Browse code

tls: proper dot position for matching subdomains

- reported by GH #2049

Daniel-Constantin Mierla authored on 29/08/2019 16:51:17
Showing 1 changed files
... ...
@@ -1563,7 +1563,7 @@ tls_domain_t* tls_lookup_cfg(tls_domains_cfg_t* cfg, int type,
1563 1563
 				if ((p->server_name_mode==KSR_TLS_SNM_INCDOM
1564 1564
 							|| p->server_name_mode==KSR_TLS_SNM_SUBDOM)
1565 1565
 						&& (p->server_name.len<sname->len)) {
1566
-					dotpos = sname->len - p->server_name.len;
1566
+					dotpos = sname->len - p->server_name.len - 1;
1567 1567
 					if(sname->s[dotpos] == '.'
1568 1568
 							&& strncasecmp(p->server_name.s,
1569 1569
 									sname->s + dotpos + 1,