[SERVER-36942] Differentiate invalid hostname from invalid certificate Created: 30/Aug/18  Updated: 29/Oct/23  Resolved: 30/Aug/18

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 4.0.3, 4.1.3

Type: Bug Priority: Major - P3
Reporter: Sara Golemon Assignee: Sara Golemon
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Related
Backwards Compatibility: Minor Change
Operating System: ALL
Backport Requested:
v4.0
Sprint: Platforms 2018-09-10
Participants:
Linked BF Score: 0

 Description   

SecureTransport implementation currently treats ::kSecTrustResultRecoverableTrustFailure as an invalid hostname signal, however other trust failures could cause it.
Since there's no way to clearly tell what the recoverable trust failure was, fall back on not setting the peer name (similar to C-driver's implementation) when the setting is applied.



 Comments   
Comment by Githook User [ 13/Sep/18 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-36942 Differentiate invalid hostname from invalid certificate

(cherry picked from commit 52ddf6e1c9218d6e4eb418106383b35bf7bbe992)
Branch: v4.0
https://github.com/mongodb/mongo/commit/1465239c3b92ba935cc5ebba57dbdf9256c18c57

Comment by Githook User [ 30/Aug/18 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-36942 Differentiate invalid hostname from invalid certificate
Branch: master
https://github.com/mongodb/mongo/commit/52ddf6e1c9218d6e4eb418106383b35bf7bbe992

Generated at Thu Feb 08 04:44:31 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.