[GODRIVER-1636] TLS hostname should always be set Created: 01/Jun/20  Updated: 28/Oct/23  Resolved: 10/Jun/20

Status: Closed
Project: Go Driver
Component/s: Connections
Affects Version/s: None
Fix Version/s: 1.3.5

Type: Bug Priority: Major - P3
Reporter: Divjot Arora (Inactive) Assignee: Divjot Arora (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends

 Description   

The connection.configureTLS method only sets hostname if tls.Config.InsecureSkipVerify is false (i.e. tlsInsecure=false). The hostname should always be set because it can be used server-side for SNI. In the case that InsecureSkipVerify=true, Go's TLS library will skip hostname verification anyway (https://github.com/golang/go/blob/master/src/crypto/tls/handshake_client.go#L830), so setting it makes no difference for client-side checks.



 Comments   
Comment by Githook User [ 10/Jun/20 ]

Author:

{'name': 'Divjot Arora', 'email': 'divjot.arora@10gen.com', 'username': 'divjotarora'}

Message: GODRIVER-1636 Ensure SNI is always enabled (#418)
Branch: release/1.3
https://github.com/mongodb/mongo-go-driver/commit/a10006ac149c569c8d49766a8c26b2f9240bb00d

Comment by Githook User [ 10/Jun/20 ]

Author:

{'name': 'Divjot Arora', 'email': 'divjot.arora@10gen.com', 'username': 'divjotarora'}

Message: GODRIVER-1636 Ensure SNI is always enabled (#418)
Branch: master
https://github.com/mongodb/mongo-go-driver/commit/a09c53c83b3d2b66c24dc8333711a2292e10a9f2

Comment by Divjot Arora (Inactive) [ 09/Jun/20 ]

https://github.com/mongodb/mongo-go-driver/pull/418

Comment by May Hoque [ 02/Jun/20 ]

Yes, and this should affect really any user of the driver that needs SNI to provide the hostname. Supposedly this also includes sqlproxy.

The change to get this working was to simply remove the if statement starting at L523 here and execute the code in all cases.

Generated at Thu Feb 08 08:36:49 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.