Lowercase domain names

diff --git a/tls/dial.go b/tls/dial.go
index 2f1c8b6daaf8269c09f8d98245d1b4523da19831..172e3fc81cb353283dbf80ee9ffb40e7b3e3c04c 100644 (file)
--- a/tls/dial.go
+++ b/tls/dial.go
@@ -33,6 +33,7 @@ var sessionCache = tls.NewLRUClientSessionCache(1024)
 
 func DialTLS(ctx context.Context, network, addr string) (net.Conn, error) {
        host, _, _ := SplitHostPort(addr)
+       host = toLowerCaseASCII(host)
        ccg := ClientCertificateGetter{host: host}
        cfg := tls.Config{
                VerifyPeerCertificate: func(

diff --git a/tls/tolower.go b/tls/tolower.go
new file mode 100644 (file)
index 0000000..321441e
--- /dev/null
+++ b/tls/tolower.go
@@ -0,0 +1,28 @@
+package tofuproxy
+
+import "unicode/utf8"
+
+// Copy-pasted from crypto/x509, as it is not public.
+func toLowerCaseASCII(in string) string {
+       isAlreadyLowerCase := true
+       for _, c := range in {
+               if c == utf8.RuneError {
+                       isAlreadyLowerCase = false
+                       break
+               }
+               if 'A' <= c && c <= 'Z' {
+                       isAlreadyLowerCase = false
+                       break
+               }
+       }
+       if isAlreadyLowerCase {
+               return in
+       }
+       out := []byte(in)
+       for i, c := range out {
+               if 'A' <= c && c <= 'Z' {
+                       out[i] += 'a' - 'A'
+               }
+       }
+       return string(out)
+}

diff --git a/version.go b/version.go
index a36c72a53655160f81e78c9c57291df62fe3d74c..732fa0428e946848d530823f74e6b3b1d1af5c72 100644 (file)
--- a/version.go
+++ b/version.go
@@ -1,3 +1,3 @@
 package tofuproxy
 
-const Version = "0.3.0"
+const Version = "0.4.0"