[SERVER-46633] Windows TLS implementation may declare hostname mismatch on unrelated error Created: 05/Mar/20 Updated: 29/Oct/23 Resolved: 21/Apr/20 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Networking, Security |
| Affects Version/s: | None |
| Fix Version/s: | 4.0.19, 4.2.7, 4.4.0-rc4, 4.7.0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Spencer Jackson | Assignee: | Mark Benvenuto |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||
| Operating System: | ALL | ||||||||||||||||
| Backport Requested: |
v4.4, v4.2, v4.0
|
||||||||||||||||
| Sprint: | Security 2020-03-23, Security 2020-04-06, Security 2020-04-20, Security 2020-05-04 | ||||||||||||||||
| Participants: | |||||||||||||||||
| Description |
|
When the Windows TLS implementation encounters an error during certificate validation, it prints the error as well as a hostname mismatch error. The mismatch error is convenient for diagnostics, because it lists the hostname that was expected as well as all compared SANs. However, if the validation error which occurred was not actually a mismatch, the error is misleading. |
| Comments |
| Comment by Githook User [ 08/May/20 ] |
|
Author: {'name': 'Mark Benvenuto', 'email': 'mark.benvenuto@mongodb.com', 'username': 'markbenvenuto'}Message: (cherry picked from commit 06f26fac35c7a3b82effbb9815ad9f7aedaf4dfb) |
| Comment by Githook User [ 29/Apr/20 ] |
|
Author: {'name': 'Mark Benvenuto', 'email': 'mark.benvenuto@mongodb.com', 'username': 'markbenvenuto'}Message: (cherry picked from commit 06f26fac35c7a3b82effbb9815ad9f7aedaf4dfb) |
| Comment by Githook User [ 28/Apr/20 ] |
|
Author: {'name': 'Mark Benvenuto', 'email': 'mark.benvenuto@mongodb.com', 'username': 'markbenvenuto'}Message: (cherry picked from commit 06f26fac35c7a3b82effbb9815ad9f7aedaf4dfb) |
| Comment by Githook User [ 20/Apr/20 ] |
|
Author: {'name': 'Mark Benvenuto', 'email': 'mark.benvenuto@mongodb.com', 'username': 'markbenvenuto'}Message: |