1 /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
2
3 /* GLIB - Library of useful routines for C programming
4 * Copyright (C) 2008 Red Hat, Inc.
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General
17 * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "config.h"
21 #include "glibconfig.h"
22
23 #include <string.h>
24
25 #ifdef G_OS_UNIX
26 #include <unistd.h>
27 #endif
28
29 #include "ghostutils.h"
30
31 #include "garray.h"
32 #include "gmem.h"
33 #include "gstring.h"
34 #include "gstrfuncs.h"
35 #include "glibintl.h"
36
37 #ifdef G_PLATFORM_WIN32
38 #include <windows.h>
39 #endif
40
41
42 /**
43 * SECTION:ghostutils
44 * @short_description: Internet hostname utilities
45 *
46 * Functions for manipulating internet hostnames; in particular, for
47 * converting between Unicode and ASCII-encoded forms of
48 * Internationalized Domain Names (IDNs).
49 *
50 * The
51 * [Internationalized Domain Names for Applications (IDNA)](http://www.ietf.org/rfc/rfc3490.txt)
52 * standards allow for the use
53 * of Unicode domain names in applications, while providing
54 * backward-compatibility with the old ASCII-only DNS, by defining an
55 * ASCII-Compatible Encoding of any given Unicode name, which can be
56 * used with non-IDN-aware applications and protocols. (For example,
57 * "Παν語.org" maps to "xn--4wa8awb4637h.org".)
58 **/
59
60 #define IDNA_ACE_PREFIX "xn--"
61 #define IDNA_ACE_PREFIX_LEN 4
62
63 /* Punycode constants, from RFC 3492. */
64
65 #define PUNYCODE_BASE 36
66 #define PUNYCODE_TMIN 1
67 #define PUNYCODE_TMAX 26
68 #define PUNYCODE_SKEW 38
69 #define PUNYCODE_DAMP 700
70 #define PUNYCODE_INITIAL_BIAS 72
71 #define PUNYCODE_INITIAL_N 0x80
72
73 #define PUNYCODE_IS_BASIC(cp) ((guint)(cp) < 0x80)
74
75 /* Encode/decode a single base-36 digit */
76 static inline gchar
encode_digit(guint dig)77 encode_digit (guint dig)
78 {
79 if (dig < 26)
80 return dig + 'a';
81 else
82 return dig - 26 + '0';
83 }
84
85 static inline guint
decode_digit(gchar dig)86 decode_digit (gchar dig)
87 {
88 if (dig >= 'A' && dig <= 'Z')
89 return dig - 'A';
90 else if (dig >= 'a' && dig <= 'z')
91 return dig - 'a';
92 else if (dig >= '0' && dig <= '9')
93 return dig - '0' + 26;
94 else
95 return G_MAXUINT;
96 }
97
98 /* Punycode bias adaptation algorithm, RFC 3492 section 6.1 */
99 static guint
adapt(guint delta,guint numpoints,gboolean firsttime)100 adapt (guint delta,
101 guint numpoints,
102 gboolean firsttime)
103 {
104 guint k;
105
106 delta = firsttime ? delta / PUNYCODE_DAMP : delta / 2;
107 delta += delta / numpoints;
108
109 k = 0;
110 while (delta > ((PUNYCODE_BASE - PUNYCODE_TMIN) * PUNYCODE_TMAX) / 2)
111 {
112 delta /= PUNYCODE_BASE - PUNYCODE_TMIN;
113 k += PUNYCODE_BASE;
114 }
115
116 return k + ((PUNYCODE_BASE - PUNYCODE_TMIN + 1) * delta /
117 (delta + PUNYCODE_SKEW));
118 }
119
120 /* Punycode encoder, RFC 3492 section 6.3. The algorithm is
121 * sufficiently bizarre that it's not really worth trying to explain
122 * here.
123 */
124 static gboolean
punycode_encode(const gchar * input_utf8,gsize input_utf8_length,GString * output)125 punycode_encode (const gchar *input_utf8,
126 gsize input_utf8_length,
127 GString *output)
128 {
129 guint delta, handled_chars, num_basic_chars, bias, j, q, k, t, digit;
130 gunichar n, m, *input;
131 glong input_length;
132 gboolean success = FALSE;
133
134 /* Convert from UTF-8 to Unicode code points */
135 input = g_utf8_to_ucs4 (input_utf8, input_utf8_length, NULL,
136 &input_length, NULL);
137 if (!input)
138 return FALSE;
139
140 /* Copy basic chars */
141 for (j = num_basic_chars = 0; j < input_length; j++)
142 {
143 if (PUNYCODE_IS_BASIC (input[j]))
144 {
145 g_string_append_c (output, g_ascii_tolower (input[j]));
146 num_basic_chars++;
147 }
148 }
149 if (num_basic_chars)
150 g_string_append_c (output, '-');
151
152 handled_chars = num_basic_chars;
153
154 /* Encode non-basic chars */
155 delta = 0;
156 bias = PUNYCODE_INITIAL_BIAS;
157 n = PUNYCODE_INITIAL_N;
158 while (handled_chars < input_length)
159 {
160 /* let m = the minimum {non-basic} code point >= n in the input */
161 for (m = G_MAXUINT, j = 0; j < input_length; j++)
162 {
163 if (input[j] >= n && input[j] < m)
164 m = input[j];
165 }
166
167 if (m - n > (G_MAXUINT - delta) / (handled_chars + 1))
168 goto fail;
169 delta += (m - n) * (handled_chars + 1);
170 n = m;
171
172 for (j = 0; j < input_length; j++)
173 {
174 if (input[j] < n)
175 {
176 if (++delta == 0)
177 goto fail;
178 }
179 else if (input[j] == n)
180 {
181 q = delta;
182 for (k = PUNYCODE_BASE; ; k += PUNYCODE_BASE)
183 {
184 if (k <= bias)
185 t = PUNYCODE_TMIN;
186 else if (k >= bias + PUNYCODE_TMAX)
187 t = PUNYCODE_TMAX;
188 else
189 t = k - bias;
190 if (q < t)
191 break;
192 digit = t + (q - t) % (PUNYCODE_BASE - t);
193 g_string_append_c (output, encode_digit (digit));
194 q = (q - t) / (PUNYCODE_BASE - t);
195 }
196
197 g_string_append_c (output, encode_digit (q));
198 bias = adapt (delta, handled_chars + 1, handled_chars == num_basic_chars);
199 delta = 0;
200 handled_chars++;
201 }
202 }
203
204 delta++;
205 n++;
206 }
207
208 success = TRUE;
209
210 fail:
211 g_free (input);
212 return success;
213 }
214
215 /* From RFC 3454, Table B.1 */
216 #define idna_is_junk(ch) ((ch) == 0x00AD || (ch) == 0x1806 || (ch) == 0x200B || (ch) == 0x2060 || (ch) == 0xFEFF || (ch) == 0x034F || (ch) == 0x180B || (ch) == 0x180C || (ch) == 0x180D || (ch) == 0x200C || (ch) == 0x200D || ((ch) >= 0xFE00 && (ch) <= 0xFE0F))
217
218 /* Scan @str for "junk" and return a cleaned-up string if any junk
219 * is found. Else return %NULL.
220 */
221 static gchar *
remove_junk(const gchar * str,gint len)222 remove_junk (const gchar *str,
223 gint len)
224 {
225 GString *cleaned = NULL;
226 const gchar *p;
227 gunichar ch;
228
229 for (p = str; len == -1 ? *p : p < str + len; p = g_utf8_next_char (p))
230 {
231 ch = g_utf8_get_char (p);
232 if (idna_is_junk (ch))
233 {
234 if (!cleaned)
235 {
236 cleaned = g_string_new (NULL);
237 g_string_append_len (cleaned, str, p - str);
238 }
239 }
240 else if (cleaned)
241 g_string_append_unichar (cleaned, ch);
242 }
243
244 if (cleaned)
245 return g_string_free (cleaned, FALSE);
246 else
247 return NULL;
248 }
249
250 static inline gboolean
contains_uppercase_letters(const gchar * str,gint len)251 contains_uppercase_letters (const gchar *str,
252 gint len)
253 {
254 const gchar *p;
255
256 for (p = str; len == -1 ? *p : p < str + len; p = g_utf8_next_char (p))
257 {
258 if (g_unichar_isupper (g_utf8_get_char (p)))
259 return TRUE;
260 }
261 return FALSE;
262 }
263
264 static inline gboolean
contains_non_ascii(const gchar * str,gint len)265 contains_non_ascii (const gchar *str,
266 gint len)
267 {
268 const gchar *p;
269
270 for (p = str; len == -1 ? *p : p < str + len; p++)
271 {
272 if ((guchar)*p > 0x80)
273 return TRUE;
274 }
275 return FALSE;
276 }
277
278 /* RFC 3454, Appendix C. ish. */
279 static inline gboolean
idna_is_prohibited(gunichar ch)280 idna_is_prohibited (gunichar ch)
281 {
282 switch (g_unichar_type (ch))
283 {
284 case G_UNICODE_CONTROL:
285 case G_UNICODE_FORMAT:
286 case G_UNICODE_UNASSIGNED:
287 case G_UNICODE_PRIVATE_USE:
288 case G_UNICODE_SURROGATE:
289 case G_UNICODE_LINE_SEPARATOR:
290 case G_UNICODE_PARAGRAPH_SEPARATOR:
291 case G_UNICODE_SPACE_SEPARATOR:
292 return TRUE;
293
294 case G_UNICODE_OTHER_SYMBOL:
295 if (ch == 0xFFFC || ch == 0xFFFD ||
296 (ch >= 0x2FF0 && ch <= 0x2FFB))
297 return TRUE;
298 return FALSE;
299
300 case G_UNICODE_NON_SPACING_MARK:
301 if (ch == 0x0340 || ch == 0x0341)
302 return TRUE;
303 return FALSE;
304
305 default:
306 return FALSE;
307 }
308 }
309
310 /* RFC 3491 IDN cleanup algorithm. */
311 static gchar *
nameprep(const gchar * hostname,gint len,gboolean * is_unicode)312 nameprep (const gchar *hostname,
313 gint len,
314 gboolean *is_unicode)
315 {
316 gchar *name, *tmp = NULL, *p;
317
318 /* It would be nice if we could do this without repeatedly
319 * allocating strings and converting back and forth between
320 * gunichars and UTF-8... The code does at least avoid doing most of
321 * the sub-operations when they would just be equivalent to a
322 * g_strdup().
323 */
324
325 /* Remove presentation-only characters */
326 name = remove_junk (hostname, len);
327 if (name)
328 {
329 tmp = name;
330 len = -1;
331 }
332 else
333 name = (gchar *)hostname;
334
335 /* Convert to lowercase */
336 if (contains_uppercase_letters (name, len))
337 {
338 name = g_utf8_strdown (name, len);
339 g_free (tmp);
340 tmp = name;
341 len = -1;
342 }
343
344 /* If there are no UTF8 characters, we're done. */
345 if (!contains_non_ascii (name, len))
346 {
347 *is_unicode = FALSE;
348 if (name == (gchar *)hostname)
349 return len == -1 ? g_strdup (hostname) : g_strndup (hostname, len);
350 else
351 return name;
352 }
353
354 *is_unicode = TRUE;
355
356 /* Normalize */
357 name = g_utf8_normalize (name, len, G_NORMALIZE_NFKC);
358 g_free (tmp);
359 tmp = name;
360
361 if (!name)
362 return NULL;
363
364 /* KC normalization may have created more capital letters (eg,
365 * angstrom -> capital A with ring). So we have to lowercasify a
366 * second time. (This is more-or-less how the nameprep algorithm
367 * does it. If tolower(nfkc(tolower(X))) is guaranteed to be the
368 * same as tolower(nfkc(X)), then we could skip the first tolower,
369 * but I'm not sure it is.)
370 */
371 if (contains_uppercase_letters (name, -1))
372 {
373 name = g_utf8_strdown (name, -1);
374 g_free (tmp);
375 tmp = name;
376 }
377
378 /* Check for prohibited characters */
379 for (p = name; *p; p = g_utf8_next_char (p))
380 {
381 if (idna_is_prohibited (g_utf8_get_char (p)))
382 {
383 name = NULL;
384 g_free (tmp);
385 goto done;
386 }
387 }
388
389 /* FIXME: We're supposed to verify certain constraints on bidi
390 * characters, but glib does not appear to have that information.
391 */
392
393 done:
394 return name;
395 }
396
397 /* RFC 3490, section 3.1 says '.', 0x3002, 0xFF0E, and 0xFF61 count as
398 * label-separating dots. @str must be '\0'-terminated.
399 */
400 #define idna_is_dot(str) ( \
401 ((guchar)(str)[0] == '.') || \
402 ((guchar)(str)[0] == 0xE3 && (guchar)(str)[1] == 0x80 && (guchar)(str)[2] == 0x82) || \
403 ((guchar)(str)[0] == 0xEF && (guchar)(str)[1] == 0xBC && (guchar)(str)[2] == 0x8E) || \
404 ((guchar)(str)[0] == 0xEF && (guchar)(str)[1] == 0xBD && (guchar)(str)[2] == 0xA1) )
405
406 static const gchar *
idna_end_of_label(const gchar * str)407 idna_end_of_label (const gchar *str)
408 {
409 for (; *str; str = g_utf8_next_char (str))
410 {
411 if (idna_is_dot (str))
412 return str;
413 }
414 return str;
415 }
416
417 static gsize
get_hostname_max_length_bytes(void)418 get_hostname_max_length_bytes (void)
419 {
420 #if defined(G_OS_WIN32)
421 wchar_t tmp[MAX_COMPUTERNAME_LENGTH];
422 return sizeof (tmp) / sizeof (tmp[0]);
423 #elif defined(_SC_HOST_NAME_MAX)
424 glong max = sysconf (_SC_HOST_NAME_MAX);
425 if (max > 0)
426 return (gsize) max;
427
428 #ifdef HOST_NAME_MAX
429 return HOST_NAME_MAX;
430 #else
431 return _POSIX_HOST_NAME_MAX;
432 #endif /* HOST_NAME_MAX */
433 #else
434 /* Fallback to some reasonable value
435 * See https://stackoverflow.com/questions/8724954/what-is-the-maximum-number-of-characters-for-a-host-name-in-unix/28918017#28918017 */
436 return 255;
437 #endif
438 }
439
440 /* Returns %TRUE if `strlen (str) > comparison_length`, but without actually
441 * running `strlen(str)`, as that would take a very long time for long
442 * (untrusted) input strings. */
443 static gboolean
strlen_greater_than(const gchar * str,gsize comparison_length)444 strlen_greater_than (const gchar *str,
445 gsize comparison_length)
446 {
447 gsize i;
448
449 for (i = 0; str[i] != '\0'; i++)
450 if (i > comparison_length)
451 return TRUE;
452
453 return FALSE;
454 }
455
456 /**
457 * g_hostname_to_ascii:
458 * @hostname: a valid UTF-8 or ASCII hostname
459 *
460 * Converts @hostname to its canonical ASCII form; an ASCII-only
461 * string containing no uppercase letters and not ending with a
462 * trailing dot.
463 *
464 * Returns: (nullable) (transfer full): an ASCII hostname, which must be freed,
465 * or %NULL if @hostname is in some way invalid.
466 *
467 * Since: 2.22
468 **/
469 gchar *
g_hostname_to_ascii(const gchar * hostname)470 g_hostname_to_ascii (const gchar *hostname)
471 {
472 gchar *name, *label, *p;
473 GString *out;
474 gssize llen, oldlen;
475 gboolean unicode;
476 gsize hostname_max_length_bytes = get_hostname_max_length_bytes ();
477
478 /* Do an initial check on the hostname length, as overlong hostnames take a
479 * long time in the IDN cleanup algorithm in nameprep(). The ultimate
480 * restriction is that the IDN-decoded (i.e. pure ASCII) hostname cannot be
481 * longer than 255 bytes. That’s the least restrictive limit on hostname
482 * length of all the ways hostnames can be interpreted. Typically, the
483 * hostname will be an FQDN, which is limited to 253 bytes long. POSIX
484 * hostnames are limited to `get_hostname_max_length_bytes()` (typically 255
485 * bytes).
486 *
487 * See https://stackoverflow.com/a/28918017/2931197
488 *
489 * It’s possible for a hostname to be %-encoded, in which case its decoded
490 * length will be as much as 3× shorter.
491 *
492 * It’s also possible for a hostname to use overlong UTF-8 encodings, in which
493 * case its decoded length will be as much as 4× shorter.
494 *
495 * Note: This check is not intended as an absolute guarantee that a hostname
496 * is the right length and will be accepted by other systems. It’s intended to
497 * stop wildly-invalid hostnames from taking forever in nameprep().
498 */
499 if (hostname_max_length_bytes <= G_MAXSIZE / 4 &&
500 strlen_greater_than (hostname, 4 * MAX (255, hostname_max_length_bytes)))
501 return NULL;
502
503 label = name = nameprep (hostname, -1, &unicode);
504 if (!name || !unicode)
505 return name;
506
507 out = g_string_new (NULL);
508
509 do
510 {
511 unicode = FALSE;
512 for (p = label; *p && !idna_is_dot (p); p++)
513 {
514 if ((guchar)*p > 0x80)
515 unicode = TRUE;
516 }
517
518 oldlen = out->len;
519 llen = p - label;
520 if (unicode)
521 {
522 if (!strncmp (label, IDNA_ACE_PREFIX, IDNA_ACE_PREFIX_LEN))
523 goto fail;
524
525 g_string_append (out, IDNA_ACE_PREFIX);
526 if (!punycode_encode (label, llen, out))
527 goto fail;
528 }
529 else
530 g_string_append_len (out, label, llen);
531
532 if (out->len - oldlen > 63)
533 goto fail;
534
535 label += llen;
536 if (*label)
537 label = g_utf8_next_char (label);
538 if (*label)
539 g_string_append_c (out, '.');
540 }
541 while (*label);
542
543 g_free (name);
544 return g_string_free (out, FALSE);
545
546 fail:
547 g_free (name);
548 g_string_free (out, TRUE);
549 return NULL;
550 }
551
552 /**
553 * g_hostname_is_non_ascii:
554 * @hostname: a hostname
555 *
556 * Tests if @hostname contains Unicode characters. If this returns
557 * %TRUE, you need to encode the hostname with g_hostname_to_ascii()
558 * before using it in non-IDN-aware contexts.
559 *
560 * Note that a hostname might contain a mix of encoded and unencoded
561 * segments, and so it is possible for g_hostname_is_non_ascii() and
562 * g_hostname_is_ascii_encoded() to both return %TRUE for a name.
563 *
564 * Returns: %TRUE if @hostname contains any non-ASCII characters
565 *
566 * Since: 2.22
567 **/
568 gboolean
g_hostname_is_non_ascii(const gchar * hostname)569 g_hostname_is_non_ascii (const gchar *hostname)
570 {
571 return contains_non_ascii (hostname, -1);
572 }
573
574 /* Punycode decoder, RFC 3492 section 6.2. As with punycode_encode(),
575 * read the RFC if you want to understand what this is actually doing.
576 */
577 static gboolean
punycode_decode(const gchar * input,gsize input_length,GString * output)578 punycode_decode (const gchar *input,
579 gsize input_length,
580 GString *output)
581 {
582 GArray *output_chars;
583 gunichar n;
584 guint i, bias;
585 guint oldi, w, k, digit, t;
586 const gchar *split;
587
588 n = PUNYCODE_INITIAL_N;
589 i = 0;
590 bias = PUNYCODE_INITIAL_BIAS;
591
592 split = input + input_length - 1;
593 while (split > input && *split != '-')
594 split--;
595 if (split > input)
596 {
597 output_chars = g_array_sized_new (FALSE, FALSE, sizeof (gunichar),
598 split - input);
599 input_length -= (split - input) + 1;
600 while (input < split)
601 {
602 gunichar ch = (gunichar)*input++;
603 if (!PUNYCODE_IS_BASIC (ch))
604 goto fail;
605 g_array_append_val (output_chars, ch);
606 }
607 input++;
608 }
609 else
610 output_chars = g_array_new (FALSE, FALSE, sizeof (gunichar));
611
612 while (input_length)
613 {
614 oldi = i;
615 w = 1;
616 for (k = PUNYCODE_BASE; ; k += PUNYCODE_BASE)
617 {
618 if (!input_length--)
619 goto fail;
620 digit = decode_digit (*input++);
621 if (digit >= PUNYCODE_BASE)
622 goto fail;
623 if (digit > (G_MAXUINT - i) / w)
624 goto fail;
625 i += digit * w;
626 if (k <= bias)
627 t = PUNYCODE_TMIN;
628 else if (k >= bias + PUNYCODE_TMAX)
629 t = PUNYCODE_TMAX;
630 else
631 t = k - bias;
632 if (digit < t)
633 break;
634 if (w > G_MAXUINT / (PUNYCODE_BASE - t))
635 goto fail;
636 w *= (PUNYCODE_BASE - t);
637 }
638
639 bias = adapt (i - oldi, output_chars->len + 1, oldi == 0);
640
641 if (i / (output_chars->len + 1) > G_MAXUINT - n)
642 goto fail;
643 n += i / (output_chars->len + 1);
644 i %= (output_chars->len + 1);
645
646 g_array_insert_val (output_chars, i++, n);
647 }
648
649 for (i = 0; i < output_chars->len; i++)
650 g_string_append_unichar (output, g_array_index (output_chars, gunichar, i));
651 g_array_free (output_chars, TRUE);
652 return TRUE;
653
654 fail:
655 g_array_free (output_chars, TRUE);
656 return FALSE;
657 }
658
659 /**
660 * g_hostname_to_unicode:
661 * @hostname: a valid UTF-8 or ASCII hostname
662 *
663 * Converts @hostname to its canonical presentation form; a UTF-8
664 * string in Unicode normalization form C, containing no uppercase
665 * letters, no forbidden characters, and no ASCII-encoded segments,
666 * and not ending with a trailing dot.
667 *
668 * Of course if @hostname is not an internationalized hostname, then
669 * the canonical presentation form will be entirely ASCII.
670 *
671 * Returns: (nullable) (transfer full): a UTF-8 hostname, which must be freed,
672 * or %NULL if @hostname is in some way invalid.
673 *
674 * Since: 2.22
675 **/
676 gchar *
g_hostname_to_unicode(const gchar * hostname)677 g_hostname_to_unicode (const gchar *hostname)
678 {
679 GString *out;
680 gssize llen;
681 gsize hostname_max_length_bytes = get_hostname_max_length_bytes ();
682
683 /* See the comment at the top of g_hostname_to_ascii(). */
684 if (hostname_max_length_bytes <= G_MAXSIZE / 4 &&
685 strlen_greater_than (hostname, 4 * MAX (255, hostname_max_length_bytes)))
686 return NULL;
687
688 out = g_string_new (NULL);
689
690 do
691 {
692 llen = idna_end_of_label (hostname) - hostname;
693 if (!g_ascii_strncasecmp (hostname, IDNA_ACE_PREFIX, IDNA_ACE_PREFIX_LEN))
694 {
695 hostname += IDNA_ACE_PREFIX_LEN;
696 llen -= IDNA_ACE_PREFIX_LEN;
697 if (!punycode_decode (hostname, llen, out))
698 {
699 g_string_free (out, TRUE);
700 return NULL;
701 }
702 }
703 else
704 {
705 gboolean unicode;
706 gchar *canonicalized = nameprep (hostname, llen, &unicode);
707
708 if (!canonicalized)
709 {
710 g_string_free (out, TRUE);
711 return NULL;
712 }
713 g_string_append (out, canonicalized);
714 g_free (canonicalized);
715 }
716
717 hostname += llen;
718 if (*hostname)
719 hostname = g_utf8_next_char (hostname);
720 if (*hostname)
721 g_string_append_c (out, '.');
722 }
723 while (*hostname);
724
725 return g_string_free (out, FALSE);
726 }
727
728 /**
729 * g_hostname_is_ascii_encoded:
730 * @hostname: a hostname
731 *
732 * Tests if @hostname contains segments with an ASCII-compatible
733 * encoding of an Internationalized Domain Name. If this returns
734 * %TRUE, you should decode the hostname with g_hostname_to_unicode()
735 * before displaying it to the user.
736 *
737 * Note that a hostname might contain a mix of encoded and unencoded
738 * segments, and so it is possible for g_hostname_is_non_ascii() and
739 * g_hostname_is_ascii_encoded() to both return %TRUE for a name.
740 *
741 * Returns: %TRUE if @hostname contains any ASCII-encoded
742 * segments.
743 *
744 * Since: 2.22
745 **/
746 gboolean
g_hostname_is_ascii_encoded(const gchar * hostname)747 g_hostname_is_ascii_encoded (const gchar *hostname)
748 {
749 while (1)
750 {
751 if (!g_ascii_strncasecmp (hostname, IDNA_ACE_PREFIX, IDNA_ACE_PREFIX_LEN))
752 return TRUE;
753 hostname = idna_end_of_label (hostname);
754 if (*hostname)
755 hostname = g_utf8_next_char (hostname);
756 if (!*hostname)
757 return FALSE;
758 }
759 }
760
761 /**
762 * g_hostname_is_ip_address:
763 * @hostname: a hostname (or IP address in string form)
764 *
765 * Tests if @hostname is the string form of an IPv4 or IPv6 address.
766 * (Eg, "192.168.0.1".)
767 *
768 * Since 2.66, IPv6 addresses with a zone-id are accepted (RFC6874).
769 *
770 * Returns: %TRUE if @hostname is an IP address
771 *
772 * Since: 2.22
773 **/
774 gboolean
g_hostname_is_ip_address(const gchar * hostname)775 g_hostname_is_ip_address (const gchar *hostname)
776 {
777 gchar *p, *end;
778 gint nsegments, octet;
779
780 /* On Linux we could implement this using inet_pton, but the Windows
781 * equivalent of that requires linking against winsock, so we just
782 * figure this out ourselves. Tested by tests/hostutils.c.
783 */
784
785 p = (char *)hostname;
786
787 if (strchr (p, ':'))
788 {
789 gboolean skipped;
790
791 /* If it contains a ':', it's an IPv6 address (assuming it's an
792 * IP address at all). This consists of eight ':'-separated
793 * segments, each containing a 1-4 digit hex number, except that
794 * optionally: (a) the last two segments can be replaced by an
795 * IPv4 address, and (b) a single span of 1 to 8 "0000" segments
796 * can be replaced with just "::".
797 */
798
799 nsegments = 0;
800 skipped = FALSE;
801 while (*p && *p != '%' && nsegments < 8)
802 {
803 /* Each segment after the first must be preceded by a ':'.
804 * (We also handle half of the "string starts with ::" case
805 * here.)
806 */
807 if (p != (char *)hostname || (p[0] == ':' && p[1] == ':'))
808 {
809 if (*p != ':')
810 return FALSE;
811 p++;
812 }
813
814 /* If there's another ':', it means we're skipping some segments */
815 if (*p == ':' && !skipped)
816 {
817 skipped = TRUE;
818 nsegments++;
819
820 /* Handle the "string ends with ::" case */
821 if (!p[1])
822 p++;
823
824 continue;
825 }
826
827 /* Read the segment, make sure it's valid. */
828 for (end = p; g_ascii_isxdigit (*end); end++)
829 ;
830 if (end == p || end > p + 4)
831 return FALSE;
832
833 if (*end == '.')
834 {
835 if ((nsegments == 6 && !skipped) || (nsegments <= 6 && skipped))
836 goto parse_ipv4;
837 else
838 return FALSE;
839 }
840
841 nsegments++;
842 p = end;
843 }
844
845 return (!*p || (p[0] == '%' && p[1])) && (nsegments == 8 || skipped);
846 }
847
848 parse_ipv4:
849
850 /* Parse IPv4: N.N.N.N, where each N <= 255 and doesn't have leading 0s. */
851 for (nsegments = 0; nsegments < 4; nsegments++)
852 {
853 if (nsegments != 0)
854 {
855 if (*p != '.')
856 return FALSE;
857 p++;
858 }
859
860 /* Check the segment; a little tricker than the IPv6 case since
861 * we can't allow extra leading 0s, and we can't assume that all
862 * strings of valid length are within range.
863 */
864 octet = 0;
865 if (*p == '0')
866 end = p + 1;
867 else
868 {
869 for (end = p; g_ascii_isdigit (*end); end++)
870 {
871 octet = 10 * octet + (*end - '0');
872
873 if (octet > 255)
874 break;
875 }
876 }
877 if (end == p || end > p + 3 || octet > 255)
878 return FALSE;
879
880 p = end;
881 }
882
883 /* If there's nothing left to parse, then it's ok. */
884 return !*p;
885 }
886