我正在尝试为域名中最左边的通配符编写一个正则表达式。到目前为止我有这个:
import re
o = urlparse(argv[1])
host_name = o.netloc
context = SSL.Context(SSL.TLSv1_METHOD) # Use TLS Method
context.set_options(SSL.OP_NO_SSLv2) # Don't accept SSLv2
context.set_verify(SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT,
callback)
# context.load_verify_locations(ca_file, ca_path)
sock = socket()
ssl_sock = SSL.Connection(context, sock)
ssl_sock.connect((host_name, 443))
ssl_sock.set_connect_state()
ssl_sock.set_tlsext_host_name(host_name)
ssl_sock.do_handshake()
cert = ssl_sock.get_peer_certificate()
common_name = cert.get_subject().commonName.decode()
print "Common Name: ", common_name
print "Cert number: ", cert.get_serial_number()
regex = common_name.replace('.', r'\.').replace('*',r'.*') + '$'
if re.match(regex, host_name):
print "matches"
else:
print "invalid"
# output:
Common Name: *.example.com
Cert number: 63694395280496902491340707875731768741
但是,正则表达式不仅匹配 *.example.com
,还匹配 *.*.*
或 www.*.com
.此外,不应允许匹配 https://wrong.host.example.com/
。我怎样才能确保它只匹配最左边的标签?
最佳答案
您可以使用 urlparse 和 split 代替正则表达式。
from urlparse import urlparse
.
.
common_name = cert.get_subject().commonName.decode()
domain = urlparse(common_name).netloc
host = domain.split('.',1)[0]
关于python - 仅匹配域名中最左边的通配符 - Python,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35820618/