From 9c6ca258e1d57e7441b60db4474a68c36356dae2 Mon Sep 17 00:00:00 2001
From: Jonathan Vanasco <jonathan@2xlp.com>
Date: Mon, 11 Jan 2021 07:55:31 -0500
Subject: [PATCH] relax subdomain validation from UUID to actual subdomain
 (#243)

---
 validation.go      | 11 ++++++-----
 validation_test.go |  4 +++-
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/validation.go b/validation.go
index 797e763..df39e85 100644
--- a/validation.go
+++ b/validation.go
@@ -5,6 +5,8 @@ import (
 
 	"github.com/google/uuid"
 	"golang.org/x/crypto/bcrypt"
+
+	"regexp"
 )
 
 func getValidUsername(u string) (uuid.UUID, error) {
@@ -25,13 +27,12 @@ func validKey(k string) bool {
 }
 
 func validSubdomain(s string) bool {
-	_, err := uuid.Parse(s)
-	if err == nil {
-		return true
-	}
-	return false
+	// URL safe base64 alphabet without padding as defined in ACME
+	RegExp := regexp.MustCompile("^[A-Za-z0-9](?:[A-Za-z0-9-]{0,61}[A-Za-z0-9])?$")
+	return RegExp.MatchString(s)
 }
 
+
 func validTXT(s string) bool {
 	sn := sanitizeString(s)
 	if utf8.RuneCountInString(s) == 43 && utf8.RuneCountInString(sn) == 43 {
diff --git a/validation_test.go b/validation_test.go
index 37dd05f..16dfc04 100644
--- a/validation_test.go
+++ b/validation_test.go
@@ -55,7 +55,9 @@ func TestGetValidSubdomain(t *testing.T) {
 		output    bool
 	}{
 		{"a097455b-52cc-4569-90c8-7a4b97c6eba8", true},
-		{"a-97455b-52cc-4569-90c8-7a4b97c6eba8", false},
+		{"a-97455b-52cc-4569-90c8-7a4b97c6eba8", true},
+		{"foo.example.com", false},
+		{"foo-example-com", true},
 		{"", false},
 		{"&!#!25123!%!'%", false},
 	} {
-- 
GitLab