diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-04-29 14:00:24 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-04-30 13:08:44 +0200 |
commit | e08ecf8b277b1f2afc513777ddb06cf7107fe89e (patch) | |
tree | e838bb10922229abf277d5765c03f5cdb9512a29 /lib | |
parent | 553906ba264c591ca947983fc2f3c083fb818eb4 (diff) | |
download | gnutls-e08ecf8b277b1f2afc513777ddb06cf7107fe89e.tar.gz |
gnutls_idna_map: fallback to IDNA2008 transitional encoding on failure
This aligns with the behavior of firefox, which maps to IDNA2008, and
fallbacks to IDNA2003 if that fails (e.g., mapping doesn't exist).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/str-idna.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/str-idna.c b/lib/str-idna.c index 518e26f317..aa3110ea58 100644 --- a/lib/str-idna.c +++ b/lib/str-idna.c @@ -101,9 +101,15 @@ int gnutls_idna_map(const char *input, unsigned ilen, gnutls_datum_t *out, unsig * Since IDN2_NONTRANSITIONAL implicitely does NFC conversion, we don't need * the additional IDN2_NFC_INPUT. But just for the unlikely case that the linked * library is not matching the headers when building and it doesn't support TR46, - * we provide IDN2_NFC_INPUT. */ + * we provide IDN2_NFC_INPUT. + * + * The reason we fallback to transitional encoding on disallowed characters is + * to support domains which existed in IDNA2003, but were invalid with IDNA2008. + */ rc = idn2_lookup_u8((uint8_t *)istr.data, (uint8_t **)&idna, IDN2_NFC_INPUT | IDN2_NONTRANSITIONAL); + if (rc == IDN2_DISALLOWED && !(flags & GNUTLS_IDNA_FORCE_2008)) + rc = idn2_lookup_u8((uint8_t *)istr.data, (uint8_t **)&idna, IDN2_NFC_INPUT | IDN2_TRANSITIONAL); # else rc = idn2_lookup_u8((uint8_t *)istr.data, (uint8_t **)&idna, IDN2_NFC_INPUT); # endif |