Bug 54427 - Server Name Indication errors with literal ip address (ipv6)
Summary: Server Name Indication errors with literal ip address (ipv6)
Status: NEW
Alias: None
Product: Class Libraries
Classification: Mono
Component: System (show other bugs)
Version: 4.8.0 (C9)
Hardware: PC Linux
: --- normal
Target Milestone: Untriaged
Assignee: Martin Baulig
URL:
Depends on:
Blocks:
 
Reported: 2017-04-04 09:35 UTC by Jean-Baptiste
Modified: 2017-05-12 07:38 UTC (History)
2 users (show)

See Also:
Tags:
Is this bug a regression?: ---
Last known good build:


Attachments

Description Jean-Baptiste 2017-04-04 09:35:06 UTC
We may have literal ip address in the SNI that will cause errors
To prevent any errors SNI should only contains names
see comments in https://github.com/mono/mono/pull/4123


For exemple WebRequest.CreateHttp("https://[fd30:0:2805::10]:443/rhm"); 
-> we will have an exception System.Net.WebException: The remote server returned an error: (400) Bad Request.

in the remote apache logs :
[Tue Apr 04 11:16:55.367123 2017] [ssl:error] [pid 26715] AH02032: Hostname [fd30 provided via SNI and hostname fd30:0:2805: provided via HTTP are different


Also those recent commits are not ipv6 compatible with literal ip address:
https://github.com/mono/mono/commit/faf2a56710b105f668bab8b71565d66297e1e340
https://github.com/mono/mono/commit/dd99ba63661f2ed4ea9f4ab555e6c497f69e2c3c

-> "IndexOf (':')" with a literal ipv6 is a problem



Environnement : CentOS 7 with mono 4.8.0.520
Comment 1 Jean-Baptiste 2017-05-09 11:32:23 UTC
Another issue with IndexOf(':') in this commit with a literal ipv6
https://github.com/mono/mono/commit/4d28eb4b889d4f317675998f906cd9ca47440566#diff-86399ce42f959d056c101761b332e79f
Comment 2 Jean-Baptiste 2017-05-12 07:38:33 UTC
Another issue with literal ipv6 :
In XSP (MonoWorkerRequest.cs) the function GetServerName also cause an exception when using asp.net . it is the same issue with IndexOf (':') when not testing before if this is a literal ipv6.

Note You need to log in before you can comment on or make changes to this bug.