summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJaakko Keränen <jaakko.keranen@iki.fi>2021-03-14 08:50:14 +0200
committerJaakko Keränen <jaakko.keranen@iki.fi>2021-03-14 08:50:14 +0200
commit161b6290df993a852bf9acc2c6a671426bd23131 (patch)
tree386e355c2ce10b174b4b69a2ad3ff707a194743e /src
parent1613dd953fb8ad79d2d2b1e1a7181ec3c5704a70 (diff)
Punycode domains when setting trust
Diffstat (limited to 'src')
-rw-r--r--src/gmcerts.c4
-rw-r--r--src/gmutil.c50
-rw-r--r--src/gmutil.h3
3 files changed, 31 insertions, 26 deletions
diff --git a/src/gmcerts.c b/src/gmcerts.c
index cf4d7d2d..6a1ba98c 100644
--- a/src/gmcerts.c
+++ b/src/gmcerts.c
@@ -21,6 +21,7 @@ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
21SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ 21SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
22 22
23#include "gmcerts.h" 23#include "gmcerts.h"
24#include "gmutil.h"
24#include "defs.h" 25#include "defs.h"
25 26
26#include <the_Foundation/file.h> 27#include <the_Foundation/file.h>
@@ -420,7 +421,8 @@ iBool checkTrust_GmCerts(iGmCerts *d, iRangecc domain, const iTlsCertificate *ce
420 421
421void setTrusted_GmCerts(iGmCerts *d, iRangecc domain, const iBlock *fingerprint, 422void setTrusted_GmCerts(iGmCerts *d, iRangecc domain, const iBlock *fingerprint,
422 const iDate *validUntil) { 423 const iDate *validUntil) {
423 iString *key = collect_String(newRange_String(domain)); 424 iString *key = collectNew_String();
425 punyEncodeDomain_Rangecc(domain, key);
424 lock_Mutex(d->mtx); 426 lock_Mutex(d->mtx);
425 iTrustEntry *trust = value_StringHash(d->trusted, key); 427 iTrustEntry *trust = value_StringHash(d->trusted, key);
426 if (trust) { 428 if (trust) {
diff --git a/src/gmutil.c b/src/gmutil.c
index e3121b1f..ed6ef551 100644
--- a/src/gmutil.c
+++ b/src/gmutil.c
@@ -331,36 +331,38 @@ static iBool equalPuny_(const iString *d, iRangecc orig) {
331 return iCmpStrN(cstr_String(d), orig.start, size_Range(&orig)) == 0; 331 return iCmpStrN(cstr_String(d), orig.start, size_Range(&orig)) == 0;
332} 332}
333 333
334void punyEncodeUrlHost_String(iString *d) { 334void punyEncodeDomain_Rangecc(iRangecc domain, iString *encoded_out) {
335 /* `d` should be an absolute URL. */ 335 /* The domain name needs to be split into labels. */
336 iRangecc label = iNullRange;
337 iBool isFirst = iTrue;
338 while (nextSplit_Rangecc(domain, ".", &label)) {
339 if (!isFirst) {
340 appendChar_String(encoded_out, '.');
341 }
342 isFirst = iFalse;
343 iString *puny = punyEncode_Rangecc(label);
344 if (!isEmpty_String(puny) && !equalPuny_(puny, label)) {
345 appendCStr_String(encoded_out, "xn--");
346 append_String(encoded_out, puny);
347 }
348 else {
349 appendRange_String(encoded_out, label);
350 }
351 delete_String(puny);
352 }
353}
354
355void punyEncodeUrlHost_String(iString *absoluteUrl) {
336 iUrl url; 356 iUrl url;
337 init_Url(&url, d); 357 init_Url(&url, absoluteUrl);
338 if (isEmpty_Range(&url.host)) { 358 if (isEmpty_Range(&url.host)) {
339 return; 359 return;
340 } 360 }
341 iString *encoded = new_String(); 361 iString *encoded = new_String();
342 setRange_String(encoded, (iRangecc){ url.scheme.start, url.host.start }); 362 setRange_String(encoded, (iRangecc){ url.scheme.start, url.host.start });
343 /* The domain name needs to be split into labels. */ { 363 punyEncodeDomain_Rangecc(url.host, encoded);
344 iRangecc label = iNullRange; 364 appendRange_String(encoded, (iRangecc){ url.host.end, constEnd_String(absoluteUrl) });
345 iBool isFirst = iTrue; 365 set_String(absoluteUrl, encoded);
346 while (nextSplit_Rangecc(url.host, ".", &label)) {
347 if (!isFirst) {
348 appendChar_String(encoded, '.');
349 }
350 isFirst = iFalse;
351 iString *puny = punyEncode_Rangecc(label);
352 if (!isEmpty_String(puny) && !equalPuny_(puny, label)) {
353 appendCStr_String(encoded, "xn--");
354 append_String(encoded, puny);
355 }
356 else {
357 appendRange_String(encoded, label);
358 }
359 delete_String(puny);
360 }
361 }
362 appendRange_String(encoded, (iRangecc){ url.host.end, constEnd_String(d) });
363 set_String(d, encoded);
364 delete_String(encoded); 366 delete_String(encoded);
365} 367}
366 368
diff --git a/src/gmutil.h b/src/gmutil.h
index b2cee61a..64c015b8 100644
--- a/src/gmutil.h
+++ b/src/gmutil.h
@@ -107,7 +107,8 @@ iRangecc urlUser_String (const iString *);
107iRangecc urlRoot_String (const iString *); 107iRangecc urlRoot_String (const iString *);
108const iString * absoluteUrl_String (const iString *, const iString *urlMaybeRelative); 108const iString * absoluteUrl_String (const iString *, const iString *urlMaybeRelative);
109iBool isLikelyUrl_String (const iString *); 109iBool isLikelyUrl_String (const iString *);
110void punyEncodeUrlHost_String(iString *); 110void punyEncodeDomain_Rangecc(iRangecc domain, iString *encoded_out);
111void punyEncodeUrlHost_String(iString *absoluteUrl);
111void stripDefaultUrlPort_String(iString *); 112void stripDefaultUrlPort_String(iString *);
112const iString * urlFragmentStripped_String(const iString *); 113const iString * urlFragmentStripped_String(const iString *);
113void urlDecodePath_String (iString *); 114void urlDecodePath_String (iString *);
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-27 21:11:52 +0000