Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error for emoji punycode domains #121

Open
dapetcu21 opened this issue Jul 11, 2018 · 1 comment
Open

Error for emoji punycode domains #121

dapetcu21 opened this issue Jul 11, 2018 · 1 comment

Comments

@dapetcu21
Copy link

My domain is https://🐈.cf, which translates to https://xn--zn8h.cf, which is apparently rejected by simp_le:

-----> Getting letsencrypt certificate for pisi...
- Domain 'pisi.petcu.me'
- Domain 'xn--zn8h.cf'
- Domain 'www.xn--zn8h.cf'
darkhttpd/1.12, copyright (c) 2003-2016 Emil Mikulic.
listening on: http://0.0.0.0:80/
Traceback (most recent call last):
File "/simp_le-master/simp_le.py", line 1401, in main
return main_with_exceptions(cli_args)
File "/simp_le-master/simp_le.py", line 1386, in main_with_exceptions
persist_new_data(args, existing_data)
File "/simp_le-master/simp_le.py", line 1300, in persist_new_data
challb.chall, name, client.key.public_key())
File "/usr/lib/python2.7/site-packages/acme/challenges.py", line 322, in simple_verify
http_response = requests.get(uri)
File "/usr/lib/python2.7/site-packages/requests/api.py", line 72, in get
return request('get', url, params=params, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/api.py", line 58, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 508, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 640, in send
history = [resp for resp in gen] if allow_redirects else []
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 218, in resolve_redirects
**adapter_kwargs
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 618, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 440, in send
timeout=timeout
File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 601, in urlopen
chunked=chunked)
File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 346, in _make_request
self._validate_conn(conn)
File "/usr/lib/python2.7/site-packages/urllib3/connectionpool.py", line 850, in _validate_conn
conn.connect()
File "/usr/lib/python2.7/site-packages/urllib3/connection.py", line 337, in connect
cert = self.sock.getpeercert()
File "/usr/lib/python2.7/site-packages/urllib3/contrib/pyopenssl.py", line 348, in getpeercert
'subjectAltName': get_subj_alt_name(x509)
File "/usr/lib/python2.7/site-packages/urllib3/contrib/pyopenssl.py", line 222, in get_subj_alt_name
for name in ext.get_values_for_type(x509.DNSName)
File "/usr/lib/python2.7/site-packages/urllib3/contrib/pyopenssl.py", line 175, in _dnsname_to_stdlib
name = idna_encode(name)
File "/usr/lib/python2.7/site-packages/urllib3/contrib/pyopenssl.py", line 173, in idna_encode
return idna.encode(name)
File "/usr/lib/python2.7/site-packages/idna/core.py", line 355, in encode
result.append(alabel(label))
File "/usr/lib/python2.7/site-packages/idna/core.py", line 265, in alabel
raise IDNAError('The label {0} is not a valid A-label'.format(label))
IDNAError: The label xn--zn8h is not a valid A-label
@zenhack
Copy link
Contributor

zenhack commented Jul 11, 2018

Hey @dapetcu21,

First, this repo hasn't been maintained in some time -- these days
I maintain a fork (https://github.com/zenhack/simp_le), which is what letsencrypt.org points to and afaik most people are using.

Per rfc5892, the cat emoji is in fact illegal in domain names (along with symbols in general). Indeed, I tried putting https://🐈 .cf into my address bar, and neither firefox or chromium wants to treat it as a URL; they both try to do a search, and when I follow the link you provide it displays the domain in it's encoded form.

simp_le should probably catch the error and report it in a user-friendly way (instead of a giant stack trace).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dapetcu21 @zenhack