FWIW, I’d much rather that invalid characters in $tls_sni prompt an error.

There seems no reason to serve up meaningful content to someone who’s sending a 
malformed SNI header.

-Felipe Gasper
Mississauga, ON


> On Oct 17, 2016, at 11:42 PM, Jasen Betts <ja...@xnet.co.nz> wrote:
> 
> On 2016-10-17, Mike Tubby <m...@tubby.org> wrote:
>> 
>> Couldn't we have - per perhaps shouldn't we have - a "safe domain name" 
>> function in Exim that could be used for this and elsewhere where an 
>> untrusted domain name enters - it would:
>> 
>>     * remove white space (tab, space, etc)
>>     * remove non-printing chars
>>     * remove 'quoting' and 'escaping'
>>     * make it lower case
>>     * only allow valid characters for a FQDN
> 
> why remove? why not just reject if it contains any badness?
> 
>> call it something like "safe_fqdn" and then you could do:
>> 
>>     ${if 
>> exists{/etc/mail/ssl/${safe_fqdn:tls_sni}.pem}{/etc/mail/ssl/${safe_fqdn:tls_sni}.pem}{/etc/mail/default-cert.pem}
>> 
>> aren't computers are supposed to be doing the work for us...?
>> 
> This:
> 
> ${domain:a@$tls_sni}
> 
> will give the domain part if the $tls_sni is syntactically correct for a
> domain name else it will give the empty string.
> 
> Is that not good enough?
> 
> 
>   ${if exists{/etc/mail/ssl/${domain:a@$tls_sni}.pem}\
>        {/etc/mail/ssl/${domain:a@$tls_sni}.pem}\
>        {/etc/mail/default-cert.pem}\
>    }
> 
> 
> it's going to try to use a file called /etc/mail/ssl/.pem if the sni
> is empty or contains garbage, probably not a problem. 
> 
> -- 
> This email has not been checked by half-arsed antivirus software 
> 
> -- 
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/


-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to