_gnutls_hostname_compare: toupper vs. c_toupper
Simon Josefsson
simon at josefsson.org
Fri May 20 22:48:04 CEST 2011
Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:
> On 05/03/2011 10:53 PM, Kalle Olavi Niemitalo wrote:
>> In GnuTLS 2.8.6 and 2.10.5, _gnutls_hostname_compare uses toupper
>> on the characters of the hostname:
>>
>> /* find the first different character */
>> for (; *certname && *hostname && toupper (*certname) == toupper (*hostname);
>> certname++, hostname++, certnamesize--)
>> ;
>> I suspect this should be c_toupper instead, so that 'i' matches
>> 'I' in hostnames even in a Turkish (or is that Turkic?) locale.
>
> You're right. This however makes it apparent that
> gnutls_x509_crt_check_hostname() does not really support
> internationalized DNS names...
I think that is intentional -- it is IDN unaware domain name slot, and
hence should only contain a ASCII domain.
/Simon
More information about the Gnutls-devel
mailing list