method

verify_certificate_identity

v1_9_3_125 - Show latest stable - 0 notes - Class: SSL

1_8_6_287
1_8_7_72
1_8_7_330
1_9_1_378
1_9_2_180
1_9_3_125 (0)
1_9_3_392 (0)
2_1_10 (0)
2_2_9 (0)
2_4_6 (0)
2_5_5 (0)
2_6_3 (0)
What's this?

verify_certificate_identity(cert, hostname) private

No documentation

This method has no description. You can help the Ruby community by adding new notes.

# File ext/openssl/lib/openssl/ssl-internal.rb, line 87
    def verify_certificate_identity(cert, hostname)
      should_verify_common_name = true
      cert.extensions.each{|ext|
        next if ext.oid != "subjectAltName"
        ext.value.split(/,\s+/).each{|general_name|
          if /\ADNS:(.*)/ =~ general_name
            should_verify_common_name = false
            reg = Regexp.escape($1).gsub(/\\\*/, "[^.]+")
            return true if /\A#{reg}\z/ =~ hostname
          elsif /\AIP Address:(.*)/ =~ general_name
            should_verify_common_name = false
            return true if $1 == hostname
          end
        }
      }
      if should_verify_common_name
        cert.subject.to_a.each{|oid, value|
          if oid == "CN"
            reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+")
            return true if /\A#{reg}\z/ =~ hostname
          end
        }
      end
      return false
    end

verify_certificate_identity

Related methods

No documentation