source-git / gnutls

Clone
Source Code
GIT

Blame lib/str-idna.c

c8 c8s master
  1.   ca5948f81dd31339b411bde50ba161fd45abb378
  2.   lib
  3.   str-idna.c
Blob History Raw
Packit Service 4684c1 
/*
Packit Service 4684c1 
 * Copyright (C) 2017 Tim Rühsen
Packit Service 4684c1 
 * Copyright (C) 2016, 2017 Red Hat, Inc.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Author: Nikos Mavrogiannopoulos
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This file is part of GnuTLS.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * The GnuTLS is free software; you can redistribute it and/or
Packit Service 4684c1 
 * modify it under the terms of the GNU Lesser General Public License
Packit Service 4684c1 
 * as published by the Free Software Foundation; either version 2.1 of
Packit Service 4684c1 
 * the License, or (at your option) any later version.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This library is distributed in the hope that it will be useful, but
Packit Service 4684c1 
 * WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 4684c1 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit Service 4684c1 
 * Lesser General Public License for more details.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * You should have received a copy of the GNU Lesser General Public License
Packit Service 4684c1 
 * along with this program.  If not, see <https://www.gnu.org/licenses/>
Packit Service 4684c1 
 *
Packit Service 4684c1 
 */
Packit Service 4684c1
Packit Service 4684c1 
#include "gnutls_int.h"
Packit Service 4684c1 
#include "errors.h"
Packit Service 4684c1 
#include "str.h"
Packit Service 4684c1 
#include <unistr.h>
Packit Service 4684c1
Packit Service 4684c1 
#ifdef HAVE_LIBIDN2
Packit Service 4684c1
Packit Service 4684c1 
# include <idn2.h>
Packit Service 4684c1
Packit Service 4684c1 
# define ICAST char
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_idna_map:
Packit Service 4684c1 
 * @input: contain the UTF-8 formatted domain name
Packit Service 4684c1 
 * @ilen: the length of the provided string
Packit Service 4684c1 
 * @out: the result in an null-terminated allocated string
Packit Service 4684c1 
 * @flags: should be zero
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This function will convert the provided UTF-8 domain name, to
Packit Service 4684c1 
 * its IDNA mapping in an allocated variable. Note that depending on the flags the used gnutls
Packit Service 4684c1 
 * library was compiled with, the output of this function may vary (i.e.,
Packit Service 4684c1 
 * may be IDNA2008, or IDNA2003).
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * To force IDNA2008 specify the flag %GNUTLS_IDNA_FORCE_2008. In
Packit Service 4684c1 
 * the case GnuTLS is not compiled with the necessary dependencies,
Packit Service 4684c1 
 * %GNUTLS_E_UNIMPLEMENTED_FEATURE will be returned to indicate that
Packit Service 4684c1 
 * gnutls is unable to perform the requested conversion.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Note also, that this function will return an empty string if an
Packit Service 4684c1 
 * empty string is provided as input.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: %GNUTLS_E_INVALID_UTF8_STRING on invalid UTF-8 data, or 0 on success.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Since: 3.5.8
Packit Service 4684c1 
 **/
Packit Service 4684c1 
int gnutls_idna_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
Packit Service 4684c1 
{
Packit Service 4684c1 
	char *idna = NULL;
Packit Service 4684c1 
	int rc, ret;
Packit Service 4684c1 
	gnutls_datum_t istr;
Packit Service 4684c1 
	unsigned int idn2_flags = IDN2_NFC_INPUT;
Packit Service 4684c1 
	unsigned int idn2_tflags = IDN2_NFC_INPUT;
Packit Service 4684c1
Packit Service 4684c1 
	/* IDN2_NONTRANSITIONAL automatically converts to lowercase
Packit Service 4684c1 
	 * IDN2_NFC_INPUT converts to NFC before toASCII conversion
Packit Service 4684c1 
	 *
Packit Service 4684c1 
	 * Since IDN2_NONTRANSITIONAL implicitly does NFC conversion, we don't need
Packit Service 4684c1 
	 * the additional IDN2_NFC_INPUT. But just for the unlikely case that the linked
Packit Service 4684c1 
	 * library is not matching the headers when building and it doesn't support TR46,
Packit Service 4684c1 
	 * we provide IDN2_NFC_INPUT.
Packit Service 4684c1 
	 *
Packit Service 4684c1 
	 * Without IDN2_USE_STD3_ASCII_RULES, the result could contain any ASCII characters,
Packit Service 4684c1 
	 * e.g. 'evil.c\u2100.example.com' will be converted into
Packit Service 4684c1 
	 * 'evil.ca/c.example.com', which seems no good idea. */
Packit Service 4684c1 
	idn2_flags |= IDN2_NONTRANSITIONAL | IDN2_USE_STD3_ASCII_RULES;
Packit Service 4684c1 
	idn2_tflags |= IDN2_TRANSITIONAL | IDN2_USE_STD3_ASCII_RULES;
Packit Service 4684c1
Packit Service 4684c1 
	if (ilen == 0) {
Packit Service 4684c1 
		out->data = (uint8_t*)gnutls_strdup("");
Packit Service 4684c1 
		out->size = 0;
Packit Service 4684c1 
		if (out->data == NULL)
Packit Service 4684c1 
			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
Packit Service 4684c1 
		return 0;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	if (_gnutls_str_is_print(input, ilen)) {
Packit Service 4684c1 
		return _gnutls_set_strdatum(out, input, ilen);
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	ret = _gnutls_set_strdatum(&istr, input, ilen);
Packit Service 4684c1 
	if (ret < 0) {
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		return ret;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	rc = idn2_to_ascii_8z((ICAST*)istr.data, (ICAST**)&idna, idn2_flags);
Packit Service 4684c1 
	if (rc == IDN2_DISALLOWED && !(flags & GNUTLS_IDNA_FORCE_2008))
Packit Service 4684c1 
		rc = idn2_to_ascii_8z((ICAST*)istr.data, (ICAST**)&idna, idn2_tflags);
Packit Service 4684c1
Packit Service 4684c1 
	if (rc != IDN2_OK) {
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		idna = NULL; /* in case idn2_lookup_u8 modifies &idna */
Packit Service 4684c1 
		_gnutls_debug_log("unable to convert name '%s' to IDNA format: %s\n", istr.data, idn2_strerror(rc));
Packit Service 4684c1 
		ret = GNUTLS_E_INVALID_UTF8_STRING;
Packit Service 4684c1 
		goto fail;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	if (gnutls_free != idn2_free) {
Packit Service 4684c1 
		ret = _gnutls_set_strdatum(out, idna, strlen(idna));
Packit Service 4684c1 
	} else  {
Packit Service 4684c1 
		out->data = (unsigned char*)idna;
Packit Service 4684c1 
		out->size = strlen(idna);
Packit Service 4684c1 
		idna = NULL;
Packit Service 4684c1 
		ret = 0;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
 fail:
Packit Service 4684c1 
	idn2_free(idna);
Packit Service 4684c1 
	gnutls_free(istr.data);
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_idna_reverse_map:
Packit Service 4684c1 
 * @input: contain the ACE (IDNA) formatted domain name
Packit Service 4684c1 
 * @ilen: the length of the provided string
Packit Service 4684c1 
 * @out: the result in an null-terminated allocated UTF-8 string
Packit Service 4684c1 
 * @flags: should be zero
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This function will convert an ACE (ASCII-encoded) domain name to a UTF-8 domain name.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * If GnuTLS is compiled without IDNA support, then this function
Packit Service 4684c1 
 * will return %GNUTLS_E_UNIMPLEMENTED_FEATURE.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Note also, that this function will return an empty string if an
Packit Service 4684c1 
 * empty string is provided as input.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: A negative error code on error, or 0 on success.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Since: 3.5.8
Packit Service 4684c1 
 **/
Packit Service 4684c1 
int gnutls_idna_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
Packit Service 4684c1 
{
Packit Service 4684c1 
	char *u8 = NULL;
Packit Service 4684c1 
	int rc, ret;
Packit Service 4684c1 
	gnutls_datum_t istr;
Packit Service 4684c1
Packit Service 4684c1 
	if (ilen == 0) {
Packit Service 4684c1 
		out->data = (uint8_t*)gnutls_strdup("");
Packit Service 4684c1 
		out->size = 0;
Packit Service 4684c1 
		if (out->data == NULL)
Packit Service 4684c1 
			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
Packit Service 4684c1 
		return 0;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	ret = _gnutls_set_strdatum(&istr, input, ilen);
Packit Service 4684c1 
	if (ret < 0) {
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		return ret;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	/* currently libidn2 just converts single labels, thus a wrapper function */
Packit Service 4684c1 
	rc = idn2_to_unicode_8z8z((char*)istr.data, &u8, 0);
Packit Service 4684c1 
	if (rc != IDN2_OK) {
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		_gnutls_debug_log("unable to convert ACE name '%s' to UTF-8 format: %s\n", istr.data, idn2_strerror(rc));
Packit Service 4684c1 
		ret = GNUTLS_E_INVALID_UTF8_STRING;
Packit Service 4684c1 
		goto fail;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	if (gnutls_malloc != malloc) {
Packit Service 4684c1 
		ret = _gnutls_set_strdatum(out, u8, strlen(u8));
Packit Service 4684c1 
	} else  {
Packit Service 4684c1 
		out->data = (unsigned char*)u8;
Packit Service 4684c1 
		out->size = strlen(u8);
Packit Service 4684c1 
		u8 = NULL;
Packit Service 4684c1 
		ret = 0;
Packit Service 4684c1 
	}
Packit Service 4684c1 
 fail:
Packit Service 4684c1 
	idn2_free(u8);
Packit Service 4684c1 
	gnutls_free(istr.data);
Packit Service 4684c1 
	return ret;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
#else /* no HAVE_LIBIDN2 */
Packit Service 4684c1
Packit Service 4684c1 
# undef gnutls_idna_map
Packit Service 4684c1 
int gnutls_idna_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (!_gnutls_str_is_print(input, ilen)) {
Packit Service 4684c1 
		return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	return _gnutls_set_strdatum(out, input, ilen);
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
int gnutls_idna_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
Packit Service 4684c1 
{
Packit Service 4684c1 
	return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
Packit Service 4684c1 
}
Packit Service 4684c1 
#endif /* HAVE_LIBIDN2 */
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_idna_email_map(const char *input, unsigned ilen, gnutls_datum_t *output)
Packit Service 4684c1 
{
Packit Service 4684c1 
	const char *p = input;
Packit Service 4684c1
Packit Service 4684c1 
	while(*p != 0 && *p != '@') {
Packit Service 4684c1 
		if (!c_isprint(*p))
Packit Service 4684c1 
			return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
Packit Service 4684c1 
		p++;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	if (_gnutls_str_is_print(input, ilen)) {
Packit Service 4684c1 
		return _gnutls_set_strdatum(output, input, ilen);
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	if (*p == '@') {
Packit Service 4684c1 
		unsigned name_part = p-input;
Packit Service 4684c1 
		int ret;
Packit Service 4684c1 
		gnutls_datum_t domain;
Packit Service 4684c1
Packit Service 4684c1 
		ret = gnutls_idna_map(p+1, ilen-name_part-1, &domain, 0);
Packit Service 4684c1 
		if (ret < 0)
Packit Service 4684c1 
			return gnutls_assert_val(ret);
Packit Service 4684c1
Packit Service 4684c1 
		output->data = gnutls_malloc(name_part+1+domain.size+1);
Packit Service 4684c1 
		if (output->data == NULL) {
Packit Service 4684c1 
			gnutls_free(domain.data);
Packit Service 4684c1 
			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
Packit Service 4684c1 
		}
Packit Service 4684c1 
		memcpy(output->data, input, name_part);
Packit Service 4684c1 
		output->data[name_part] = '@';
Packit Service 4684c1 
		memcpy(&output->data[name_part+1], domain.data, domain.size);
Packit Service 4684c1 
		output->data[name_part+domain.size+1] = 0;
Packit Service 4684c1 
		output->size = name_part+domain.size+1;
Packit Service 4684c1 
		gnutls_free(domain.data);
Packit Service 4684c1 
		return 0;
Packit Service 4684c1 
	} else {
Packit Service 4684c1 
		return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
Packit Service 4684c1 
	}
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
int _gnutls_idna_email_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *output)
Packit Service 4684c1 
{
Packit Service 4684c1 
	const char *p = input;
Packit Service 4684c1
Packit Service 4684c1 
	while(*p != 0 && *p != '@') {
Packit Service 4684c1 
		if (!c_isprint(*p))
Packit Service 4684c1 
			return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
Packit Service 4684c1 
		p++;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	if (*p == '@') {
Packit Service 4684c1 
		unsigned name_part = p-input;
Packit Service 4684c1 
		int ret;
Packit Service 4684c1 
		gnutls_datum_t domain;
Packit Service 4684c1
Packit Service 4684c1 
		ret = gnutls_idna_reverse_map(p+1, ilen-name_part-1, &domain, 0);
Packit Service 4684c1 
		if (ret < 0)
Packit Service 4684c1 
			return gnutls_assert_val(ret);
Packit Service 4684c1
Packit Service 4684c1 
		output->data = gnutls_malloc(name_part+1+domain.size+1);
Packit Service 4684c1 
		if (output->data == NULL) {
Packit Service 4684c1 
			gnutls_free(domain.data);
Packit Service 4684c1 
			return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
Packit Service 4684c1 
		}
Packit Service 4684c1 
		memcpy(output->data, input, name_part);
Packit Service 4684c1 
		output->data[name_part] = '@';
Packit Service 4684c1 
		memcpy(&output->data[name_part+1], domain.data, domain.size);
Packit Service 4684c1 
		output->data[name_part+domain.size+1] = 0;
Packit Service 4684c1 
		output->size = name_part+domain.size+1;
Packit Service 4684c1 
		gnutls_free(domain.data);
Packit Service 4684c1 
		return 0;
Packit Service 4684c1 
	} else {
Packit Service 4684c1 
		return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
Packit Service 4684c1 
	}
Packit Service 4684c1 
}

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation