client: Support IDNs

Convert IDNs to punycode before performing DNS lookups.
2021-02-09 15:59:45 -05:00 · 2021-02-09 15:59:45 -05:00 · 79e0296bed
commit 79e0296bed
parent f0e9150663
4 changed files with 54 additions and 19 deletions
--- a/client.go
+++ b/client.go
@ -8,7 +8,6 @@ import (
 	"errors"
 	"fmt"
 	"net"
 	"strings"
 	"time"
 )
@ -44,11 +43,14 @@ func (c *Client) Get(url string) (*Response, error) {
 // Do performs a Gemini request and returns a Gemini response.
 func (c *Client) Do(req *Request) (*Response, error) {
 	// Extract hostname
-	colonPos := strings.LastIndex(req.Host, ":")
+	hostname, port, err := net.SplitHostPort(req.Host)
-	if colonPos == -1 {
+	if err != nil {
-		colonPos = len(req.Host)
+		return nil, err
 	}
 	punycode, err := punycodeHostname(hostname)
 	if err != nil {
 		return nil, err
 	}
 	hostname := req.Host[:colonPos]
 	// Connect to the host
 	config := &tls.Config{
@ -61,11 +63,11 @@ func (c *Client) Do(req *Request) (*Response, error) {
 			return &tls.Certificate{}, nil
 		},
 		VerifyConnection: func(cs tls.ConnectionState) error {
-			return c.verifyConnection(req, cs)
+			return c.verifyConnection(hostname, punycode, cs)
 		},
-		ServerName: hostname,
+		ServerName: punycode,
 	}
-	// Set connection context
+
 	ctx := req.Context
 	if ctx == nil {
 		ctx = context.Background()
@ -76,7 +78,8 @@ func (c *Client) Do(req *Request) (*Response, error) {
 		Timeout: c.Timeout,
 	}
-	netConn, err := dialer.DialContext(ctx, "tcp", req.Host)
+	address := net.JoinHostPort(punycode, port)
 	netConn, err := dialer.DialContext(ctx, "tcp", address)
 	if err != nil {
 		return nil, err
 	}
@ -129,18 +132,14 @@ func (c *Client) do(conn *tls.Conn, req *Request) (*Response, error) {
 	return resp, nil
 }
-func (c *Client) verifyConnection(req *Request, cs tls.ConnectionState) error {
+func (c *Client) verifyConnection(hostname, punycode string, cs tls.ConnectionState) error {
 	// Verify the hostname
 	var hostname string
 	if host, _, err := net.SplitHostPort(req.Host); err == nil {
 		hostname = host
 	} else {
 		hostname = req.Host
 	}
 	cert := cs.PeerCertificates[0]
 	// Try punycode and then hostname
 	if err := verifyHostname(cert, punycode); err != nil {
 		if err := verifyHostname(cert, hostname); err != nil {
 			return err
 		}
 	}
 	// Check expiration date
 	if !time.Now().Before(cert.NotAfter) {
 		return errors.New("gemini: certificate expired")
--- a/go.mod
+++ b/go.mod
@ -1,3 +1,5 @@
 module git.sr.ht/~adnano/go-gemini
 go 1.15
 require golang.org/x/net v0.0.0-20210119194325-5f4716e94777
--- a/go.sum
+++ b/go.sum
@ -0,0 +1,7 @@
 golang.org/x/net v0.0.0-20210119194325-5f4716e94777 h1:003p0dJM77cxMSyCPFphvZf/Y5/NXf5fzg6ufd1/Oew=
 golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
--- a/punycode.go
+++ b/punycode.go
@ -0,0 +1,27 @@
 package gemini
 import (
 	"net"
 	"unicode/utf8"
 	"golang.org/x/net/idna"
 )
 func isASCII(s string) bool {
 	for i := 0; i < len(s); i++ {
 		if s[i] >= utf8.RuneSelf {
 			return false
 		}
 	}
 	return true
 }
 func punycodeHostname(hostname string) (string, error) {
 	if net.ParseIP(hostname) != nil {
 		return hostname, nil
 	}
 	if isASCII(hostname) {
 		return hostname, nil
 	}
 	return idna.Lookup.ToASCII(hostname)
 }