Work around nytimes.com's broken hostnames in our SOCKS checks.

RFC 952 is approximately 30 years old, and people are failing to comply,
by serving A records with '_' as part of the hostname.  Since relaxing
the check is a QOL improvement for our userbase, relax the check to
allow such abominations as destinations, especially since there are
likely to be other similarly misconfigured domains out there.

1 files changed, 7 insertions, 2 deletions

diff --git a/src/test/test_util.c b/src/test/test_util.c
index b0366db37f..0f64c26e01 100644
--- a/src/test/test_util.c
+++ b/src/test/test_util.c
@@ -4268,18 +4268,23 @@ test_util_hostname_validation(void *arg)
   tt_assert(string_is_valid_hostname("stanford.edu"));
   tt_assert(string_is_valid_hostname("multiple-words-with-hypens.jp"));
 
-  // Subdomain name cannot start with '-'.
+  // Subdomain name cannot start with '-' or '_'.
   tt_assert(!string_is_valid_hostname("-torproject.org"));
   tt_assert(!string_is_valid_hostname("subdomain.-domain.org"));
   tt_assert(!string_is_valid_hostname("-subdomain.domain.org"));
+  tt_assert(!string_is_valid_hostname("___abc.org"));
 
   // Hostnames cannot contain non-alphanumeric characters.
   tt_assert(!string_is_valid_hostname("%%domain.\\org."));
   tt_assert(!string_is_valid_hostname("***x.net"));
-  tt_assert(!string_is_valid_hostname("___abc.org"));
   tt_assert(!string_is_valid_hostname("\xff\xffxyz.org"));
   tt_assert(!string_is_valid_hostname("word1 word2.net"));
 
+  // Test workaround for nytimes.com stupidity, technically invalid,
+  // but we allow it since they are big, even though they are failing to
+  // comply with a ~30 year old standard.
+  tt_assert(string_is_valid_hostname("core3_euw1.fabrik.nytimes.com"));
+
   // XXX: do we allow single-label DNS names?
 
   done: