Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MongoDB TLS connection still has problems (secureContext.key is ignored in tls.connect call) #27185

Open
LP1994 opened this issue Dec 2, 2024 · 10 comments
Open

MongoDB TLS connection still has problems (secureContext.key is ignored in tls.connect call) #27185

LP1994 opened this issue Dec 2, 2024 · 10 comments
Assignees
@kt3k @littledivy
Labels
bug Something isn't working correctly node compat tls Issues related to TLS implementation

Comments

@LP1994
Copy link

LP1994 commented Dec 2, 2024 

          I just updated “deno” to “deno-2.1.2” and found that this problem (https://github.com/denoland/deno/issues/26660) is still there.

image
image
MongodB log:
image

Originally posted by @LP1994 in #26660 (comment)
@LP1994 LP1994 changed the title I just updated “deno” to “deno-2.1.2” and found that this problem (https://github.com/denoland/deno/issues/26660) is still there. I just updated “deno” to “deno-2.1.2” and found that this problem (https://github.com/denoland/deno/issues/26660) is still there. Connecting to MongoDB database that requires TLS/SSL doesn't work in [email protected], But it works in [email protected]. Dec 2, 2024
@LP1994
Copy link
Author

LP1994 commented Dec 2, 2024

Specific problem descriptions and minimum available demos can be found at: #26660

@LP1994
Copy link
Author

LP1994 commented Dec 2, 2024

If you need my assistance in reproducing the error, feel free to let me know and I will respond and assist as soon as I see the message.

@bartlomieju bartlomieju added bug Something isn't working correctly tls Issues related to TLS implementation node compat labels Dec 6, 2024
@bartlomieju bartlomieju changed the title I just updated “deno” to “deno-2.1.2” and found that this problem (https://github.com/denoland/deno/issues/26660) is still there. Connecting to MongoDB database that requires TLS/SSL doesn't work in [email protected], But it works in [email protected]. MongoDB TLS connection still has problems Dec 6, 2024
@kt3k
Copy link
Member

kt3k commented Jan 17, 2025

This might be related to #27652 (which now I'm trying to fix in #27707)

@LP1994
Copy link
Author

LP1994 commented Jan 18, 2025

This might be related to #27652 (which now I'm trying to fix in #27707)

Thank you very much for your reply and contribution!
I look forward to seeing this issue resolved in a subsequent update.

@kt3k
Copy link
Member

kt3k commented Jan 22, 2025

Now we published the above fix. Can you test your script with Deno v2.1.7?

@LP1994
Copy link
Author

LP1994 commented Jan 22, 2025

Now we published the above fix. Can you test your script with Deno v2.1.7?

Ok, I'll update to "2.1.7" first, and then try my example.

@LP1994
Copy link
Author

LP1994 commented Jan 22, 2025
edited by kt3k
Loading

Now we published the above fix. Can you test your script with Deno v2.1.7?

It still doesn't work!!!

This is the error message:

MongoServerSelectionError: read ECONNRESET
    at Topology.selectServer (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/sdam/topology.js:320:38)
    at eventLoopTick (ext:core/01_core.js:216:9)
    at async Topology._connect (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/sdam/topology.js:204:28)
    at async Topology.connect (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/sdam/topology.js:156:13)
    at async topologyConnect (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/mongo_client.js:233:17)
    at async MongoClient._connect (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/mongo_client.js:246:13)
    at async MongoClient.connect (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/mongo_client.js:171:13)
    at async autoConnect (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/operations/execute_operation.js:97:13)
    at async executeOperation (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/operations/execute_operation.js:37:22)
    at async FindCursor._initialize (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/cursor/find_cursor.js:60:26)
Caused by MongoError: read ECONNRESET
    at onHeartbeatFailed (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/sdam/monitor.js:187:15)
    at file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/sdam/monitor.js:286:9
    at Object.runMicrotasks (ext:core/01_core.js:685:26)
    at processTicksAndRejections (ext:deno_node/_next_tick.ts:59:10)
    at runNextTicks (ext:deno_node/_next_tick.ts:76:3)
    at eventLoopTick (ext:core/01_core.js:184:21)
Caused by Error: read ECONNRESET
    at __node_internal_captureLargerStackTrace (ext:deno_node/internal/errors.ts:93:9)
    at __node_internal_errnoException (ext:deno_node/internal/errors.ts:141:10)
    at TCP.onStreamRead [as onread] (ext:deno_node/internal/stream_base_commons.ts:209:20)
    at TCP.#read (ext:deno_node/internal_binding/stream_wrap.ts:252:12)
    at eventLoopTick (ext:core/01_core.js:177:7) {
  reason: TopologyDescription {
    type: "Unknown",
    servers: Map(1) {
      "127.0.0.1:27777" => ServerDescription {
        address: "127.0.0.1:27777",
        type: "Unknown",
        hosts: [],
        passives: [],
        arbiters: [],
        tags: {},
        minWireVersion: 0,
        maxWireVersion: 0,
        roundTripTime: -1,
        minRoundTripTime: 0,
        lastUpdateTime: 64200,
        lastWriteDate: 0,
        error: MongoError: read ECONNRESET
    at onHeartbeatFailed (file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/sdam/monitor.js:187:15)
    at file:///D:/Deno/App/Dir/npm/registry.npmjs.org/mongodb/6.12.0/lib/sdam/monitor.js:286:9
    at Object.runMicrotasks (ext:core/01_core.js:685:26)
    at processTicksAndRejections (ext:deno_node/_next_tick.ts:59:10)
    at runNextTicks (ext:deno_node/_next_tick.ts:76:3)
    at eventLoopTick (ext:core/01_core.js:184:21)
Caused by Error: read ECONNRESET
    at __node_internal_captureLargerStackTrace (ext:deno_node/internal/errors.ts:93:9)
    at __node_internal_errnoException (ext:deno_node/internal/errors.ts:141:10)
    at TCP.onStreamRead [as onread] (ext:deno_node/internal/stream_base_commons.ts:209:20)
    at TCP.#read (ext:deno_node/internal_binding/stream_wrap.ts:252:12)
    at eventLoopTick (ext:core/01_core.js:177:7) {
          [Symbol(errorLabels)]: [Set]
        },
        topologyVersion: null,
        setName: null,
        setVersion: null,
        electionId: null,
        logicalSessionTimeoutMinutes: null,
        maxMessageSizeBytes: null,
        maxWriteBatchSize: null,
        maxBsonObjectSize: null,
        primary: null,
        me: null,
        "$clusterTime": null,
        iscryptd: false
      }
    },
    stale: false,
    compatible: true,
    heartbeatFrequencyMS: 10000,
    localThresholdMS: 15,
    setName: null,
    maxElectionId: null,
    maxSetVersion: null,
    commonWireVersion: 0,
    logicalSessionTimeoutMinutes: null
  },
  code: undefined,
  [Symbol(errorLabels)]: Set(0) {}
}

This is the error message from the database:

Image

@LP1994
Copy link
Author

LP1994 commented Jan 22, 2025

I still tried the “node” version of the example, and the “node” version works.
But the “deno v2.1.7” example still has the same problem.

@LP1994
Copy link
Author

LP1994 commented Jan 22, 2025

Keep calling me if you need my assistance with testing in the future, I'll come and assist with testing if I see a message.

@kt3k kt3k self-assigned this Jan 27, 2025
@kt3k
Copy link
Member

kt3k commented Feb 5, 2025

This looks related to the handling of secureContext.key option of tls.connect. In the above repro example, ca and key options of secureContext are specified in tls.connect call, but we only handle ca option in our compat implementation:

deno/ext/node/polyfills/_tls_wrap.ts

Lines 91 to 99 in b440d2d

const _cert = tlsOptions?.secureContext?.cert;
const _key = tlsOptions?.secureContext?.key;
let caCerts = tlsOptions?.secureContext?.ca;
if (typeof caCerts === "string") caCerts = [caCerts];
else if (isArrayBufferView(caCerts) || isAnyArrayBuffer(caCerts)) {
caCerts = [new TextDecoder().decode(caCerts)];
}
tlsOptions.caCerts = caCerts;

related Node.js docs: https://nodejs.org/api/tls.html#tlscreatesecurecontextoptions

@kt3k kt3k changed the title MongoDB TLS connection still has problems MongoDB TLS connection still has problems (secureContext.key is ignored in tls.connect call) Feb 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kt3k kt3k

@littledivy littledivy

Labels
bug Something isn't working correctly node compat tls Issues related to TLS implementation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kt3k @LP1994 @bartlomieju @littledivy