commit 79288c8b6077a573243c4654e3b3c4948febdb99
from: Omar Polo <op@omarpolo.com>
date: Fri Sep 24 07:40:24 2021 UTC

making more explicit the case of missing SNI

Missing SNI (i.e. servname == NULL) is already handled correctly.
puny_decode refuses to work on NULL servname, c->domain is still the
empty string and everything flows as expected towards the error at the
end.  However, it's better to bail out early and make more explicit
how the case of missing SNI is handled.

commit - 2b38d395cdf3a5b9a91d0495fc322181341d5862
commit + 79288c8b6077a573243c4654e3b3c4948febdb99
blob - 18fdb6e5878d1d81c9e1cb709bec9fb05c450c8c
blob + 0ee226639fdaf684eac3b7c3236151b3eb59b4e9
--- server.c
+++ server.c
@@ -464,7 +464,11 @@ handle_handshake(int fd, short ev, void *d)
 		abort();
 	}
 
-	servname = tls_conn_servername(c->ctx);
+	if ((servname = tls_conn_servername(c->ctx)) == NULL) {
+		log_debug(c, "handshake: missing SNI");
+		goto err;
+	}
+
 	if (!puny_decode(servname, c->domain, sizeof(c->domain), &parse_err)) {
 		log_info(c, "puny_decode: %s", parse_err);
 		goto err;