shithub: riscv

Download patch

ref: a9e533ad1ecc5b15c6f6ab4dcc1aa79fe8e5f98a
parent: bda0561f458658853f95550d10337ef11cc2f57f
author: cinap_lenrek <[email protected]>
date: Sat Oct 30 20:12:36 EDT 2021

acmed: handle international domain names

--- a/sys/src/cmd/auth/acmed.c
+++ b/sys/src/cmd/auth/acmed.c
@@ -741,9 +741,9 @@
 static void
 getcert(char *csrpath)
 {
-	char *csr, *dom[64], name[2048];
+	char *csr, *dom[64], subj[2048];
 	uchar *der;
-	int nder, ndom, fd;
+	int nder, i, ndom, fd;
 	RSApub *rsa;
 	Hdr loc = { "location" };
 	JSON *o;
@@ -752,24 +752,39 @@
 		sysfatal("open %s: %r", csrpath);
 	if((der = slurp(fd, &nder)) == nil)
 		sysfatal("read %s: %r", csrpath);
-	if((rsa = X509reqtoRSApub(der, nder, name, sizeof(name))) == nil)
+	close(fd);
+
+	if((rsa = X509reqtoRSApub(der, nder, subj, sizeof(subj))) == nil)
 		sysfatal("decode csr: %r");
+	rsapubfree(rsa);
 	if((csr = encurl64(der, nder)) == nil)
 		sysfatal("encode %s: %r", csrpath);
-	if((ndom = getfields(name, dom, nelem(dom), 1, ", ")) == nelem(dom))
-		sysfatal("too man domains");
-	rsapubfree(rsa);
-	close(fd);
 	free(der);
 
+	dprint("subject: %s\n", subj);
+	if((ndom = getfields(subj, dom, nelem(dom), 1, ", ")) == nelem(dom))
+		sysfatal("too man domains");
+
+	for(i = 0; i < ndom; i++){
+		char buf[256], *s = dom[i];
+		if(utf2idn(s, buf, sizeof(buf)) >= 0)
+			s = buf;
+		dprint("dom[%d]: %s\n", i, s);
+		dom[i] = strdup(s);
+	}
+
 	if((o = submitorder(dom, ndom, &loc)) == nil)
 		sysfatal("order: %r");
 	if(dochallenges(dom, ndom, o) == -1)
 		sysfatal("challenge: %r");
+
 	if(submitcsr(o, csr) == -1)
 		sysfatal("signing cert: %r");
 	if(fetchcert(loc.val) == -1)
 		sysfatal("saving cert: %r");
+
+	for(i = 0; i < ndom; i++)
+		free(dom[i]);
 	free(csr);
 }