updates to some codeSERVER-36895

author: Shreyas Kalyan <shreyaskalyan@gmail.com> 2018-09-17 14:13:48 -0400
committer: Shreyas Kalyan <shreyaskalyan@gmail.com> 2018-09-17 14:13:48 -0400
commit: 5bc4d3a0dcf8b0f0a6da7b1ca6c9fb02a3daba5d (patch)
tree: 7effd533dff686f8be4b12d3767d7684df318301 /src/mongo/util/net/ssl_manager_openssl.cpp
parent: 78ad7b65931e1133b78e38d96ba0ded319757387 (diff)
download: mongo-SERVER-36895.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/src/mongo/util/net/ssl_manager_openssl.cpp b/src/mongo/util/net/ssl_manager_openssl.cpp
index fe86588cd85..4b9ce8e37fe 100644
--- a/src/mongo/util/net/ssl_manager_openssl.cpp
+++ b/src/mongo/util/net/ssl_manager_openssl.cpp
@@ -1384,7 +1384,7 @@ StatusWith<boost::optional<SSLPeerInfo>> SSLManagerOpenSSL::parseAndValidatePeer
                     sanMatch = true;
                     break;
                 }
-                certificateNames << std::string(dnsName) << " ";
+                certificateNames << std::string(dnsName) << ", ";
             } else if (currentName && currentName -> type == GEN_IPADD) {
                 std::string ipAddress (reinterpret_cast<char*>(ASN1_STRING_data(currentName->d.iPAddress)));
                 auto swCIDRIPAddress = CIDR::parse(ipAddress);
@@ -1395,6 +1395,7 @@ StatusWith<boost::optional<SSLPeerInfo>> SSLManagerOpenSSL::parseAndValidatePeer
                     sanMatch = true;
                     break;
                 }
+                certificateNames << std::string(ipAddress) << ", ";
             }
         }
         sk_GENERAL_NAME_pop_free(sanNames, GENERAL_NAME_free);
@@ -1418,7 +1419,7 @@ StatusWith<boost::optional<SSLPeerInfo>> SSLManagerOpenSSL::parseAndValidatePeer
         msgBuilder << "The server certificate does not match the host name. Hostname: "
                    << remoteHost << " does not match " << certificateNames.str();
         std::string msg = msgBuilder.str();
-        if (_allowInvalidCertificates || _allowInvalidHostnames || isUnixDomainSocket(remoteHostName)) {
+        if (_allowInvalidCertificates || _allowInvalidHostnames || isUnixDomainSocket(remoteHost)) {
             warning() << msg;
         } else {
             error() << msg;
author	Shreyas Kalyan <shreyaskalyan@gmail.com>	2018-09-17 14:13:48 -0400
committer	Shreyas Kalyan <shreyaskalyan@gmail.com>	2018-09-17 14:13:48 -0400
commit	5bc4d3a0dcf8b0f0a6da7b1ca6c9fb02a3daba5d (patch)
tree	7effd533dff686f8be4b12d3767d7684df318301 /src/mongo/util/net/ssl_manager_openssl.cpp
parent	78ad7b65931e1133b78e38d96ba0ded319757387 (diff)
download	mongo-SERVER-36895.tar.gz