Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-9790

Libprocess does not use standard tooling for hostname validation.

    XMLWordPrintableJSON

    Details

      Description

      Libprocess currently uses custom code for hostname validation in its SSL certificate verification workflow. However openssl provides a function for this, X509_check_host() .

      For safety and reliability, we should enable an option to use X509_check_host() for hostname validation instead of our custom code, but preserve the custom code for backward compatibility.

        Attachments

          Issue Links

          is superceded by

          Task - A task that needs to be done. MESOS-9809 Use OpenSSL built-in functions for hostname validation

          • Major - Major loss of function.
          • Resolved

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                alexr Alex R
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: