[issue17980] CVE-2013-2099 ssl.match_hostname() trips over crafted wildcard names
Christian Heimes
report at bugs.python.org
Thu May 16 20:10:43 CEST 2013
Christian Heimes added the comment:
We could use an algorithm that doesn't need regexp for most cases.
pseudo code:
value = value.lower()
hostname = hostname.lower()
if '*' not in value:
return value == hostname
vparts = valuesplit(".")
hparts = hostname.split(".")
if len(vparts) != len(hparts):
# * doesn't match a dot
return False
for v, h in zip(vparts, hparts):
if v == "*":
# match any host part
continue
asterisk = v.count("*")
if asterisk == 0:
if v != h:
return False
elif asterisk == 1:
# match with simple re
else:
# don't support more than one * in a FQDN part
raise TooManyAsterisk
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17980>
_______________________________________
More information about the Python-bugs-list
mailing list