don't ignore punycode errors when decoding SNI-provided servname

author: Omar Polo <op@omarpolo.com> 2021-01-29 17:29:14 +0000
committer: Omar Polo <op@omarpolo.com> 2021-01-29 17:29:14 +0000
commit: a8d4a89770f9de24a812a3638c83dde56542d413 (patch)
tree: 2885c73c7f44430bdb3fa57c964de768b393c149 /server.c
parent: 4a3ab6092855f7297ed1b29e89e3423fbece4e5b (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/server.c b/server.c
index 137103f..4ee62bc 100644
--- a/server.c
+++ b/server.c
@@ -251,6 +251,7 @@ handle_handshake(struct pollfd *fds, struct client *c)
 {
 	struct vhost *h;
 	const char *servname;
+	const char *parse_err = "unknown error";
 
 	switch (tls_handshake(c->ctx)) {
 	case 0:  /* success */
@@ -268,7 +269,10 @@ handle_handshake(struct pollfd *fds, struct client *c)
 	}
 
 	servname = tls_conn_servername(c->ctx);
-	puny_decode(servname, c->domain, sizeof(c->domain));
+	if (!puny_decode(servname, c->domain, sizeof(c->domain), &parse_err)) {
+		LOGI(c, "%s", parse_err);
+		goto err;
+	}
 
 	for (h = hosts; h->domain != NULL; ++h) {
 		if (!fnmatch(h->domain, c->domain, 0))
@@ -287,12 +291,13 @@ handle_handshake(struct pollfd *fds, struct client *c)
 		return;
 	}
 
+err:
 	if (servname != NULL)
 		strncpy(c->req, servname, sizeof(c->req));
 	else
 		strncpy(c->req, "null", sizeof(c->req));
 
-	start_reply(fds, c, BAD_REQUEST, "Wrong host or missing SNI");
+	start_reply(fds, c, BAD_REQUEST, "Wrong/malformed host or missing SNI");
 }
 
 void
author	Omar Polo <op@omarpolo.com>	2021-01-29 17:29:14 +0000
committer	Omar Polo <op@omarpolo.com>	2021-01-29 17:29:14 +0000
commit	a8d4a89770f9de24a812a3638c83dde56542d413 (patch)
tree	2885c73c7f44430bdb3fa57c964de768b393c149 /server.c
parent	4a3ab6092855f7297ed1b29e89e3423fbece4e5b (diff)