![]() |
XRootD
|
Go to the source code of this file.
Enumerations | |
enum | HostnameValidationResult { MatchFound , MatchNotFound , NoSANPresent , MalformedCertificate , Error } |
Functions | |
HostnameValidationResult | validate_hostname (const char *hostname, const X509 *server_cert) |
Enumerator | |
---|---|
MatchFound | |
MatchNotFound | |
NoSANPresent | |
MalformedCertificate | |
Error |
Definition at line 37 of file XrdTlsNotaryUtils.hh.
HostnameValidationResult validate_hostname | ( | const char * | hostname, |
const X509 * | server_cert | ||
) |
Validates the server's identity by looking for the expected hostname in the server's certificate. As described in RFC 6125, it first tries to find a match in the Subject Alternative Name extension. If the extension is not present in the certificate, it checks the Common Name instead.
Returns MatchFound if a match was found. Returns MatchNotFound if no matches were found. Returns MalformedCertificate if any of the hostnames had a NUL character embedded in it. Returns Error if there was an error.
Definition at line 167 of file XrdTlsNotaryUtils.icc.
References Macaroons::Error, matches_common_name(), matches_subject_alternative_name(), and NoSANPresent.