nopoll icon indicating copy to clipboard operation
nopoll copied to clipboard

Published 20 hours ago verified publisher icon ASPLes

Add support for hostname validation feature.

Open mrigaya opened this issue 6 years ago • 6 comments

As per openssl wiki page https://wiki.openssl.org/index.php/Hostname_validation, openssl version prior to 1.0.2 doesn't perform hostname validation. So nopoll users should handle the hostname validation part during connection handshake at the client end.

This code can help users to enable/disable hostname validation feature based on the options they are providing during the TLS connect. As we could see in the computer security this man in the middle attack is most common security threats faced by the current world, So it is better to enable hostname validation by default and we did the same here. And also user may not be aware of this hostname validation is not handled in their openssl in case if they are using the openssl version < 1.0.2.

Review these changes and Please let me know if it requires any modification/suggestion from your end.

mrigaya avatar Jun 07 '18 10:06 mrigaya

@francisbrosnan any suggestion on this pull request?

mrigaya avatar Jun 19 '18 11:06 mrigaya

Hello @mrigaya CLA is still pending. Best Regards.

francisbrosnan avatar Jun 21 '18 06:06 francisbrosnan

The CLA should be covered now, per Jorge. Please let us know otherwise.

kristakhare avatar Sep 21 '18 20:09 kristakhare

@francisbrosnan Thanks for your time and considerations, please let us know if there is any update/suggestion on this PR.

selvamKrish avatar Nov 12 '18 12:11 selvamKrish

Hello @selvamKrish, just acknoledge your message. We didn't have time to review this. We'll keep you updated as soon as possible. Best Regards.

francisbrosnan avatar Nov 12 '18 13:11 francisbrosnan

@francisbrosnan have you had any cycles to look at this code?

schmidtw avatar Jan 23 '19 19:01 schmidtw