Module: OpenSSL::SSL
- Defined in:
- lib/extensions/net-http/net/http.rb,
lib/extensions/net-http/net/https.rb,
lib/framework/autocomplete/OpenSSL.rb,
lib/extensions/openssl/openssl/ssl-internal.rb
Defined Under Namespace
Modules: Nonblock, SocketForwarder Classes: SSLContext, SSLServer, SSLSocket
Constant Summary collapse
- VERIFY_NONE =
0
Class Method Summary collapse
Class Method Details
.verify_certificate_identity(cert, hostname) ⇒ Object
90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 |
# File 'lib/extensions/openssl/openssl/ssl-internal.rb', line 90 def verify_certificate_identity(cert, hostname) should_verify_common_name = true cert.extensions.each{|ext| next if ext.oid != "subjectAltName" ext.value.split(/,\s+/).each{|general_name| if /\ADNS:(.*)/ =~ general_name should_verify_common_name = false reg = Regexp.escape($1).gsub(/\\\*/, "[^.]+") return true if /\A#{reg}\z/i =~ hostname elsif /\AIP Address:(.*)/ =~ general_name should_verify_common_name = false return true if $1 == hostname end } } if should_verify_common_name cert.subject.to_a.each{|oid, value| if oid == "CN" reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+") return true if /\A#{reg}\z/i =~ hostname end } end return false end |