Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-9212

ssl-validate-cert incorrect hostname check

    XMLWordPrintable

    Details

      Description

      ssl_verify_server_cert() function parses the output of X509_NAME_oneline() to get the value of the /CN=... field. But if this string — "/CN=" — is present as a part of the value of some other field that might cause the output to be parsed incorrectly. See https://wiki.openssl.org/index.php/Hostname_validation for examples of correct hostname validation.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              serg Sergei Golubchik
              Reporter:
              serg Sergei Golubchik
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: