Removed support for libidn1

Currently we support both IDNA2003 and IDNA2008. However, IDNA2003 is already obsolete by registrars and NICs, thus there is no reason to continue supporting it. We switch to IDNA2008 exclusively using libidn2. Resolves #194 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-04-04 20:13:11 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-05-01 12:58:23 +0200
commit: abe6a12b9766219163f99d7807a0b07fbe5f590c (patch)
tree: d6ae3a7993290b2fa9d688cdf5be1f738be2b612 /tests
parent: 8f981f0373fd3484659a5b0452306d01e13fc26d (diff)
download: gnutls-abe6a12b9766219163f99d7807a0b07fbe5f590c.tar.gz
8 files changed, 26 insertions, 40 deletions
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am
index ed8aefc1bf..728c8a597a 100644
--- a/tests/cert-tests/Makefile.am
+++ b/tests/cert-tests/Makefile.am
@@ -98,9 +98,7 @@ dist_check_SCRIPTS += openpgp-certs
 endif
 endif
 
-if !HAVE_BUGGY_LIBIDN
 dist_check_SCRIPTS += certtool-utf8
-endif
 
 if ENABLE_NON_SUITEB_CURVES
 dist_check_SCRIPTS += crq
diff --git a/tests/cert_verify_inv_utf8.c b/tests/cert_verify_inv_utf8.c
index a2b1e5b965..a424e51075 100644
--- a/tests/cert_verify_inv_utf8.c
+++ b/tests/cert_verify_inv_utf8.c
@@ -150,7 +150,7 @@ static void auto_parse(void)
 
 void doit(void)
 {
-#if !defined(HAVE_LIBIDN) && !defined(HAVE_LIBIDN2)
+#if !defined(HAVE_LIBIDN2)
 	exit(77);
 #endif
 	auto_parse();
diff --git a/tests/crq_apis.c b/tests/crq_apis.c
index a4ff7c3816..fdc7ece1c2 100644
--- a/tests/crq_apis.c
+++ b/tests/crq_apis.c
@@ -184,7 +184,7 @@ static gnutls_x509_crq_t generate_crq(void)
 
 	ret = gnutls_x509_crq_set_subject_alt_name(crq, GNUTLS_SAN_DNSNAME,
 						   "νίκο.com", strlen("νίκο.com"), GNUTLS_FSAN_APPEND);
-#if defined(HAVE_LIBIDN) || defined(HAVE_LIBIDN2)
+#if defined(HAVE_LIBIDN2)
 	if (ret != 0)
 		fail("gnutls_x509_crt_set_subject_alt_name: %s\n", gnutls_strerror(ret));
 #else
@@ -453,7 +453,7 @@ void doit(void)
 
 	assert(gnutls_x509_crq_export2(crq, GNUTLS_X509_FMT_PEM, &out) >= 0);
 
-#if defined(HAVE_LIBIDN) || defined(HAVE_LIBIDN2)
+#if defined(HAVE_LIBIDN2)
 	assert(out.size == saved_crq.size);
 	assert(memcmp(out.data, saved_crq.data, out.size)==0);
 #endif
diff --git a/tests/hostname-check-utf8.c b/tests/hostname-check-utf8.c
index 10128bc774..06ce1b7bdf 100644
--- a/tests/hostname-check-utf8.c
+++ b/tests/hostname-check-utf8.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2016 Red Hat, Inc.
+ * Copyright (C) 2016-2017 Red Hat, Inc.
  *
  * Author: Nikos Mavrogiannopoulos
  *
@@ -27,8 +27,10 @@
 #include <string.h>
 #include <gnutls/gnutls.h>
 #include <gnutls/x509.h>
-#ifdef ENABLE_OPENPGP
-#include <gnutls/openpgp.h>
+
+#if defined(HAVE_LIBIDN2)
+/* to obtain version */
+#include <idn2.h>
 #endif
 
 #include "utils.h"
@@ -101,6 +103,10 @@ void doit(void)
 	gnutls_datum_t data;
 	int ret;
 
+#if !defined(HAVE_LIBIDN2)
+	exit(77);
+#endif
+
 	ret = global_init();
 	if (ret < 0)
 		fail("global_init: %d\n", ret);
@@ -142,6 +148,15 @@ void doit(void)
 	if (ret)
 		fail("%d: Invalid hostname incorrectly matches (%d)\n", __LINE__, ret);
 
+#if IDN2_VERSION_NUMBER >= 0x00160000
+	ret = gnutls_x509_crt_check_hostname(x509, "γΓγ.τόΣτ.gr");
+	if (ret)
+		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
+
+	ret = gnutls_x509_crt_check_hostname(x509, "ΤΈΣΤ.gr");
+	if (ret)
+		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
+#endif
 	ret = gnutls_x509_crt_check_hostname(x509, "γγγ.τόστ.gr");
 	if (ret)
 		fail("%d: Invalid hostname incorrectly matches (%d)\n", __LINE__, ret);
@@ -188,7 +203,6 @@ void doit(void)
 	if (ret)
 		fail("%d: Hostname incorrectly matches (%d)\n", __LINE__, ret);
 
-#if defined(HAVE_LIBIDN) || defined(HAVE_LIBIDN2)
 	ret = gnutls_x509_crt_check_hostname(x509, "www.teχ.gr");
 	if (!ret)
 		fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret);
@@ -201,7 +215,7 @@ void doit(void)
 	if (!ret)
 		fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret);
 
-#if defined(HAVE_LIBIDN) /* There are IDNA2003 */
+#if IDN2_VERSION_NUMBER >= 0x00160000
 	ret = gnutls_x509_crt_check_hostname(x509, "γΓγ.τόΣτ.gr");
 	if (!ret)
 		fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret);
@@ -210,7 +224,6 @@ void doit(void)
 	if (!ret)
 		fail("%d: Hostname incorrectly does not match (%d)\n", __LINE__, ret);
 #endif
-#endif
 
 	gnutls_x509_crt_deinit(x509);
 
diff --git a/tests/mini-server-name.c b/tests/mini-server-name.c
index ae7bb185a5..05b9136a67 100644
--- a/tests/mini-server-name.c
+++ b/tests/mini-server-name.c
@@ -341,7 +341,7 @@ void doit(void)
 	start("empty", 0, "", 0, "", 0);
 	start("test.example.com", 0, "test.example.com", strlen("test.example.com"), "test.example.com", strlen("test.example.com"));
 	start("longtest.example.com", 0, "longtest.example.com.", strlen("longtest.example.com"), "longtest.example.com.", strlen("longtest.example.com"));
-#if defined(HAVE_LIBIDN) || defined(HAVE_LIBIDN2)
+#if defined(HAVE_LIBIDN2)
 	/* test invalid UTF8 */
 	start("invalid-utf8", 1, "invalid\xff.example.com.", sizeof("invalid\xff.example.com")-1, NULL, 0);
 #endif
diff --git a/tests/set_key_utf8.c b/tests/set_key_utf8.c
index 17d031d67d..55788671e0 100644
--- a/tests/set_key_utf8.c
+++ b/tests/set_key_utf8.c
@@ -135,11 +135,6 @@ static void auto_parse(void)
 	}
 
 	test_cli_serv(x509_cred, clicred, "NORMAL", "localhost", NULL, NULL, NULL); /* the DNS name of the first cert */
-#ifdef HAVE_LIBIDN /* IDNA2003-only */
-	test_cli_serv(x509_cred, clicred, "NORMAL", "www.νίκος.com", NULL, NULL, NULL); /* the DNS name of second cert */
-	test_cli_serv(x509_cred, clicred, "NORMAL", "raw:www.νίκος.com", NULL, NULL, NULL); /* the DNS name of second cert */
-	test_cli_serv(x509_cred, clicred, "NORMAL", "www.xn--kxawhku.com", NULL, NULL, NULL); /* the previous name in IDNA format */
-#endif
 	test_cli_serv(x509_cred, clicred, "NORMAL", "简体中文.εξτρα.com", NULL, NULL, NULL); /* the second DNS name of cert */
 	test_cli_serv(x509_cred, clicred, "NORMAL", "raw:简体中文.εξτρα.com", NULL, NULL, NULL); /* the second DNS name of cert */
 	test_cli_serv(x509_cred, clicred, "NORMAL", "xn--fiqu1az03c18t.xn--mxah1amo.com", NULL, NULL, NULL); /* its IDNA equivalent */
@@ -155,7 +150,7 @@ static void auto_parse(void)
 
 void doit(void)
 {
-#if !defined(HAVE_LIBIDN) && !defined(HAVE_LIBIDN2)
+#if !defined(HAVE_LIBIDN2)
 	exit(77);
 #endif
 	auto_parse();
diff --git a/tests/set_x509_key_utf8.c b/tests/set_x509_key_utf8.c
index d67747732a..fc1ba38b23 100644
--- a/tests/set_x509_key_utf8.c
+++ b/tests/set_x509_key_utf8.c
@@ -143,7 +143,7 @@ void doit(void)
 	int ret;
 	unsigned idx;
 
-#if !defined(HAVE_LIBIDN) && !defined(HAVE_LIBIDN2)
+#if !defined(HAVE_LIBIDN2)
 	exit(77);
 #endif
 
@@ -173,10 +173,6 @@ void doit(void)
 	assert(idx == 1);
 
 	test_cli_serv(x509_cred, clicred, "NORMAL", "localhost", NULL, NULL, NULL);
-#if defined(HAVE_LIBIDN) /* IDNA2003 */
-	test_cli_serv(x509_cred, clicred, "NORMAL", "www.νίκος.com", NULL, NULL, NULL); /* the DNS name of second cert */
-	test_cli_serv(x509_cred, clicred, "NORMAL", "raw:www.νίκος.com", NULL, NULL, NULL); /* the DNS name of second cert */
-#endif
 	test_cli_serv(x509_cred, clicred, "NORMAL", "www.xn--kxawhku.com", NULL, NULL, NULL); /* the previous name in IDNA format */
 	test_cli_serv(x509_cred, clicred, "NORMAL", "简体中文.εξτρα.com", NULL, NULL, NULL); /* the second DNS name of cert */
 	test_cli_serv(x509_cred, clicred, "NORMAL", "raw:简体中文.εξτρα.com", NULL, NULL, NULL); /* the second DNS name of cert */
diff --git a/tests/str-idna.c b/tests/str-idna.c
index 60dd58d5c5..552e23b3a1 100644
--- a/tests/str-idna.c
+++ b/tests/str-idna.c
@@ -32,11 +32,7 @@
 #include <gnutls/gnutls.h>
 #include <cmocka.h>
 
-#ifdef HAVE_LIBIDN2
-# define GLOBAL_FLAGS GNUTLS_IDNA_FORCE_2008
-#else
 # define GLOBAL_FLAGS 0
-#endif
 
 #define MATCH_FUNC(fname, str, normalized) \
 static void fname(void **glob_state) \
@@ -84,13 +80,12 @@ MATCH_FUNC_TWO_WAY(test_u1, "夡夞夜夙", "xn--bssffl");
 MATCH_FUNC_TWO_WAY(test_jp2, "日本語.jp", "xn--wgv71a119e.jp");
 /* invalid (✌️) symbol in IDNA2008 but valid in IDNA2003. Browsers
  * fallback to IDNA2003, and we do too, so that should work */
-#if defined(HAVE_LIBIDN) || IDN2_VERSION_NUMBER >= 0x02000002
+#if IDN2_VERSION_NUMBER >= 0x02000002
 MATCH_FUNC_TWO_WAY(test_valid_idna2003, "\xe2\x9c\x8c\xef\xb8\x8f.com", "xn--7bi.com");
 #else
 EMPTY_FUNC(test_valid_idna2003);
 #endif
 
-#ifdef HAVE_LIBIDN2 /* IDNA 2008 */
 MATCH_FUNC_TWO_WAY(test_greek2, "βόλος.com", "xn--nxasmm1c.com");
 MATCH_FUNC_TWO_WAY(test_german1, "faß.de", "xn--fa-hia.de");
 # if IDN2_VERSION_NUMBER >= 0x00140000
@@ -106,25 +101,14 @@ EMPTY_FUNC(test_caps_german3);
 EMPTY_FUNC(test_caps_greek);
 EMPTY_FUNC(test_dots);
 # endif
-#else /* IDNA 2003 */
-MATCH_FUNC(test_caps_greek, "ΒΌΛΟΣ.com", "xn--nxasmq6b.com");
-MATCH_FUNC(test_greek2, "βόλος.com", "xn--nxasmq6b.com");
-MATCH_FUNC(test_german1, "faß.de", "fass.de");
-MATCH_FUNC(test_caps_german1, "Ü.ü", "xn--tda.xn--tda");
-MATCH_FUNC(test_caps_german2, "Bücher.de", "xn--bcher-kva.de");
-MATCH_FUNC(test_caps_german3, "Faß.de", "fass.de");
-MATCH_FUNC(test_dots, "a.b.c。d。", "a.b.c.d.");
-#endif
 
 int main(void)
 {
 	gnutls_datum_t tmp;
 	int ret;
 	const struct CMUnitTest tests[] = {
-#ifdef HAVE_LIBIDN2 /* IDNA 2008 */
 		cmocka_unit_test(test_greek2_reverse),
 		cmocka_unit_test(test_german1_reverse),
-#endif
 		cmocka_unit_test(test_ascii),
 		cmocka_unit_test(test_ascii_reverse),
 		cmocka_unit_test(test_ascii_caps),
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-04-04 20:13:11 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-05-01 12:58:23 +0200
commit	abe6a12b9766219163f99d7807a0b07fbe5f590c (patch)
tree	d6ae3a7993290b2fa9d688cdf5be1f738be2b612 /tests
parent	8f981f0373fd3484659a5b0452306d01e13fc26d (diff)
download	gnutls-abe6a12b9766219163f99d7807a0b07fbe5f590c.tar.gz