Uploaded image for project: 'Go Driver'
  1. Go Driver
  2. GODRIVER-1636

TLS hostname should always be set

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 1.3.5
    • Affects Version/s: None
    • Component/s: Connections
    • Labels:
      None

      The connection.configureTLS method only sets hostname if tls.Config.InsecureSkipVerify is false (i.e. tlsInsecure=false). The hostname should always be set because it can be used server-side for SNI. In the case that InsecureSkipVerify=true, Go's TLS library will skip hostname verification anyway (https://github.com/golang/go/blob/master/src/crypto/tls/handshake_client.go#L830), so setting it makes no difference for client-side checks.

            Assignee:
            divjot.arora@mongodb.com Divjot Arora (Inactive)
            Reporter:
            divjot.arora@mongodb.com Divjot Arora (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: