619 # where the wildcard character is embedded within an A-label or |
619 # where the wildcard character is embedded within an A-label or |
620 # U-label of an internationalized domain name. |
620 # U-label of an internationalized domain name. |
621 pats.append(re.escape(leftmost)) |
621 pats.append(re.escape(leftmost)) |
622 else: |
622 else: |
623 # Otherwise, '*' matches any dotless string, e.g. www* |
623 # Otherwise, '*' matches any dotless string, e.g. www* |
624 pats.append(re.escape(leftmost).replace(r'\*', '[^.]*')) |
624 pats.append(re.escape(leftmost).replace(br'\*', '[^.]*')) |
625 |
625 |
626 # add the remaining fragments, ignore any wildcards |
626 # add the remaining fragments, ignore any wildcards |
627 for frag in remainder: |
627 for frag in remainder: |
628 pats.append(re.escape(frag)) |
628 pats.append(re.escape(frag)) |
629 |
629 |
630 pat = re.compile(r'\A' + r'\.'.join(pats) + r'\Z', re.IGNORECASE) |
630 pat = re.compile(br'\A' + br'\.'.join(pats) + br'\Z', re.IGNORECASE) |
631 return pat.match(hostname) is not None |
631 return pat.match(hostname) is not None |
632 |
632 |
633 def _verifycert(cert, hostname): |
633 def _verifycert(cert, hostname): |
634 '''Verify that cert (in socket.getpeercert() format) matches hostname. |
634 '''Verify that cert (in socket.getpeercert() format) matches hostname. |
635 CRLs is not handled. |
635 CRLs is not handled. |