upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-08 08:12:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

notion of can_sign()

Browse source
This commit is contained in:
Seth Schoen 2012-05-31 12:34:47 -07:00
parent 7c9d46dba5
commit d244412d94
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
webserver/CSR.py
View file

@ -22,6 +22,16 @@ def san(csr):
"""Get the subject alternate names from this CSR."""
return []
def can_sign(name):
"""Does this CA's policy forbid signing this name via Chocolate DV?"""
# We could have a regular expression match here, like
# ([a-z0-9]+\.)+[a-z0-9]+
# and there is also a list of TLDs to check against to confirm that
# the name is actually a FQDN.
if "." not in name: return False
# Examples of names that are forbidden by policy due to a blacklist.
if name in ["google.com", "www.google.com"]: return False
def verify(key, data):
"""What string was validly signed by this public key? (or None)"""
return None