tls: proper dot position for matching subdomains
authorDaniel-Constantin Mierla <miconda@gmail.com>
Thu, 29 Aug 2019 16:51:17 +0000 (18:51 +0200)
committerDaniel-Constantin Mierla <miconda@gmail.com>
Thu, 29 Aug 2019 16:51:17 +0000 (18:51 +0200)
- reported by GH #2049

src/modules/tls/tls_domain.c

index fff4603..1ca62ff 100644 (file)
@@ -1563,7 +1563,7 @@ tls_domain_t* tls_lookup_cfg(tls_domains_cfg_t* cfg, int type,
                                if ((p->server_name_mode==KSR_TLS_SNM_INCDOM
                                                        || p->server_name_mode==KSR_TLS_SNM_SUBDOM)
                                                && (p->server_name.len<sname->len)) {
-                                       dotpos = sname->len - p->server_name.len;
+                                       dotpos = sname->len - p->server_name.len - 1;
                                        if(sname->s[dotpos] == '.'
                                                        && strncasecmp(p->server_name.s,
                                                                        sname->s + dotpos + 1,