X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FdbObjects%2FDomain.java;h=fa6a6d0e10240b75b37d205c0a33e7645d02980f;hb=2f50dbb24105e6345329b8e9ecb5ef4d67ab2a8c;hp=e5d66a93f08f0ca5ea31638b0fd9951aae7122a5;hpb=ceffae33b0339a2ea8708686320ef9d20e7daaea;p=gigi.git

diff --git a/src/org/cacert/gigi/dbObjects/Domain.java b/src/org/cacert/gigi/dbObjects/Domain.java
index e5d66a93..fa6a6d0e 100644
--- a/src/org/cacert/gigi/dbObjects/Domain.java
+++ b/src/org/cacert/gigi/dbObjects/Domain.java
@@ -51,6 +51,7 @@ public class Domain implements IdCachable, Verifyable {
     }
 
     public Domain(User actor, CertificateOwner owner, String suffix) throws GigiApiException {
+        suffix = suffix.toLowerCase();
         synchronized (Domain.class) {
             checkCertifyableDomain(suffix, actor.isInGroup(Group.CODESIGNING));
             this.owner = owner;
@@ -73,6 +74,12 @@ public class Domain implements IdCachable, Verifyable {
         if ( !s.equals(publicSuffix)) {
             throw new GigiApiException("You may only register a domain with exactly one lable before the public suffix.");
         }
+        if (("." + s).matches("(\\.[0-9]*)*")) {
+            // This is not reached because we currently have no TLD that is
+            // numbers only. But who knows..
+            // Better safe than sorry.
+            throw new GigiApiException("IP Addresses are not allowed");
+        }
         checkPunycode(parts[0], s.substring(parts[0].length() + 1));
     }
 
@@ -123,7 +130,7 @@ public class Domain implements IdCachable, Verifyable {
             boolean existed = rs.next();
             rs.close();
             if (existed) {
-                throw new GigiApiException("Domain could not be inserted. Domain is already valid.");
+                throw new GigiApiException("Domain could not be inserted. Domain is already known to the system.");
             }
         }
     }