[
https://issues.apache.org/jira/browse/DIRAPI-69?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17127374#comment-17127374
]
Natan Abolafya commented on DIRAPI-69:
--------------------------------------
Hi Daniel. Thanks for getting back.
Yeah, I spent quite a bit of time on that idea first and did check ldaptive
code also. But I don't think DIRAPI is passing the right object with the
necessary details to the TrustManagers. I don't remember the exactly, but I
think the passed *SSLSession* object wasn't an *ExtendedSSLSession* and
*getPeerHost()* returned *null*.
> API does not allow StartTLS hostname verification
> -------------------------------------------------
>
> Key: DIRAPI-69
> URL: https://issues.apache.org/jira/browse/DIRAPI-69
> Project: Directory Client API
> Issue Type: Improvement
> Affects Versions: 1.0.0-M9
> Reporter: Daniel Fisher
> Assignee: Pierre-Arnaud Marcelot
> Priority: Major
> Fix For: 3.0.0
>
>
> The current API does not have any features for controlling hostname
> verification. In addition, it appears that *no* hostname verification occurs
> by default. See RFC 2830 section 3.6
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
