diff options
Diffstat (limited to 'verify.go')
| -rw-r--r-- | verify.go | 37 |
1 files changed, 37 insertions, 0 deletions
@@ -1,6 +1,8 @@ // Hostname verification code from the crypto/x509 package. // Modified to allow Common Names in the short term, until new certificates // can be issued with SANs. +// +// Also includes the splitHostPort function from net/url package. // Copyright 2011 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style @@ -225,3 +227,38 @@ func verifyHostname(c *x509.Certificate, h string) error { return x509.HostnameError{c, h} } + +// validOptionalPort reports whether port is either an empty string +// or matches /^:\d*$/ +func validOptionalPort(port string) bool { + if port == "" { + return true + } + if port[0] != ':' { + return false + } + for _, b := range port[1:] { + if b < '0' || b > '9' { + return false + } + } + return true +} + +// splitHostPort separates host and port. If the port is not valid, it returns +// the entire input as host, and it doesn't check the validity of the host. +// Unlike net.SplitHostPort, but per RFC 3986, it requires ports to be numeric. +func splitHostPort(hostport string) (host, port string) { + host = hostport + + colon := strings.LastIndexByte(host, ':') + if colon != -1 && validOptionalPort(host[colon:]) { + host, port = host[:colon], host[colon+1:] + } + + if strings.HasPrefix(host, "[") && strings.HasSuffix(host, "]") { + host = host[1 : len(host)-1] + } + + return +} |