Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-36942

Differentiate invalid hostname from invalid certificate

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.0.3, 4.1.3
    • Component/s: None
    • Labels:
      None
    • Backwards Compatibility:
      Minor Change
    • Operating System:
      ALL
    • Backport Requested:
      v4.0
    • Sprint:
      Platforms 2018-09-10
    • Linked BF Score:
      0

      Description

      SecureTransport implementation currently treats ::kSecTrustResultRecoverableTrustFailure as an invalid hostname signal, however other trust failures could cause it.
      Since there's no way to clearly tell what the recoverable trust failure was, fall back on not setting the peer name (similar to C-driver's implementation) when the setting is applied.

        Attachments

          Activity

            People

            Assignee:
            sara.golemon Sara Golemon
            Reporter:
            sara.golemon Sara Golemon
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: