[PROTON-302] Messenger does not verify the hostname in the peer's SSL certificate. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Blocker
Resolution: Fixed
Affects Version/s: proton-0.5
Fix Version/s: proton-0.6
Component/s: proton-c
Labels:
None

Description

When Messenger is configured to use SSL, and a CA database is provided (via set_trusted_certificates), messenger fails to check that the CommonName/Subject Alternate Name provided in the peer's certificate. Currently, it merely validates that the certificate is signed correctly.

Attachments

Activity

People

Assignee:: Ken Giusti

Reporter:: Ken Giusti

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 24/Apr/13 14:44

Updated:: 07/Jan/16 11:34

Resolved:: 05/Nov/13 14:47