title=&quot;Test with and without SSL, incl. FIPS mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-673&quot;&gt;&lt;del&gt;CDRIVER-673&lt;/del&gt;&lt;/a&gt; add test certificates&lt;br/&gt;
  &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-673&quot; title=&quot;Test with and without SSL, incl. FIPS mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-673&quot;&gt;&lt;del&gt;CDRIVER-673&lt;/del&gt;&lt;/a&gt; add SSL mongo-orchestration config&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/f635aa6ee7a8fe4f617fa284c98b4219bc5c3016&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/f635aa6ee7a8fe4f617fa284c98b4219bc5c3016&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
</comment>
                            <comment id="1068365" author="xgen-internal-githook" created="Thu, 22 Oct 2015 20:36:38 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;ajdavis&apos;, u&apos;name&apos;: u&apos;A. Jesse Jiryu Davis&apos;, u&apos;email&apos;: u&apos;jesse@mongodb.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-948&quot; title=&quot;TLS / SSL connections fail in pooled mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-948&quot;&gt;&lt;del&gt;CDRIVER-948&lt;/del&gt;&lt;/a&gt; enable poll on buffered streams&lt;/p&gt;

&lt;p&gt;Although the previous commit removes the need for this, it&apos;s a bug&lt;br/&gt;
waiting to happen again: if a stream is wrapped in more than one&lt;br/&gt;
layer it can&apos;t be passed to mongoc_stream_poll. Now, we unwrap until&lt;br/&gt;
we reach the real base stream before calling poll.&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/614544efe1f6214df3ba3152a12b2773c87d29d7&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/614544efe1f6214df3ba3152a12b2773c87d29d7&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1068364" author="xgen-internal-githook" created="Thu, 22 Oct 2015 20:36:37 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;ajdavis&apos;, u&apos;name&apos;: u&apos;A. Jesse Jiryu Davis&apos;, u&apos;email&apos;: u&apos;jesse@mongodb.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-948&quot; title=&quot;TLS / SSL connections fail in pooled mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-948&quot;&gt;&lt;del&gt;CDRIVER-948&lt;/del&gt;&lt;/a&gt; don&apos;t stream_wait in fetch_stream_pooled&lt;/p&gt;

&lt;p&gt;Not needed: mongoc_cluster_fetch_stream_pooled ultimately calls&lt;br/&gt;
mongoc_client_default_stream_initiator, hence mongoc_client_connect_tcp,&lt;br/&gt;
which awaits connectTimeoutMS for the connection to be established.&lt;/p&gt;

&lt;p&gt;Calling mongoc_stream_wait in pooled mode with SSL failed with EINVAL:&lt;br/&gt;
&quot;stream&quot; is a socket stream, wrapped in a TLS stream, wrapped in a&lt;br/&gt;
buffered stream. You can pass a socket stream or TLS stream to&lt;br/&gt;
mongoc_stream_poll, but you can&apos;t pass a buffered stream since a&lt;br/&gt;
buffered stream doesn&apos;t implement poll().&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/709532e3e629ad1fb40f7686a581dbe36dbf881c&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/709532e3e629ad1fb40f7686a581dbe36dbf881c&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1068322" author="xgen-internal-githook" created="Thu, 22 Oct 2015 20:20:14 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;ajdavis&apos;, u&apos;name&apos;: u&apos;A. Jesse Jiryu Davis&apos;, u&apos;email&apos;: u&apos;jesse@mongodb.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-948&quot; title=&quot;TLS / SSL connections fail in pooled mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-948&quot;&gt;&lt;del&gt;CDRIVER-948&lt;/del&gt;&lt;/a&gt; enable poll on buffered streams&lt;/p&gt;

&lt;p&gt;Although the previous commit removes the need for this, it&apos;s a bug&lt;br/&gt;
waiting to happen again: if a stream is wrapped in more than one&lt;br/&gt;
layer it can&apos;t be passed to mongoc_stream_poll. Now, we unwrap until&lt;br/&gt;
we reach the real base stream before calling poll.&lt;br/&gt;
Branch: r1.2&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/614544efe1f6214df3ba3152a12b2773c87d29d7&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/614544efe1f6214df3ba3152a12b2773c87d29d7&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="1068321" author="xgen-internal-githook" created="Thu, 22 Oct 2015 20:20:13 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{u&apos;username&apos;: u&apos;ajdavis&apos;, u&apos;name&apos;: u&apos;A. Jesse Jiryu Davis&apos;, u&apos;email&apos;: u&apos;jesse@mongodb.com&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-948&quot; title=&quot;TLS / SSL connections fail in pooled mode&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-948&quot;&gt;&lt;del&gt;CDRIVER-948&lt;/del&gt;&lt;/a&gt; don&apos;t stream_wait in fetch_stream_pooled&lt;/p&gt;

&lt;p&gt;Not needed: mongoc_cluster_fetch_stream_pooled ultimately calls&lt;br/&gt;
mongoc_client_default_stream_initiator, hence mongoc_client_connect_tcp,&lt;br/&gt;
which awaits connectTimeoutMS for the connection to be established.&lt;/p&gt;

&lt;p&gt;Calling mongoc_stream_wait in pooled mode with SSL failed with EINVAL:&lt;br/&gt;
&quot;stream&quot; is a socket stream, wrapped in a TLS stream, wrapped in a&lt;br/&gt;
buffered stream. You can pass a socket stream or TLS stream to&lt;br/&gt;
mongoc_stream_poll, but you can&apos;t pass a buffered stream since a&lt;br/&gt;
buffered stream doesn&apos;t implement poll().&lt;br/&gt;
Branch: r1.2&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-c-driver/commit/709532e3e629ad1fb40f7686a581dbe36dbf881c&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-c-driver/commit/709532e3e629ad1fb40f7686a581dbe36dbf881c&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10010">
                    <name>Duplicate</name>
                                                                <inwardlinks description="is duplicated by">
                                        <issuelink>
            <issuekey id="234271">CDRIVER-931</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                            <outwardlinks description="related to">
                                                        </outwardlinks>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="381675">CDRIVER-2153</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="204836">CDRIVER-673</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hsdtvz:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="760">C Driver 2015Q2 sprint 9</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>