diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-11-23 13:12:08 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-11-23 15:02:21 +0100 |
| commit | 86392e5115bb8629b67dbd535359bbc6df30460d (patch) | |
| tree | 99eb821d060a081ef03a0938e30fb41aaa827fe0 /lib/x509/email-verify.c | |
| parent | f8ca14a1b0b6164be9ff03a3e69f77f0777b3d6d (diff) | |
| download | gnutls-86392e5115bb8629b67dbd535359bbc6df30460d.tar.gz | |
IDNA code re-organization
That introduces the internal function gnutls_idna_map(), which
utilizes libidn and libunistring to convert hostnames to IDNA ACE
form.
Diffstat (limited to 'lib/x509/email-verify.c')
| -rw-r--r-- | lib/x509/email-verify.c | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/lib/x509/email-verify.c b/lib/x509/email-verify.c index e6a3b1773c..a96d5ca192 100644 --- a/lib/x509/email-verify.c +++ b/lib/x509/email-verify.c @@ -25,7 +25,6 @@ #include <common.h> #include "errors.h" #include <system.h> -#include <gnutls-idna.h> static int has_embedded_null(const char *str, unsigned size) { @@ -52,16 +51,19 @@ gnutls_x509_crt_check_email(gnutls_x509_crt_t cert, char rfc822name[MAX_CN]; size_t rfc822namesize; int found_rfc822name = 0; - int ret = 0, rc; + int ret = 0; int i = 0; char *a_email; char *a_rfc822name; + gnutls_datum_t out; /* convert the provided email to ACE-Labels domain. */ - rc = idna_to_ascii_8z (email, &a_email, 0); - if (rc != IDNA_SUCCESS) { - _gnutls_debug_log("unable to convert email %s to IDNA format: %s\n", email, idna_strerror (rc)); + ret = gnutls_idna_map(email, strlen(email), &out, 0); + if (ret < 0) { + _gnutls_debug_log("unable to convert email %s to IDNA format\n", email); a_email = (char*)email; + } else { + a_email = (char*)out.data; } /* try matching against: @@ -92,14 +94,16 @@ gnutls_x509_crt_check_email(gnutls_x509_crt_t cert, continue; } - rc = idna_to_ascii_8z (rfc822name, &a_rfc822name, 0); - if (rc != IDNA_SUCCESS) { - _gnutls_debug_log("unable to convert rfc822name %s to IDNA format: %s\n", rfc822name, idna_strerror (rc)); + ret = gnutls_idna_map(rfc822name, rfc822namesize, &out, 0); + if (ret < 0) { + _gnutls_debug_log("unable to convert rfc822name %s to IDNA format\n", rfc822name); continue; } + a_rfc822name = (char*)out.data; + ret = _gnutls_hostname_compare(a_rfc822name, strlen(a_rfc822name), a_email, GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS); - idn_free(a_rfc822name); + gnutls_free(a_rfc822name); if (ret != 0) { ret = 1; @@ -138,16 +142,18 @@ gnutls_x509_crt_check_email(gnutls_x509_crt_t cert, goto cleanup; } - rc = idna_to_ascii_8z (rfc822name, &a_rfc822name, 0); - if (rc != IDNA_SUCCESS) { - _gnutls_debug_log("unable to convert EMAIL %s to IDNA format: %s\n", rfc822name, idna_strerror (rc)); + ret = gnutls_idna_map (rfc822name, rfc822namesize, &out, 0); + if (ret < 0) { + _gnutls_debug_log("unable to convert EMAIL %s to IDNA format\n", rfc822name); ret = 0; goto cleanup; } + a_rfc822name = (char*)out.data; + ret = _gnutls_hostname_compare(a_rfc822name, strlen(a_rfc822name), a_email, GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS); - idn_free(a_rfc822name); + gnutls_free(a_rfc822name); if (ret != 0) { ret = 1; @@ -160,7 +166,7 @@ gnutls_x509_crt_check_email(gnutls_x509_crt_t cert, ret = 0; cleanup: if (a_email != email) { - idn_free(a_email); + gnutls_free(a_email); } return ret; } |