sfackler
commented
2 years ago This crate does not interact with rustls.
Open 1Dragoon opened 2 years ago
sfackler
commented
2 years ago This crate does not interact with rustls.
1Dragoon
commented
2 years ago sorry accidentally wrote rustls but meant native-tls
sfackler
commented
2 years ago native-tls directly exposes the errors returned by the underlying TLS library (e.g. OpenSSL). If you want a more descriptive error, you would probably need to ask there.
Given RFC 3546 stipulates that the trailing dot should never be present in a domain name: https://datatracker.ietf.org/doc/html/rfc3546#section-3.1
Could we either automatically detect and remove the trailing dot from domain names passed to native-tls, or have the error message produced show what the expected name(s) was vs what was found?
FWIW here's where I ran into this issue:
https://github.com/inejge/ldap3/issues/84
May or may not be in scope for this project, just wanted to at least bring up the issue.