From 09e2f69e04d4de5ace6ec0469b5967b23b613e88 Mon Sep 17 00:00:00 2001 From: michael-dev Date: Wed, 3 Jul 2024 11:40:12 +0200 Subject: [PATCH] Update tls.py SAN DNS entry is not case sensitive, so ignore case of hostname. Use uppercase to preserve DNS: prefix. --- src/pytds/tls.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pytds/tls.py b/src/pytds/tls.py index 7c839e3..fe77a1f 100644 --- a/src/pytds/tls.py +++ b/src/pytds/tls.py @@ -134,7 +134,7 @@ def validate_host(cert, name: bytes) -> bool: ext = cert.get_extension(i) if ext.get_short_name() == b"subjectAltName": s = str(ext) - if is_san_matching(s, s_name): + if is_san_matching(s.upper(), s_name.upper()): return True # TODO check if wildcard is needed in CN as well