Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Done
Priority: Minor
Fix Version/s: 9.0.0.Beta2, 9.0.0.Final
Affects Version/s: 7.0.0.Final
Component/s: Security
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly-core/pull/3683

There is not validation for 'host-context-map' property values on key side. There is validation for the values that represents 'server-ssl-contexts', although, there is no validation for host matching part. E.g. writing attribute of this value is possible:

/subsystem=elytron/server-ssl-sni-context=serverSslSniCtx:write-attribute(name=host-context-map,value={"\\?.example.com"=validSslContext,"..example.com"="validSslContext", "\\*\\*.example.com"=validSslContext})

"\\?.example.com"
"..example.com"
"\\*\\*.example.com"

even though, these are invalid host name matchers IMHO. It would be nice to identify these and report those to user immediately during the configuration attempt.

causes

WFCORE-4400 Validation of 'host-context-map' attribute of 'server-ssl-sni-context' does not allow regular expressions

Resolved

relates to

WFWIP-102 SNI - hostname notation for sni-mapping element does not conform generic rules

Resolved

WFCORE-4302 SNI wildcard mappings match multiple level of subdomain

Closed

Assignee:: Diana Krepinska (Inactive)

Reporter:: Jan Stourac

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2019/01/29 6:56 AM

Updated:: 2021/10/24 6:08 AM

Resolved:: 2019/03/26 11:06 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates