25 lines
838 B
Text
25 lines
838 B
Text
|
|
def check_host_name(peercert, name):
|
|
"""Simple certificate/host name checker. Returns True if the
|
|
certificate matches, False otherwise. Does not support
|
|
wildcards."""
|
|
# Check that the peer has supplied a certificate.
|
|
# None/{} is not acceptable.
|
|
if not peercert:
|
|
return False
|
|
if peercert.has_key("subjectAltName"):
|
|
for typ, val in peercert["subjectAltName"]:
|
|
if typ == "DNS" and val == name:
|
|
return True
|
|
else:
|
|
# Only check the subject DN if there is no subject alternative
|
|
# name.
|
|
cn = None
|
|
for attr, val in peercert["subject"]:
|
|
# Use most-specific (last) commonName attribute.
|
|
if attr == "commonName":
|
|
cn = val
|
|
if cn is not None:
|
|
return cn == name
|
|
return False
|
|
|