Class OpenSSL::SSL::SSLSocket
In: openssl/lib/openssl/ssl.rb
openssl/ossl_ssl.c
Parent: Object

Methods

post_connection_check  

Included Modules

Buffering SocketForwarder Nonblock

External Aliases

io -> to_io

Public Instance methods

post_connection_check(hostname)

[Source]

# File openssl/lib/openssl/ssl.rb, line 67
      def post_connection_check(hostname)
        check_common_name = true
        cert = peer_cert
        cert.extensions.each{|ext|
          next if ext.oid != "subjectAltName"
          ext.value.split(/,\s+/).each{|general_name|
            if /\ADNS:(.*)/ =~ general_name
              check_common_name = false
              reg = Regexp.escape($1).gsub(/\\\*/, "[^.]+")
              return true if /\A#{reg}\z/i =~ hostname
            elsif /\AIP Address:(.*)/ =~ general_name
              check_common_name = false
              return true if $1 == hostname
            end
          }
        }
        if check_common_name
          cert.subject.to_a.each{|oid, value|
            if oid == "CN"
              reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+")
              return true if /\A#{reg}\z/i =~ hostname
            end
          }
        end
        raise SSLError, "hostname was not match with the server certificate"
      end

[Validate]

ruby-doc.org is a service of James Britt and Happy Camper Studios, a Ruby application development company in Phoenix, AZ.

Documentation content on ruby-doc.org is provided by remarkable members of the Ruby community.

For more information on the Ruby programming language, visit ruby-lang.org.

Want to help improve Ruby's API docs? See Ruby Documentation Guidelines.