Every heartbeatFrequencyMS, the driver calls "isMaster" on all established monitoring connections. At least with Windows SChannel, and perhaps with OpenSSL and Apple's Secure Transport as well, the driver begins a new TLS handshake even though the connection is already handshaken. When the server is built with Secure Transport or SChannel (which landed circa 3.7.4), it rejects this renegotiation and closes the connection.
Servers using OpenSSL (which until recently was the server's only TLS implementation) will allow the renegotiation, so we didn't see errors from this bug in the past. Even now when the server might hang up on the client, the driver will usually recover by opening a new monitoring connection almost immediately, so we rarely see problems.
This was discovered testing CDRIVER-2404: since the driver can take more than heartbeatFrequencyMS to generate 10,001 client sessions, and since the driver is not allowed to reconnect in order send the endSessions command, it can fail to send the command and cause a test failure.
- is depended on by
-
PHPC-1169 TLS renegotiation errors during heartbeat when using Secure Transport
- Closed
- related to
-
CDRIVER-2934 Disable TLS renegotiation when possible
- Closed
- links to