diff options
Diffstat (limited to 'src/mongo/util/net/ssl_manager_openssl.cpp')
-rw-r--r-- | src/mongo/util/net/ssl_manager_openssl.cpp | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/mongo/util/net/ssl_manager_openssl.cpp b/src/mongo/util/net/ssl_manager_openssl.cpp index fe86588cd85..4b9ce8e37fe 100644 --- a/src/mongo/util/net/ssl_manager_openssl.cpp +++ b/src/mongo/util/net/ssl_manager_openssl.cpp @@ -1384,7 +1384,7 @@ StatusWith<boost::optional<SSLPeerInfo>> SSLManagerOpenSSL::parseAndValidatePeer sanMatch = true; break; } - certificateNames << std::string(dnsName) << " "; + certificateNames << std::string(dnsName) << ", "; } else if (currentName && currentName -> type == GEN_IPADD) { std::string ipAddress (reinterpret_cast<char*>(ASN1_STRING_data(currentName->d.iPAddress))); auto swCIDRIPAddress = CIDR::parse(ipAddress); @@ -1395,6 +1395,7 @@ StatusWith<boost::optional<SSLPeerInfo>> SSLManagerOpenSSL::parseAndValidatePeer sanMatch = true; break; } + certificateNames << std::string(ipAddress) << ", "; } } sk_GENERAL_NAME_pop_free(sanNames, GENERAL_NAME_free); @@ -1418,7 +1419,7 @@ StatusWith<boost::optional<SSLPeerInfo>> SSLManagerOpenSSL::parseAndValidatePeer msgBuilder << "The server certificate does not match the host name. Hostname: " << remoteHost << " does not match " << certificateNames.str(); std::string msg = msgBuilder.str(); - if (_allowInvalidCertificates || _allowInvalidHostnames || isUnixDomainSocket(remoteHostName)) { + if (_allowInvalidCertificates || _allowInvalidHostnames || isUnixDomainSocket(remoteHost)) { warning() << msg; } else { error() << msg; |