Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-36942

Differentiate invalid hostname from invalid certificate

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.0.3, 4.1.3
    • Component/s: None
    • Labels:
      None
    • Backwards Compatibility:
      Minor Change
    • Operating System:
      ALL
    • Backport Requested:
      v4.0
    • Sprint:
      Platforms 2018-09-10
    • Linked BF Score:
      0

      Description

      SecureTransport implementation currently treats ::kSecTrustResultRecoverableTrustFailure as an invalid hostname signal, however other trust failures could cause it.
      Since there's no way to clearly tell what the recoverable trust failure was, fall back on not setting the peer name (similar to C-driver's implementation) when the setting is applied.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: