1 files changed, 9 insertions, 2 deletions
diff --git a/Swiften/TLS/ServerIdentityVerifier.cpp b/Swiften/TLS/ServerIdentityVerifier.cpp
index 02459b9..0608a03 100644
--- a/Swiften/TLS/ServerIdentityVerifier.cpp
+++ b/Swiften/TLS/ServerIdentityVerifier.cpp
@@ -7,21 +7,25 @@
 #include <Swiften/TLS/ServerIdentityVerifier.h>
 
 #include <boost/algorithm/string.hpp>
 
 #include <Swiften/Base/foreach.h>
 #include <Swiften/IDN/IDNConverter.h>
 
 namespace Swift {
 
-ServerIdentityVerifier::ServerIdentityVerifier(const JID& jid, IDNConverter* idnConverter) {
+ServerIdentityVerifier::ServerIdentityVerifier(const JID& jid, IDNConverter* idnConverter) : domainValid(false) {
 	domain = jid.getDomain();
-	encodedDomain = idnConverter->getIDNAEncoded(domain);
+	boost::optional<std::string> domainResult = idnConverter->getIDNAEncoded(domain);
+	if (!!domainResult) {
+		encodedDomain = *domainResult;
+		domainValid = true;
+	}
 }
 
 bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) {
 	bool hasSAN = false;
 
 	if (certificate == NULL) {
 	    return false;
 	}
 	// DNS names
@@ -61,18 +65,21 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) {
 				return true;
 			}
 		}
 	}
 
 	return false;
 }
 
 bool ServerIdentityVerifier::matchesDomain(const std::string& s) const {
+	if (!domainValid) {
+		return false;
+	}
 	if (boost::starts_with(s, "*.")) {
 		std::string matchString(s.substr(2, s.npos));
 		std::string matchDomain = encodedDomain;
 		size_t dotIndex = matchDomain.find('.');
 		if (dotIndex != matchDomain.npos) {
 			matchDomain = matchDomain.substr(dotIndex + 1, matchDomain.npos);
 		}
 		return matchString == matchDomain;
 	}