Issue Type: Bug Created: 2009-06-23T18:00:35.000+0000 Last Updated: 2012-11-20T20:52:30.000+0000 Status: Closed Fix version(s): Reporter: Trevor Johns (tjohns) Assignee: None Tags: - Zend_Gdata
Related issues: Attachments:
When connecting to Google's auth servers, Zend_Gdata_ClientLogin does not seem to detect hostname mismatches when negotiating the SSL connection. Presumably, this applies to AuthSub as well.
This needs to be fixed to prevent a Mi tM attack against user's credentials.
Posted by Dolf Schimmel (Freeaqingme) (freak) on 2009-07-26T09:45:57.000+0000
What's the status of this issue?
Posted by Trevor Johns (tjohns) on 2009-07-28T23:01:17.000+0000
No progress yet, other things have been taking up my time.
I might be able to spend some time on this sometime in the next week.
Posted by Rob Allen (rob) on 2012-11-20T20:52:30.000+0000
Bulk change of all issues last updated before 1st January 2010 as "Won't Fix".
Feel free to re-open and provide a patch if you want to fix this issue.
Have you found an issue?
See the Overview section for more details.