-
Type: Task
-
Resolution: Won't Do
-
Priority: Major - P3
-
Affects Version/s: None
-
Labels:None
Description
In all Mongo-tools doc, note that sslAllowInvalidHostnames and sslAllowInvalidCertificates are deprecated, and describe the problematic behavior in the ticket.
Engineering Description
From the doc, it shows: --sslAllowInvalidHostnames
Disables the validation of the hostnames in TLS/SSL certificates. Allows mongodump to connect to MongoDB instances even if the hostname in their certificates do not match the specified hostname.
However, in our implementation, it's treated the same as SSLAllowInvalidCert which bypasses the validation checks for server certificates and allows the use of invalid certificate.
if opts.SSLAllowInvalidCert || opts.SSLAllowInvalidHost { tlsConfig.InsecureSkipVerify = true }
This behavior would cause confusion to the user and also contradicts to the document.
I believe this problem exists in all the tools and mongomirror.
After some research into the issue, I found there is no setting to ignore hostname validation in tlsConfig, thus it's not possible to fix this from the tools library. Mongo Go driver needs to introduce a new flag in ClientOptions.
Implementation can be referred to here https://github.com/golang/go/issues/21971
Scope of changes
Impact to Other Docs
MVP (Work and Date)
Resources (Scope or Design Docs, Invision, etc.)
- documents
-
TOOLS-2587 sslAllowInvalidHostnames bypass ssl/tls server certification validation entirely
- Closed