Cherry-picked changes from release-0.3

* Allow single-wildcard SSL common name matching * Version bump to 0.3 Change-Id: Idb1ad643239d5944b1017932f5b41bb6ffd36a5f
2013-10-14 14:10:07 +04:00 · 2013-10-14 14:10:07 +04:00 · e2dbb966a4
parent ab7ce2ef10
commit e2dbb966a4
2 changed files with 9 additions and 2 deletions
--- a/muranoclient/common/http.py
+++ b/muranoclient/common/http.py
@ -327,10 +327,17 @@ class VerifiedHTTPSConnection(HTTPSConnection):
        connecting to, ie that the certificate's Common Name
        or a Subject Alternative Name matches 'host'.
        """
+        common_name = x509.get_subject().commonName
+
        # First see if we can match the CN
-        if x509.get_subject().commonName == host:
+        if common_name == host:
            return True

+        # Support single wildcard matching
+        if common_name.startswith('*.') and host.find('.') > 0:
+            if common_name[2:] == host.split('.', 1)[1]:
+                return True
+
        # Also try Subject Alternative Names for a match
        san_list = None
        for i in xrange(x509.get_extension_count()):
--- a/setup.cfg
+++ b/setup.cfg
@ -1,6 +1,6 @@
 [metadata]
 name = python-muranoclient
-version = 0.2
+version = 0.3
 summary = python-muranoclient
 description-file =
    README.rst