Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-42287

SNI names are not allowed to include IP addresses

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 4.3.1
    • Component/s: None
    • Labels:
    • Backwards Compatibility:
      Minor Change
    • Operating System:
      ALL
    • Sprint:
      Security 2019-07-29, Security 2019-08-12, Security 2019-08-26, Security 2019-09-09
    • Linked BF Score:
      0

      Description

      Per RFC 6066:

      3. Server Name Indication
      ...
      Literal IPv4 and IPv6 addresses are not permitted in "HostName".

      MongoD currently sends 127.0.0.1 instead of localhost in local testing. Discovered when using the encrypted storage engine to talk to a kmip server using rustls.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              adam.cooper Adam Cooper (Inactive)
              Reporter:
              mark.benvenuto Mark Benvenuto
              Participants:
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: