Wildcard certificates raise OsError on windows

sfackler / rust-native-tls

Apache License 2.0

478 stars 201 forks source link

Wildcard certificates raise OsError on windows #181

Closed zw5 closed 4 years ago

zw5 commented 4 years ago

Host: echo.websocket.org Trying to bind a TcpStream to that host raises error Os { code: -2146762481, kind: Other, message: "The certificate\'s CN name does not match the passed value." }'

sfackler commented 4 years ago

I cannot replicate that behavior:

    #[test]
    fn connect_websocket() {
        let builder = TlsConnector::new().unwrap();
        let s = TcpStream::connect("echo.websocket.org:443").unwrap();
        builder.connect("echo.websocket.org", s).unwrap();
    }

Are you sure you're connecting to the server you think you are?

zw5 commented 4 years ago

Hmm, it seems like it was an issue on my end, this was the code

    #[test]
    fn connect_websocket() {
        let builder = TlsConnector::new().unwrap();
        let s = TcpStream::connect("echo.websocket.org:443").unwrap();
        builder.connect("echo.websocket.org:443", s).unwrap();
    }

sfackler commented 4 years ago

You shouldn't attach the port to the string passed to builder.connect - that's what's used for the hostname verification.

zw5 commented 4 years ago

yeah