summaryrefslogtreecommitdiff
path: root/ext/openssl/lib/openssl/ssl.rb
diff options
context:
space:
mode:
Diffstat (limited to 'ext/openssl/lib/openssl/ssl.rb')
-rw-r--r--ext/openssl/lib/openssl/ssl.rb11
1 files changed, 6 insertions, 5 deletions
diff --git a/ext/openssl/lib/openssl/ssl.rb b/ext/openssl/lib/openssl/ssl.rb
index 6a6f2b9431..355eb2ebbb 100644
--- a/ext/openssl/lib/openssl/ssl.rb
+++ b/ext/openssl/lib/openssl/ssl.rb
@@ -12,6 +12,7 @@
require "openssl/buffering"
require "io/nonblock"
+require "ipaddr"
module OpenSSL
module SSL
@@ -272,11 +273,11 @@ YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
return true if verify_hostname(hostname, san.value)
when 7 # iPAddress in GeneralName (RFC5280)
should_verify_common_name = false
- # follows GENERAL_NAME_print() in x509v3/v3_alt.c
- if san.value.size == 4
- return true if san.value.unpack('C*').join('.') == hostname
- elsif san.value.size == 16
- return true if san.value.unpack('n*').map { |e| sprintf("%X", e) }.join(':') == hostname
+ if san.value.size == 4 || san.value.size == 16
+ begin
+ return true if san.value == IPAddr.new(hostname).hton
+ rescue IPAddr::InvalidAddressError
+ end
end
end
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 01:08:03 +0000