From 16aff3af62880be8e5368e2b9a80bb37ad7f7a3d Mon Sep 17 00:00:00 2001
From: Neil Alexander <neilalexander@users.noreply.github.com>
Date: Wed, 2 Jun 2021 15:37:43 +0100
Subject: [PATCH] Validate configured server name

---
 setup/config/config_global.go | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/setup/config/config_global.go b/setup/config/config_global.go
index 90a92f2bc..05ab1bb52 100644
--- a/setup/config/config_global.go
+++ b/setup/config/config_global.go
@@ -1,11 +1,13 @@
 package config
 
 import (
+	"fmt"
 	"math/rand"
 	"time"
 
 	"github.com/matrix-org/gomatrixserverlib"
 	"golang.org/x/crypto/ed25519"
+	"golang.org/x/net/idna"
 )
 
 type Global struct {
@@ -73,6 +75,16 @@ func (c *Global) Verify(configErrs *ConfigErrors, isMonolith bool) {
 	checkNotEmpty(configErrs, "global.server_name", string(c.ServerName))
 	checkNotEmpty(configErrs, "global.private_key", string(c.PrivateKeyPath))
 
+	validator := idna.New(
+		idna.StrictDomainName(true),
+		idna.ValidateForRegistration(),
+		idna.ValidateLabels(true),
+		idna.VerifyDNSLength(true),
+	)
+	if _, err := validator.ToUnicode(string(c.ServerName)); err != nil {
+		configErrs.Add(fmt.Sprintf("server_name %q is not a valid domain name", c.ServerName))
+	}
+
 	c.Kafka.Verify(configErrs, isMonolith)
 	c.Metrics.Verify(configErrs, isMonolith)
 	c.Sentry.Verify(configErrs, isMonolith)