Skip to content

CSHARP-1000 Fix support for astra custom domain #600

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Nov 7, 2023
Merged

CSHARP-1000 Fix support for astra custom domain #600

merged 4 commits into from
Nov 7, 2023

Conversation

joao-r-reis
Copy link
Collaborator

No description provided.

@joao-r-reis joao-r-reis added the bug label Nov 7, 2023
@joao-r-reis joao-r-reis added this to the 3.19.4 milestone Nov 7, 2023
@joao-r-reis joao-r-reis self-assigned this Nov 7, 2023
absurdfarce
absurdfarce approved these changes Nov 7, 2023
View reviewed changes
Copy link
Collaborator

@absurdfarce absurdfarce left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Certainly seems to address the problem as described. A few nits based on my understanding of the code but I don't think either of them are problematic enough to hold things up if you need to get a release out.

It might be nice to have a test to confirm that SANs were being used for validation but, again, I don't think it's essential.

src/Cassandra/DataStax/Cloud/CustomCACertificateValidator.cs Outdated
var result = new List<string>();

var subjectAlternativeName = cert.Extensions.Cast<X509Extension>()
.Where(n => n.Oid.Value == "2.5.29.17") //n.Oid.FriendlyName=="Subject Alternative Name")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps use the SubjectAlternateNameOid constant. you defined above here instead?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ahh I had to try multiple solutions and forgot about those constants... fixed

src/Cassandra/DataStax/Cloud/CustomCACertificateValidator.cs

foreach (var alternativeName in alternativeNames)
{
var groups = Regex.Match(alternativeName, @"^(.*)=(.*)").Groups; // @"^DNS Name=(.*)").Groups;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this intended to... replace the DnsNameRegex referenced above? Seems like it's trying to do the same thing with a different regex.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ahh I had to try multiple solutions and forgot about those constants... fixed

@absurdfarce
Copy link
Collaborator

👍 to the most recent round of changes. Nice tests @joao-r-reis !

@joao-r-reis joao-r-reis merged commit 9f22af7 into master Nov 7, 2023
@joao-r-reis joao-r-reis deleted the fix-astra-custom-domain branch November 7, 2023 16:53
@joao-r-reis joao-r-reis mentioned this pull request Nov 22, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@absurdfarce absurdfarce absurdfarce approved these changes

Assignees

@joao-r-reis joao-r-reis

Labels
bug
Projects
None yet
Milestone
3.19.4
Development

Successfully merging this pull request may close these issues.
2 participants
@joao-r-reis @absurdfarce