Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hostname Validation Error #311

Closed
mannuch opened this issue Sep 8, 2022 · 2 comments · Fixed by #317
Closed

Hostname Validation Error #311

mannuch opened this issue Sep 8, 2022 · 2 comments · Fixed by #317
Labels
bug Something isn't working

Comments

@mannuch
Copy link

mannuch commented Sep 8, 2022

Hello! I'm developing a Vapor app using Planetscale (serverless MySQL) as my database. In running my application, I receive a NIOSSLExtraError.failedToValidateHostname: Couldn't find <none> in certificate from peer error.

I am using the default TLS configuration in connecting to the database, with my app's database configuration step being:
app.databases.use(try .mysql(url: Environment.get("DATABASE_URL") ?? "mysql://username:password@127.0.0.1:3306/state-app-db"), as: .mysql).

After some investigating, I see that MySQLConnectionSource.makeConnection(logger:on:), in calling MySQLConnection.connect(to:username:database:password:tlsConfiguration:serverHostname:logger:on:) does not pass in the server host name from MySQLConnectionSource.configuration._hostname to the serverHostname parameter. As this happens, serverHostname defaults to nil, which becomes a problem when swift-nio-ssl attempts to validate any hostnames received as subject alternative names in TLS certificates. Essentially, leaving serverHostname as nil gives nothing for swift-nio-ssl to validate against during its hostname validation step, which seems to become a problem when needing to check against subject alternative names that are hostnames (DNS identifiers).

I've found that in just simply passing the host name from configuration to the connect call, like so,

public struct MySQLConnectionSource: ConnectionPoolSource {
    public let configuration: MySQLConfiguration

    ...

    public func makeConnection(logger: Logger, on eventLoop: EventLoop) -> EventLoopFuture<MySQLConnection> {
        ...
        return MySQLConnection.connect(
            ...
            serverHostname: self.configuration._hostname,
            ...
        )
    }
}

the issue seems to resolve and the connection works.

Would this fix be reasonable?

Thank you!

  • Vapor Toolbox version: 18.5.1
  • OS version: macOS 12.4
@mannuch mannuch added the bug Something isn't working label Sep 8, 2022
@0xTim
Copy link
Member

0xTim commented Feb 1, 2023

@mannuch sorry for the delay in this - yes this looks like a worthy PR!

@programVeins programVeins mentioned this issue Feb 12, 2023
Merged
@mannuch
Copy link
Author

mannuch commented Apr 3, 2023

No worries, @0xTim. I see that #317 is already open so I'll just wait on that to be merged!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add hostname to MySQLConnection.connect() programVeins/mysql-kit
2 participants
@0xTim @mannuch