Bug #75022 Sockets stay in CLOSE_WAIT when using SSL
Submitted: 27 Nov 2014 11:23 Modified: 27 Nov 2017 19:39
Reporter: . . Email Updates:
Status: Closed Impact on me:
Category:Connector / NET Severity:S2 (Serious)
Version:6.9.5 OS:Any
Assigned to: CPU Architecture:Any

[27 Nov 2014 11:23] . .
When you use the .NET Connector with an SSL secured connection the connections to the database are not properly disconnected. The connections stay in CLOSE_WAIT and after some time the client can not connect any more. You have to restart the application to clear the half open sockets.

How to repeat:
Just let the client connect several times and disconnect again.

Suggested fix:
In the NativeDriver.cs in StartSSL() in Line 376 there is the constructor of the SslStream that looks like this:

SslStream ss = new SslStream(baseStream, true, sslValidateCallback, null);

The second parameter (leaveInnerStreamOpen) must be changed to false to make it work. Correct is:

SslStream ss = new SslStream(baseStream, false, sslValidateCallback, null);

With this fix the application works like expected.
[3 Dec 2014 11:53] Chiranjeevi Battula
Hello !

Thank you for the bug report.
I could not reproduce this issue at my end using Visual Studio 2013 (C#.Net), MySQL Connector/Net 6.9.5.
Could you please list out exact steps you tried out at your end, this would help us to reproduce the issue at our end.

[3 Dec 2014 13:44] . .

thanks for your response. 

We had the error under mono on a CentOS 6.5. We got a problem with too many open sockets and the underlying file descriptors. Maybe Windows behaves different here.

I have not writen a test to reproduce it, but if you look at the code in StartSSL(), where the baseStream field is replaced by the SslStream, it seems obvious to me, that the networkstream is not closed, when the basestream get's disposed.

When you look at http://referencesource.microsoft.com/#System/net/System/Net/SecureProtocols/AuthenticatedS...

the code is like this:

                       if (_LeaveStreamOpen)

When Dispose() is called, the stream is just flushed but stays (half-)open.

As you fill this basestream in an MySqlStream you can see that in the Close() method of MySqlStream, the streams are close or disposed, which calls the underlying method you can see above.

Kind regards
[21 Jan 2015 14:58] Chiranjeevi Battula
Hello !

Thank you for the feedback.
Verifying based on internal discussion with dev's.

[31 Aug 2016 20:13] Michiel Hazelhof
wow, how long can it take to incorporate a simple patch....
[27 Nov 2017 19:39] Christine Cole
Posted by developer:
Fixed as of the upcoming MySQL Connector/NET 6.9.11 release, and here's the changelog entry:

SSL connections made to a single MySQL instance could not be disconnected
and created repeatedly without restarting the client application to clear
the half-open sockets.

Thank you for the bug report.