Method: OpenSSL::SSL.verify_wildcard
- Defined in:
- lib/openssl/ssl.rb
.verify_wildcard(domain_component, san_component) ⇒ Object
:nodoc:
379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 |
# File 'lib/openssl/ssl.rb', line 379 def verify_wildcard(domain_component, san_component) # :nodoc: parts = san_component.split("*", -1) return false if parts.size > 2 return san_component == domain_component if parts.size == 1 # RFC 6125, section 6.4.3, subitem 3. # The client SHOULD NOT attempt to match a presented identifier # where the wildcard character is embedded within an A-label or # U-label of an internationalized domain name. return false if domain_component.start_with?("xn--") && san_component != "*" parts[0].length + parts[1].length < domain_component.length && domain_component.start_with?(parts[0]) && domain_component.end_with?(parts[1]) end |