|
Packit Service |
4684c1 |
/*
|
|
Packit Service |
4684c1 |
* Copyright (C) 2017 Tim Rühsen
|
|
Packit Service |
4684c1 |
* Copyright (C) 2016, 2017 Red Hat, Inc.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Author: Nikos Mavrogiannopoulos
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* This file is part of GnuTLS.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* The GnuTLS is free software; you can redistribute it and/or
|
|
Packit Service |
4684c1 |
* modify it under the terms of the GNU Lesser General Public License
|
|
Packit Service |
4684c1 |
* as published by the Free Software Foundation; either version 2.1 of
|
|
Packit Service |
4684c1 |
* the License, or (at your option) any later version.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* This library is distributed in the hope that it will be useful, but
|
|
Packit Service |
4684c1 |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
4684c1 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit Service |
4684c1 |
* Lesser General Public License for more details.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* You should have received a copy of the GNU Lesser General Public License
|
|
Packit Service |
4684c1 |
* along with this program. If not, see <https://www.gnu.org/licenses/>
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include "gnutls_int.h"
|
|
Packit Service |
4684c1 |
#include "errors.h"
|
|
Packit Service |
4684c1 |
#include "str.h"
|
|
Packit Service |
4684c1 |
#include <unistr.h>
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#ifdef HAVE_LIBIDN2
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
# include <idn2.h>
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
# define ICAST char
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/**
|
|
Packit Service |
4684c1 |
* gnutls_idna_map:
|
|
Packit Service |
4684c1 |
* @input: contain the UTF-8 formatted domain name
|
|
Packit Service |
4684c1 |
* @ilen: the length of the provided string
|
|
Packit Service |
4684c1 |
* @out: the result in an null-terminated allocated string
|
|
Packit Service |
4684c1 |
* @flags: should be zero
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* This function will convert the provided UTF-8 domain name, to
|
|
Packit Service |
4684c1 |
* its IDNA mapping in an allocated variable. Note that depending on the flags the used gnutls
|
|
Packit Service |
4684c1 |
* library was compiled with, the output of this function may vary (i.e.,
|
|
Packit Service |
4684c1 |
* may be IDNA2008, or IDNA2003).
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* To force IDNA2008 specify the flag %GNUTLS_IDNA_FORCE_2008. In
|
|
Packit Service |
4684c1 |
* the case GnuTLS is not compiled with the necessary dependencies,
|
|
Packit Service |
4684c1 |
* %GNUTLS_E_UNIMPLEMENTED_FEATURE will be returned to indicate that
|
|
Packit Service |
4684c1 |
* gnutls is unable to perform the requested conversion.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Note also, that this function will return an empty string if an
|
|
Packit Service |
4684c1 |
* empty string is provided as input.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Returns: %GNUTLS_E_INVALID_UTF8_STRING on invalid UTF-8 data, or 0 on success.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Since: 3.5.8
|
|
Packit Service |
4684c1 |
**/
|
|
Packit Service |
4684c1 |
int gnutls_idna_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
char *idna = NULL;
|
|
Packit Service |
4684c1 |
int rc, ret;
|
|
Packit Service |
4684c1 |
gnutls_datum_t istr;
|
|
Packit Service |
4684c1 |
unsigned int idn2_flags = IDN2_NFC_INPUT;
|
|
Packit Service |
4684c1 |
unsigned int idn2_tflags = IDN2_NFC_INPUT;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* IDN2_NONTRANSITIONAL automatically converts to lowercase
|
|
Packit Service |
4684c1 |
* IDN2_NFC_INPUT converts to NFC before toASCII conversion
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Since IDN2_NONTRANSITIONAL implicitly does NFC conversion, we don't need
|
|
Packit Service |
4684c1 |
* the additional IDN2_NFC_INPUT. But just for the unlikely case that the linked
|
|
Packit Service |
4684c1 |
* library is not matching the headers when building and it doesn't support TR46,
|
|
Packit Service |
4684c1 |
* we provide IDN2_NFC_INPUT.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Without IDN2_USE_STD3_ASCII_RULES, the result could contain any ASCII characters,
|
|
Packit Service |
4684c1 |
* e.g. 'evil.c\u2100.example.com' will be converted into
|
|
Packit Service |
4684c1 |
* 'evil.ca/c.example.com', which seems no good idea. */
|
|
Packit Service |
4684c1 |
idn2_flags |= IDN2_NONTRANSITIONAL | IDN2_USE_STD3_ASCII_RULES;
|
|
Packit Service |
4684c1 |
idn2_tflags |= IDN2_TRANSITIONAL | IDN2_USE_STD3_ASCII_RULES;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (ilen == 0) {
|
|
Packit Service |
4684c1 |
out->data = (uint8_t*)gnutls_strdup("");
|
|
Packit Service |
4684c1 |
out->size = 0;
|
|
Packit Service |
4684c1 |
if (out->data == NULL)
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (_gnutls_str_is_print(input, ilen)) {
|
|
Packit Service |
4684c1 |
return _gnutls_set_strdatum(out, input, ilen);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = _gnutls_set_strdatum(&istr, input, ilen);
|
|
Packit Service |
4684c1 |
if (ret < 0) {
|
|
Packit Service |
4684c1 |
gnutls_assert();
|
|
Packit Service |
4684c1 |
return ret;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
rc = idn2_to_ascii_8z((ICAST*)istr.data, (ICAST**)&idna, idn2_flags);
|
|
Packit Service |
4684c1 |
if (rc == IDN2_DISALLOWED && !(flags & GNUTLS_IDNA_FORCE_2008))
|
|
Packit Service |
4684c1 |
rc = idn2_to_ascii_8z((ICAST*)istr.data, (ICAST**)&idna, idn2_tflags);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (rc != IDN2_OK) {
|
|
Packit Service |
4684c1 |
gnutls_assert();
|
|
Packit Service |
4684c1 |
idna = NULL; /* in case idn2_lookup_u8 modifies &idna */
|
|
Packit Service |
4684c1 |
_gnutls_debug_log("unable to convert name '%s' to IDNA format: %s\n", istr.data, idn2_strerror(rc));
|
|
Packit Service |
4684c1 |
ret = GNUTLS_E_INVALID_UTF8_STRING;
|
|
Packit Service |
4684c1 |
goto fail;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (gnutls_free != idn2_free) {
|
|
Packit Service |
4684c1 |
ret = _gnutls_set_strdatum(out, idna, strlen(idna));
|
|
Packit Service |
4684c1 |
} else {
|
|
Packit Service |
4684c1 |
out->data = (unsigned char*)idna;
|
|
Packit Service |
4684c1 |
out->size = strlen(idna);
|
|
Packit Service |
4684c1 |
idna = NULL;
|
|
Packit Service |
4684c1 |
ret = 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
fail:
|
|
Packit Service |
4684c1 |
idn2_free(idna);
|
|
Packit Service |
4684c1 |
gnutls_free(istr.data);
|
|
Packit Service |
4684c1 |
return ret;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/**
|
|
Packit Service |
4684c1 |
* gnutls_idna_reverse_map:
|
|
Packit Service |
4684c1 |
* @input: contain the ACE (IDNA) formatted domain name
|
|
Packit Service |
4684c1 |
* @ilen: the length of the provided string
|
|
Packit Service |
4684c1 |
* @out: the result in an null-terminated allocated UTF-8 string
|
|
Packit Service |
4684c1 |
* @flags: should be zero
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* This function will convert an ACE (ASCII-encoded) domain name to a UTF-8 domain name.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* If GnuTLS is compiled without IDNA support, then this function
|
|
Packit Service |
4684c1 |
* will return %GNUTLS_E_UNIMPLEMENTED_FEATURE.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Note also, that this function will return an empty string if an
|
|
Packit Service |
4684c1 |
* empty string is provided as input.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Returns: A negative error code on error, or 0 on success.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Since: 3.5.8
|
|
Packit Service |
4684c1 |
**/
|
|
Packit Service |
4684c1 |
int gnutls_idna_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
char *u8 = NULL;
|
|
Packit Service |
4684c1 |
int rc, ret;
|
|
Packit Service |
4684c1 |
gnutls_datum_t istr;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (ilen == 0) {
|
|
Packit Service |
4684c1 |
out->data = (uint8_t*)gnutls_strdup("");
|
|
Packit Service |
4684c1 |
out->size = 0;
|
|
Packit Service |
4684c1 |
if (out->data == NULL)
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = _gnutls_set_strdatum(&istr, input, ilen);
|
|
Packit Service |
4684c1 |
if (ret < 0) {
|
|
Packit Service |
4684c1 |
gnutls_assert();
|
|
Packit Service |
4684c1 |
return ret;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* currently libidn2 just converts single labels, thus a wrapper function */
|
|
Packit Service |
4684c1 |
rc = idn2_to_unicode_8z8z((char*)istr.data, &u8, 0);
|
|
Packit Service |
4684c1 |
if (rc != IDN2_OK) {
|
|
Packit Service |
4684c1 |
gnutls_assert();
|
|
Packit Service |
4684c1 |
_gnutls_debug_log("unable to convert ACE name '%s' to UTF-8 format: %s\n", istr.data, idn2_strerror(rc));
|
|
Packit Service |
4684c1 |
ret = GNUTLS_E_INVALID_UTF8_STRING;
|
|
Packit Service |
4684c1 |
goto fail;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (gnutls_malloc != malloc) {
|
|
Packit Service |
4684c1 |
ret = _gnutls_set_strdatum(out, u8, strlen(u8));
|
|
Packit Service |
4684c1 |
} else {
|
|
Packit Service |
4684c1 |
out->data = (unsigned char*)u8;
|
|
Packit Service |
4684c1 |
out->size = strlen(u8);
|
|
Packit Service |
4684c1 |
u8 = NULL;
|
|
Packit Service |
4684c1 |
ret = 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
fail:
|
|
Packit Service |
4684c1 |
idn2_free(u8);
|
|
Packit Service |
4684c1 |
gnutls_free(istr.data);
|
|
Packit Service |
4684c1 |
return ret;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#else /* no HAVE_LIBIDN2 */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
# undef gnutls_idna_map
|
|
Packit Service |
4684c1 |
int gnutls_idna_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
if (!_gnutls_str_is_print(input, ilen)) {
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return _gnutls_set_strdatum(out, input, ilen);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int gnutls_idna_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsigned flags)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
#endif /* HAVE_LIBIDN2 */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int _gnutls_idna_email_map(const char *input, unsigned ilen, gnutls_datum_t *output)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
const char *p = input;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
while(*p != 0 && *p != '@') {
|
|
Packit Service |
4684c1 |
if (!c_isprint(*p))
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
|
|
Packit Service |
4684c1 |
p++;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (_gnutls_str_is_print(input, ilen)) {
|
|
Packit Service |
4684c1 |
return _gnutls_set_strdatum(output, input, ilen);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (*p == '@') {
|
|
Packit Service |
4684c1 |
unsigned name_part = p-input;
|
|
Packit Service |
4684c1 |
int ret;
|
|
Packit Service |
4684c1 |
gnutls_datum_t domain;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_idna_map(p+1, ilen-name_part-1, &domain, 0);
|
|
Packit Service |
4684c1 |
if (ret < 0)
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(ret);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
output->data = gnutls_malloc(name_part+1+domain.size+1);
|
|
Packit Service |
4684c1 |
if (output->data == NULL) {
|
|
Packit Service |
4684c1 |
gnutls_free(domain.data);
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
memcpy(output->data, input, name_part);
|
|
Packit Service |
4684c1 |
output->data[name_part] = '@';
|
|
Packit Service |
4684c1 |
memcpy(&output->data[name_part+1], domain.data, domain.size);
|
|
Packit Service |
4684c1 |
output->data[name_part+domain.size+1] = 0;
|
|
Packit Service |
4684c1 |
output->size = name_part+domain.size+1;
|
|
Packit Service |
4684c1 |
gnutls_free(domain.data);
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
} else {
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int _gnutls_idna_email_reverse_map(const char *input, unsigned ilen, gnutls_datum_t *output)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
const char *p = input;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
while(*p != 0 && *p != '@') {
|
|
Packit Service |
4684c1 |
if (!c_isprint(*p))
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
|
|
Packit Service |
4684c1 |
p++;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (*p == '@') {
|
|
Packit Service |
4684c1 |
unsigned name_part = p-input;
|
|
Packit Service |
4684c1 |
int ret;
|
|
Packit Service |
4684c1 |
gnutls_datum_t domain;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_idna_reverse_map(p+1, ilen-name_part-1, &domain, 0);
|
|
Packit Service |
4684c1 |
if (ret < 0)
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(ret);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
output->data = gnutls_malloc(name_part+1+domain.size+1);
|
|
Packit Service |
4684c1 |
if (output->data == NULL) {
|
|
Packit Service |
4684c1 |
gnutls_free(domain.data);
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
memcpy(output->data, input, name_part);
|
|
Packit Service |
4684c1 |
output->data[name_part] = '@';
|
|
Packit Service |
4684c1 |
memcpy(&output->data[name_part+1], domain.data, domain.size);
|
|
Packit Service |
4684c1 |
output->data[name_part+domain.size+1] = 0;
|
|
Packit Service |
4684c1 |
output->size = name_part+domain.size+1;
|
|
Packit Service |
4684c1 |
gnutls_free(domain.data);
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
} else {
|
|
Packit Service |
4684c1 |
return gnutls_assert_val(GNUTLS_E_INVALID_UTF8_EMAIL);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
}
|