From 49ef7150cd16fd3b7216bc5b3431b922ecdc584f Mon Sep 17 00:00:00 2001 From: Joeri Samson Date: Thu, 13 Mar 2025 16:28:45 +0100 Subject: [PATCH] Consider SHORTNAME and shortname equal as hostname There seems to be no reason to consider a local hostname as case sensitive when other hostnames are compared case insensitive. If the behavior needs to be more strict it would be good to document in what way it is more strict. --- lib/openssl/ssl.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/openssl/ssl.rb b/lib/openssl/ssl.rb index b77f0b52..697183ab 100644 --- a/lib/openssl/ssl.rb +++ b/lib/openssl/ssl.rb @@ -314,7 +314,7 @@ def verify_hostname(hostname, san) # :nodoc: san_parts = san.downcase.split(".") # TODO: this behavior should probably be more strict - return san == hostname if san_parts.size < 2 + return san.downcase == hostname.downcase if san_parts.size < 2 # Matching is case-insensitive. host_parts = hostname.downcase.split(".")