defensive-coding-guide/modules/ROOT/examples/Features-TLS-Client-Python-check_host_name.adoc


def check_host_name(peercert, name):
    """Simple certificate/host name checker.  Returns True if the
    certificate matches, False otherwise.  Does not support
    wildcards."""
    # Check that the peer has supplied a certificate.
    # None/{} is not acceptable.
    if not peercert:
        return False
    if peercert.has_key("subjectAltName"):
        for typ, val in peercert["subjectAltName"]:
            if typ == "DNS" and val == name:
                return True
    else:
        # Only check the subject DN if there is no subject alternative
        # name.
        cn = None
        for attr, val in peercert["subject"]:
            # Use most-specific (last) commonName attribute.
            if attr == "commonName":
                cn = val
        if cn is not None:
            return cn == name
    return False
Converted to AsciiBinder This required moving files around in the repository and shifting from a master.adoc structure to _topic_map.yml, etc. README and Makefile modified slightly to reflect new build process 2018-02-08 13:08:40 +01:00
			`def check_host_name(peercert, name):`
			`"""Simple certificate/host name checker. Returns True if the`
			`certificate matches, False otherwise. Does not support`
			`wildcards."""`
			`# Check that the peer has supplied a certificate.`
			`# None/{} is not acceptable.`
			`if not peercert:`
			`return False`
			`if peercert.has_key("subjectAltName"):`
			`for typ, val in peercert["subjectAltName"]:`
			`if typ == "DNS" and val == name:`
			`return True`
			`else:`
			`# Only check the subject DN if there is no subject alternative`
			`# name.`
			`cn = None`
			`for attr, val in peercert["subject"]:`
			`# Use most-specific (last) commonName attribute.`
			`if attr == "commonName":`
			`cn = val`
			`if cn is not None:`
			`return cn == name`
			`return False`