acme/autocert: validate SNI value even more

Follow-up to https://golang.org/cl/42497

Change-Id: I638e7ba5e924a74ce5318e4b50fb18082fd1a43f
Reviewed-on: https://go-review.googlesource.com/42499
Reviewed-by: Alex Vaghin <ddos@google.com>

acme/autocert/autocert.go

@@ -176,9 +176,11 @@ func (m *Manager) GetCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate,
 	if name == "" {
 		return nil, errors.New("acme/autocert: missing server name")
 	}
-
+	if !strings.Contains(strings.Trim(name, "."), ".") {
+		return nil, errors.New("acme/autocert: server name component count invalid")
+	}
 	if strings.ContainsAny(name, `/\`) {
-		return nil, errors.New("acme/autocert: bogus SNI value")
+		return nil, errors.New("acme/autocert: server name contains invalid character")
 	}
 
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)

acme/autocert/autocert_test.go

@@ -588,8 +588,13 @@ func TestManagerGetCertificateBogusSNI(t *testing.T) {
 	}{
 		{"foo.com", "cache.Get of foo.com"},
 		{"foo.com.", "cache.Get of foo.com"},
-		{`a\b`, "acme/autocert: bogus SNI value"},
+		{`a\b.com`, "acme/autocert: server name contains invalid character"},
+		{`a/b.com`, "acme/autocert: server name contains invalid character"},
 		{"", "acme/autocert: missing server name"},
+		{"foo", "acme/autocert: server name component count invalid"},
+		{".foo", "acme/autocert: server name component count invalid"},
+		{"foo.", "acme/autocert: server name component count invalid"},
+		{"fo.o", "cache.Get of fo.o"},
 	}
 	for _, tt := range tests {
 		_, err := m.GetCertificate(&tls.ClientHelloInfo{ServerName: tt.name})