MCPcopy
hub / github.com/caddyserver/certmagic / MatchWildcard

Function MatchWildcard

certificates.go:672–694  ·  view source on GitHub ↗

MatchWildcard returns true if subject (a candidate DNS name) matches wildcard (a reference DNS name), mostly according to RFC 6125-compliant wildcard rules. See also RFC 2818 which states that IP addresses must match exactly, but this function does not attempt to distinguish IP addresses from intern

(subject, wildcard string)

Source from the content-addressed store, hash-verified

670// It uses DNS wildcard matching logic and is case-insensitive.
671// https://tools.ietf.org/html/rfc2818#section-3.1
672func MatchWildcard(subject, wildcard string) bool {
673 // Strip brackets from IPv6 addresses (e.g. "[::1]" from HTTP Host headers).
674 subject = hostOnly(subject)
675 subject, wildcard = strings.ToLower(subject), strings.ToLower(wildcard)
676 if subject == wildcard {
677 return true
678 }
679 if !strings.Contains(wildcard, "*") {
680 return false
681 }
682 labels := strings.Split(subject, ".")
683 for i := range labels {
684 if labels[i] == "" {
685 continue // invalid label
686 }
687 labels[i] = "*"
688 candidate := strings.Join(labels, ".")
689 if candidate == wildcard {
690 return true
691 }
692 }
693 return false
694}

Callers 1

TestMatchWildcardFunction · 0.85

Calls 1

hostOnlyFunction · 0.85

Tested by 1

TestMatchWildcardFunction · 0.68

Used in the wild real call sites across dependent graphs

searching dependent graphs…