From 5ee42a24be79aa55e3183657298425543174c653 Mon Sep 17 00:00:00 2001 From: michael-dev Date: Wed, 3 Jul 2024 11:40:12 +0200 Subject: [PATCH] Update tls.py SAN DNS entry is not case sensitive, so ignore case of hostname. --- src/pytds/tls.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pytds/tls.py b/src/pytds/tls.py index 7c839e3..c3e0500 100644 --- a/src/pytds/tls.py +++ b/src/pytds/tls.py @@ -134,7 +134,7 @@ def validate_host(cert, name: bytes) -> bool: ext = cert.get_extension(i) if ext.get_short_name() == b"subjectAltName": s = str(ext) - if is_san_matching(s, s_name): + if is_san_matching(s.lower(), s_name.lower()): return True # TODO check if wildcard is needed in CN as well