-
Type: Task
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: None
-
Fully Compatible
-
Sharding 2021-02-22
-
36
At this point we have a bug when all existing instances of the SSLConnectionContext share the same SSLManagerInterface instance in `manager` field. This is not correct, because each instance of SSLManagerInterface (SSLManagerOpenSSL) owns its own copy of SSLConfiguration as `_sslConfiguration`.
SSLConfiguration must not be shared between the global manager and each transient manager instance created with specific transient params for inter-cluster communications.
The SSLManagerCoordinator should be enhanced to create a non-global instance of SSLManagerInterface. The `SSLManagerOpenSSL::initSSLContext()` and all methods it invokes should be refactored to be stateless and const.
Thanks mark.benvenuto for explaining the problem.
- is depended on by
-
SERVER-54090 SSLConfiguration use after free when running concurrent migrations
- Closed
-
SERVER-53168 Support 50 concurrent migrations on a single recipient
- Closed