<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Wed Feb 07 21:20:11 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[CDRIVER-4181] Secure Channel fails TLS handshake due to hostname mismatch</title>
                <link>https://jira.mongodb.org/browse/CDRIVER-4181</link>
                <project id="10030" key="CDRIVER">C Driver</project>
                    <description>&lt;p&gt;Observed on VS 2015 variants in patch builds (&lt;a href=&quot;https://spruce.mongodb.com/task/mongo_c_driver_windows_2015_test_4.2_server_auth_sasl_winssl_cse_patch_130938ad44a6516e6c399b9d25e5fe1b0464f14f_615decaac9ec44690a3942c9_21_10_06_18_36_56/logs?execution=0&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;one&lt;/a&gt;, &lt;a href=&quot;https://spruce.mongodb.com/task/mongo_c_driver_windows_2015_test_4.2_server_noauth_sasl_winssl_cse_patch_130938ad44a6516e6c399b9d25e5fe1b0464f14f_615decaac9ec44690a3942c9_21_10_06_18_36_56/logs?execution=0&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;two&lt;/a&gt;).&lt;/p&gt;

&lt;p&gt;Given the C driver CA certificate &lt;a href=&quot;https://evergreen.mongodb.com/filediff/615decaac9ec44690a3942c9/?file_name=.evergreen%2Frun-tests.sh&amp;amp;patch_number=0&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;being registered on the system&lt;/a&gt; and a &lt;a href=&quot;https://evergreen.mongodb.com/filediff/615decaac9ec44690a3942c9/?file_name=build%2Fevergreen_config_lib%2Ffunctions.py&amp;amp;patch_number=0&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;mock KMS server&lt;/a&gt; running on port 7999, the TLS handshake as initiated by &lt;a href=&quot;https://evergreen.mongodb.com/filediff/615decaac9ec44690a3942c9/?file_name=src%2Flibmongoc%2Ftests%2Ftest-mongoc-client-side-encryption.c&amp;amp;patch_number=0&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;&lt;tt&gt;test_kms_tls_cert_valid()&lt;/tt&gt;&lt;/a&gt; fails with the error &lt;tt&gt;SSL Certification verification failed: hostname doesn&apos;t match certificate&lt;/tt&gt; when attempting to resolve &lt;tt&gt;&quot;127.0.0.1:7999&quot;&lt;/tt&gt;, but succeeds when &lt;tt&gt;&quot;localhost:7999&quot;&lt;/tt&gt; is provided instead. This suggests there may be a bug in the Secure Channel library&apos;s implementation of hostname resolution in the version being used by the VS 2015 variant on Evergreen.&lt;/p&gt;</description>
                <environment></environment>
        <key id="1892032">CDRIVER-4181</key>
            <summary>Secure Channel fails TLS handshake due to hostname mismatch</summary>
                <type id="1" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14703&amp;avatarType=issuetype">Bug</type>
                                            <priority id="4" iconUrl="https://jira.mongodb.org/images/icons/priorities/minor.svg">Minor - P4</priority>
                        <status id="10038" iconUrl="https://jira.mongodb.org/images/icons/subtask.gif" description="">Backlog</status>
                    <statusCategory id="2" key="new" colorName="default"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="ezra.chung@mongodb.com">Ezra Chung</reporter>
                        <labels>
                    </labels>
                <created>Wed, 6 Oct 2021 21:41:57 +0000</created>
                <updated>Tue, 7 Mar 2023 10:36:48 +0000</updated>
                                                                                                <votes>0</votes>
                                    <watches>2</watches>
                                                                                                                <comments>
                            <comment id="4809137" author="xgen-internal-githook" created="Wed, 7 Sep 2022 18:33:02 +0000"  >&lt;p&gt;Author:&lt;/p&gt;
{&apos;name&apos;: &apos;Ezra Chung&apos;, &apos;email&apos;: &apos;88335979+eramongodb@users.noreply.github.com&apos;, &apos;username&apos;: &apos;eramongodb&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/CXX-2410&quot; title=&quot;Support KMIP provider&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CXX-2410&quot;&gt;&lt;del&gt;CXX-2410&lt;/del&gt;&lt;/a&gt; Add support for KMIP KMS provider  (#894)&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;Add support for setting TLS options for client encryption&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Add support for setting TLS options for auto encryption&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Make mongocxx::client_encryption moveable&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Add KMIP provider and TLS options to basic CSE test helpers&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Add test case sections to Prose Test 7 - Custom Endpoint Test&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Update Prose Test 2 - Data Key and Double Encryption with KMIP&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Update Prose Test 6 - Corpus Test with KMIP&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Update Prose Test 7 - Custom Endpoint Test with KMIP&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Add CSE Prose Test 11 - KMS TLS Options Tests&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Add CAFile and tlsCertificateKeyFile env vars to Evergreen&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Add !mayfail to KMS TLS Options Tests due to &lt;a href=&quot;https://jira.mongodb.org/browse/CDRIVER-4181&quot; title=&quot;Secure Channel fails TLS handshake due to hostname mismatch&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CDRIVER-4181&quot;&gt;CDRIVER-4181&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Update client_encryption::create_data_key docs to include supported KMS providers&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Update options::data_key docs to include KMIP&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Add new MONGOCXX_TEST_* env vars to should_run_client_side_encryption_test&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Add KMIP support for legacy runner in autoEncryptionOpts&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Sync legacy CSE spec tests with 61b81891&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;&lt;a href=&quot;https://jira.mongodb.org/browse/CXX-2155&quot; title=&quot;Sharing a MongoClient for metadata lookup can lead to deadlock in drivers using automatic encryption&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CXX-2155&quot;&gt;&lt;del&gt;CXX-2155&lt;/del&gt;&lt;/a&gt; Sync legacy CSE spec tests with 947be4cf&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;&lt;a href=&quot;https://jira.mongodb.org/browse/CXX-2410&quot; title=&quot;Support KMIP provider&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CXX-2410&quot;&gt;&lt;del&gt;CXX-2410&lt;/del&gt;&lt;/a&gt; Sync legacy CSE spec tests with 5964c134&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;&lt;a href=&quot;https://jira.mongodb.org/browse/CXX-2488&quot; title=&quot;CSFLE badQueries and types errorContains failing to match on mongocryptd 6.0.0-alpha&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CXX-2488&quot;&gt;&lt;del&gt;CXX-2488&lt;/del&gt;&lt;/a&gt; Sync legacy CSE spec tests with 6a7158d5&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;&lt;a href=&quot;https://jira.mongodb.org/browse/CXX-2487&quot; title=&quot;Add CSFLE spec test for auto encryption on a collection with no jsonSchema&quot; class=&quot;issue-link&quot; data-issue-key=&quot;CXX-2487&quot;&gt;&lt;del&gt;CXX-2487&lt;/del&gt;&lt;/a&gt; Sync legacy CSE spec tests with 02b4275d&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Divide CSE legacy test runner into sections by file and test description&lt;/li&gt;
&lt;/ul&gt;


&lt;ul&gt;
	&lt;li&gt;Improve error message on unexpected exception&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo-cxx-driver/commit/50478fac71822bef9c7d513f1f9f7149db13b279&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo-cxx-driver/commit/50478fac71822bef9c7d513f1f9f7149db13b279&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
</comment>
                    </comments>
                    <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>CDRIVER-4575</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hzodev:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>