Skip to content

Commit

Permalink
Update tls.py
Browse files Browse the repository at this point in the history
SAN DNS entry is not case sensitive, so ignore case of hostname.
Use uppercase to preserve DNS: prefix.
  • Loading branch information
michael-dev committed Jul 3, 2024
1 parent 585547b commit 09e2f69
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/pytds/tls.py
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,7 @@ def validate_host(cert, name: bytes) -> bool:
ext = cert.get_extension(i)
if ext.get_short_name() == b"subjectAltName":
s = str(ext)
if is_san_matching(s, s_name):
if is_san_matching(s.upper(), s_name.upper()):

Check warning on line 137 in src/pytds/tls.py

View check run for this annotation

Codecov / codecov/patch

src/pytds/tls.py#L137

Added line #L137 was not covered by tests
return True

# TODO check if wildcard is needed in CN as well
Expand Down

0 comments on commit 09e2f69

Please sign in to comment.