class Net::HTTP
Public Instance Methods
post_connection_check(hostname)
click to toggle source
# File lib/openid/fetchers.rb, line 17 def post_connection_check(hostname) check_common_name = true cert = @socket.io.peer_cert cert.extensions.each { |ext| next if ext.oid != "subjectAltName" ext.value.split(/,\s+/).each{ |general_name| if /\ADNS:(.*)/ =~ general_name check_common_name = false reg = Regexp.escape($1).gsub(/\\*/, "[^.]+") return true if /\A#{reg}\z/i =~ hostname elsif /\AIP Address:(.*)/ =~ general_name check_common_name = false return true if $1 == hostname end } } if check_common_name cert.subject.to_a.each{ |oid, value| if oid == "CN" reg = Regexp.escape(value).gsub(/\\*/, "[^.]+") return true if /\A#{reg}\z/i =~ hostname end } end raise OpenSSL::SSL::SSLError, "hostname does not match" end