sslSNICallback: Properly disallow invalid characters

Completely discard hostnames containing invalid characters, instead of
merely replacing the invalid characters with uninitialized memory.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>

diff --git a/libhttp/ssl.c b/libhttp/ssl.c
index 8e3ae02405c550ef234d7f626770a1477648858d..c8de457ddf07b659a1d7a987744ee57f7b82a65f 100755 (executable)
--- a/libhttp/ssl.c
+++ b/libhttp/ssl.c
@@ -572,18 +572,14 @@ static int sslSNICallback(SSL *sslHndl, int *al ATTR_UNUSED,
     } else if (ch != '\000' && ch != '.' && ch != '-' &&
                (ch < '0' ||(ch > '9' && ch < 'A') || (ch > 'Z' &&
                 ch < 'a')|| ch > 'z')) {
-      i++;
-      continue;
+      free(serverName);
+      return SSL_TLSEXT_ERR_OK;
     }
     serverName[++i]       = ch;
     if (!ch) {
       break;
     }
   }
-  if (!*serverName) {
-    free(serverName);
-    return SSL_TLSEXT_ERR_OK;
-  }
   SSL_CTX *context        = (SSL_CTX *)getFromTrie(&ssl->sniContexts,
                                                    serverName+1,
                                                    NULL);