View | Details | Raw Unified | Return to bug 2058 | Differences between
and this patch

Collapse All | Expand All

(-)lib/Makefile (-1 / +2 lines)
Lines 26-32 SRCS= ${LIB_SRCS} \ Link Here
26
	msg.c progressmeter.c dns.c \
26
	msg.c progressmeter.c dns.c \
27
	monitor_fdpass.c addrmatch.c \
27
	monitor_fdpass.c addrmatch.c \
28
	smult_curve25519_ref.c kexc25519.c kexc25519c.c \
28
	smult_curve25519_ref.c kexc25519.c kexc25519c.c \
29
	chacha.c poly1305.c cipher-chachapoly.c ssh-ed25519.c hmac.c umac.c
29
	chacha.c poly1305.c cipher-chachapoly.c ssh-ed25519.c hmac.c umac.c \
30
	utf8_stringprep.c
30
31
31
.if (${OPENSSL:L} == "yes")
32
.if (${OPENSSL:L} == "yes")
32
SRCS+=	bufec.c bufbn.c cipher-3des1.c cipher-bf1.c rsa.c \
33
SRCS+=	bufec.c bufbn.c cipher-3des1.c cipher-bf1.c rsa.c \
(-)misc.h (+3 lines)
Lines 110-113 char *read_passphrase(const char *, int); Link Here
110
int	 ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
110
int	 ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
111
int	 read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
111
int	 read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
112
112
113
/* utf8_stringprep.c */
114
int utf8_stringprep(const char *, char *, size_t);
115
113
#endif /* _MISC_H */
116
#endif /* _MISC_H */
(-)sshconnect2.c (-2 / +34 lines)
Lines 39-44 Link Here
39
#include <pwd.h>
39
#include <pwd.h>
40
#include <unistd.h>
40
#include <unistd.h>
41
#include <vis.h>
41
#include <vis.h>
42
#include <locale.h>
43
#include <langinfo.h>
42
44
43
#include "xmalloc.h"
45
#include "xmalloc.h"
44
#include "ssh.h"
46
#include "ssh.h"
Lines 454-474 input_userauth_error(int type, u_int32_t seq, void *ctxt) Link Here
454
	    "type %d", type);
456
	    "type %d", type);
455
}
457
}
456
458
459
/* Check whether we can display UTF-8 safely */
460
static int
461
utf8_ok(void)
462
{
463
	static int ret = -1;
464
	char *cp;
465
466
	if (ret == -1) {
467
		setlocale(LC_CTYPE, "");
468
		cp = nl_langinfo(CODESET);
469
		ret = strcmp(cp, "UTF-8") == 0;
470
	}
471
	return ret;
472
}
473
457
/* ARGSUSED */
474
/* ARGSUSED */
458
void
475
void
459
input_userauth_banner(int type, u_int32_t seq, void *ctxt)
476
input_userauth_banner(int type, u_int32_t seq, void *ctxt)
460
{
477
{
461
	char *msg, *raw, *lang;
478
	char *msg, *raw, *lang;
462
	u_int len;
479
	u_int done, len;
463
480
464
	debug3("input_userauth_banner");
481
	debug3("input_userauth_banner");
482
465
	raw = packet_get_string(&len);
483
	raw = packet_get_string(&len);
466
	lang = packet_get_string(NULL);
484
	lang = packet_get_string(NULL);
467
	if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) {
485
	if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) {
468
		if (len > 65536)
486
		if (len > 65536)
469
			len = 65536;
487
			len = 65536;
470
		msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */
488
		msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */
471
		strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
489
		done = 0;
490
		if (utf8_ok()) {
491
			if (utf8_stringprep(raw, msg, len * 4 + 1) == 0)
492
				done = 1;
493
			else
494
				debug2("%s: UTF8 stringprep failed", __func__);
495
		}
496
		/*
497
		 * Fallback to strnvis if UTF8 display not supported or
498
		 * conversion failed.
499
		 */
500
		if (!done) {
501
			strnvis(msg, raw, len * 4 + 1,
502
			    VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
503
		}
472
		fprintf(stderr, "%s", msg);
504
		fprintf(stderr, "%s", msg);
473
		free(msg);
505
		free(msg);
474
	}
506
	}
(-)stringprep-tables.c (+661 lines)
Line 0 Link Here
1
/* Public domain.  */
2
3
/* $OpenBSD$ */
4
5
/*
6
 * Tables for RFC3454 stringprep algorithm, updated with a table of allocated
7
 * characters generated from Unicode.6.2's UnicodeData.txt
8
 *
9
 * Intended to be included directly from utf8_stringprep.c
10
 */
11
12
/* Unassigned characters in Unicode 6.2 */
13
static const struct u32_range unassigned[] = {
14
	{ 0x0378, 0x0379 },
15
	{ 0x037F, 0x0383 },
16
	{ 0x038B, 0x038B },
17
	{ 0x038D, 0x038D },
18
	{ 0x03A2, 0x03A2 },
19
	{ 0x0528, 0x0530 },
20
	{ 0x0557, 0x0558 },
21
	{ 0x0560, 0x0560 },
22
	{ 0x0588, 0x0588 },
23
	{ 0x058B, 0x058E },
24
	{ 0x0590, 0x0590 },
25
	{ 0x05C8, 0x05CF },
26
	{ 0x05EB, 0x05EF },
27
	{ 0x05F5, 0x05FF },
28
	{ 0x0605, 0x0605 },
29
	{ 0x061C, 0x061D },
30
	{ 0x070E, 0x070E },
31
	{ 0x074B, 0x074C },
32
	{ 0x07B2, 0x07BF },
33
	{ 0x07FB, 0x07FF },
34
	{ 0x082E, 0x082F },
35
	{ 0x083F, 0x083F },
36
	{ 0x085C, 0x085D },
37
	{ 0x085F, 0x089F },
38
	{ 0x08A1, 0x08A1 },
39
	{ 0x08AD, 0x08E3 },
40
	{ 0x08FF, 0x08FF },
41
	{ 0x0978, 0x0978 },
42
	{ 0x0980, 0x0980 },
43
	{ 0x0984, 0x0984 },
44
	{ 0x098D, 0x098E },
45
	{ 0x0991, 0x0992 },
46
	{ 0x09A9, 0x09A9 },
47
	{ 0x09B1, 0x09B1 },
48
	{ 0x09B3, 0x09B5 },
49
	{ 0x09BA, 0x09BB },
50
	{ 0x09C5, 0x09C6 },
51
	{ 0x09C9, 0x09CA },
52
	{ 0x09CF, 0x09D6 },
53
	{ 0x09D8, 0x09DB },
54
	{ 0x09DE, 0x09DE },
55
	{ 0x09E4, 0x09E5 },
56
	{ 0x09FC, 0x0A00 },
57
	{ 0x0A04, 0x0A04 },
58
	{ 0x0A0B, 0x0A0E },
59
	{ 0x0A11, 0x0A12 },
60
	{ 0x0A29, 0x0A29 },
61
	{ 0x0A31, 0x0A31 },
62
	{ 0x0A34, 0x0A34 },
63
	{ 0x0A37, 0x0A37 },
64
	{ 0x0A3A, 0x0A3B },
65
	{ 0x0A3D, 0x0A3D },
66
	{ 0x0A43, 0x0A46 },
67
	{ 0x0A49, 0x0A4A },
68
	{ 0x0A4E, 0x0A50 },
69
	{ 0x0A52, 0x0A58 },
70
	{ 0x0A5D, 0x0A5D },
71
	{ 0x0A5F, 0x0A65 },
72
	{ 0x0A76, 0x0A80 },
73
	{ 0x0A84, 0x0A84 },
74
	{ 0x0A8E, 0x0A8E },
75
	{ 0x0A92, 0x0A92 },
76
	{ 0x0AA9, 0x0AA9 },
77
	{ 0x0AB1, 0x0AB1 },
78
	{ 0x0AB4, 0x0AB4 },
79
	{ 0x0ABA, 0x0ABB },
80
	{ 0x0AC6, 0x0AC6 },
81
	{ 0x0ACA, 0x0ACA },
82
	{ 0x0ACE, 0x0ACF },
83
	{ 0x0AD1, 0x0ADF },
84
	{ 0x0AE4, 0x0AE5 },
85
	{ 0x0AF2, 0x0B00 },
86
	{ 0x0B04, 0x0B04 },
87
	{ 0x0B0D, 0x0B0E },
88
	{ 0x0B11, 0x0B12 },
89
	{ 0x0B29, 0x0B29 },
90
	{ 0x0B31, 0x0B31 },
91
	{ 0x0B34, 0x0B34 },
92
	{ 0x0B3A, 0x0B3B },
93
	{ 0x0B45, 0x0B46 },
94
	{ 0x0B49, 0x0B4A },
95
	{ 0x0B4E, 0x0B55 },
96
	{ 0x0B58, 0x0B5B },
97
	{ 0x0B5E, 0x0B5E },
98
	{ 0x0B64, 0x0B65 },
99
	{ 0x0B78, 0x0B81 },
100
	{ 0x0B84, 0x0B84 },
101
	{ 0x0B8B, 0x0B8D },
102
	{ 0x0B91, 0x0B91 },
103
	{ 0x0B96, 0x0B98 },
104
	{ 0x0B9B, 0x0B9B },
105
	{ 0x0B9D, 0x0B9D },
106
	{ 0x0BA0, 0x0BA2 },
107
	{ 0x0BA5, 0x0BA7 },
108
	{ 0x0BAB, 0x0BAD },
109
	{ 0x0BBA, 0x0BBD },
110
	{ 0x0BC3, 0x0BC5 },
111
	{ 0x0BC9, 0x0BC9 },
112
	{ 0x0BCE, 0x0BCF },
113
	{ 0x0BD1, 0x0BD6 },
114
	{ 0x0BD8, 0x0BE5 },
115
	{ 0x0BFB, 0x0C00 },
116
	{ 0x0C04, 0x0C04 },
117
	{ 0x0C0D, 0x0C0D },
118
	{ 0x0C11, 0x0C11 },
119
	{ 0x0C29, 0x0C29 },
120
	{ 0x0C34, 0x0C34 },
121
	{ 0x0C3A, 0x0C3C },
122
	{ 0x0C45, 0x0C45 },
123
	{ 0x0C49, 0x0C49 },
124
	{ 0x0C4E, 0x0C54 },
125
	{ 0x0C57, 0x0C57 },
126
	{ 0x0C5A, 0x0C5F },
127
	{ 0x0C64, 0x0C65 },
128
	{ 0x0C70, 0x0C77 },
129
	{ 0x0C80, 0x0C81 },
130
	{ 0x0C84, 0x0C84 },
131
	{ 0x0C8D, 0x0C8D },
132
	{ 0x0C91, 0x0C91 },
133
	{ 0x0CA9, 0x0CA9 },
134
	{ 0x0CB4, 0x0CB4 },
135
	{ 0x0CBA, 0x0CBB },
136
	{ 0x0CC5, 0x0CC5 },
137
	{ 0x0CC9, 0x0CC9 },
138
	{ 0x0CCE, 0x0CD4 },
139
	{ 0x0CD7, 0x0CDD },
140
	{ 0x0CDF, 0x0CDF },
141
	{ 0x0CE4, 0x0CE5 },
142
	{ 0x0CF0, 0x0CF0 },
143
	{ 0x0CF3, 0x0D01 },
144
	{ 0x0D04, 0x0D04 },
145
	{ 0x0D0D, 0x0D0D },
146
	{ 0x0D11, 0x0D11 },
147
	{ 0x0D3B, 0x0D3C },
148
	{ 0x0D45, 0x0D45 },
149
	{ 0x0D49, 0x0D49 },
150
	{ 0x0D4F, 0x0D56 },
151
	{ 0x0D58, 0x0D5F },
152
	{ 0x0D64, 0x0D65 },
153
	{ 0x0D76, 0x0D78 },
154
	{ 0x0D80, 0x0D81 },
155
	{ 0x0D84, 0x0D84 },
156
	{ 0x0D97, 0x0D99 },
157
	{ 0x0DB2, 0x0DB2 },
158
	{ 0x0DBC, 0x0DBC },
159
	{ 0x0DBE, 0x0DBF },
160
	{ 0x0DC7, 0x0DC9 },
161
	{ 0x0DCB, 0x0DCE },
162
	{ 0x0DD5, 0x0DD5 },
163
	{ 0x0DD7, 0x0DD7 },
164
	{ 0x0DE0, 0x0DF1 },
165
	{ 0x0DF5, 0x0E00 },
166
	{ 0x0E3B, 0x0E3E },
167
	{ 0x0E5C, 0x0E80 },
168
	{ 0x0E83, 0x0E83 },
169
	{ 0x0E85, 0x0E86 },
170
	{ 0x0E89, 0x0E89 },
171
	{ 0x0E8B, 0x0E8C },
172
	{ 0x0E8E, 0x0E93 },
173
	{ 0x0E98, 0x0E98 },
174
	{ 0x0EA0, 0x0EA0 },
175
	{ 0x0EA4, 0x0EA4 },
176
	{ 0x0EA6, 0x0EA6 },
177
	{ 0x0EA8, 0x0EA9 },
178
	{ 0x0EAC, 0x0EAC },
179
	{ 0x0EBA, 0x0EBA },
180
	{ 0x0EBE, 0x0EBF },
181
	{ 0x0EC5, 0x0EC5 },
182
	{ 0x0EC7, 0x0EC7 },
183
	{ 0x0ECE, 0x0ECF },
184
	{ 0x0EDA, 0x0EDB },
185
	{ 0x0EE0, 0x0EFF },
186
	{ 0x0F48, 0x0F48 },
187
	{ 0x0F6D, 0x0F70 },
188
	{ 0x0F98, 0x0F98 },
189
	{ 0x0FBD, 0x0FBD },
190
	{ 0x0FCD, 0x0FCD },
191
	{ 0x0FDB, 0x0FFF },
192
	{ 0x10C6, 0x10C6 },
193
	{ 0x10C8, 0x10CC },
194
	{ 0x10CE, 0x10CF },
195
	{ 0x1249, 0x1249 },
196
	{ 0x124E, 0x124F },
197
	{ 0x1257, 0x1257 },
198
	{ 0x1259, 0x1259 },
199
	{ 0x125E, 0x125F },
200
	{ 0x1289, 0x1289 },
201
	{ 0x128E, 0x128F },
202
	{ 0x12B1, 0x12B1 },
203
	{ 0x12B6, 0x12B7 },
204
	{ 0x12BF, 0x12BF },
205
	{ 0x12C1, 0x12C1 },
206
	{ 0x12C6, 0x12C7 },
207
	{ 0x12D7, 0x12D7 },
208
	{ 0x1311, 0x1311 },
209
	{ 0x1316, 0x1317 },
210
	{ 0x135B, 0x135C },
211
	{ 0x137D, 0x137F },
212
	{ 0x139A, 0x139F },
213
	{ 0x13F5, 0x13FF },
214
	{ 0x169D, 0x169F },
215
	{ 0x16F1, 0x16FF },
216
	{ 0x170D, 0x170D },
217
	{ 0x1715, 0x171F },
218
	{ 0x1737, 0x173F },
219
	{ 0x1754, 0x175F },
220
	{ 0x176D, 0x176D },
221
	{ 0x1771, 0x1771 },
222
	{ 0x1774, 0x177F },
223
	{ 0x17DE, 0x17DF },
224
	{ 0x17EA, 0x17EF },
225
	{ 0x17FA, 0x17FF },
226
	{ 0x180F, 0x180F },
227
	{ 0x181A, 0x181F },
228
	{ 0x1878, 0x187F },
229
	{ 0x18AB, 0x18AF },
230
	{ 0x18F6, 0x18FF },
231
	{ 0x191D, 0x191F },
232
	{ 0x192C, 0x192F },
233
	{ 0x193C, 0x193F },
234
	{ 0x1941, 0x1943 },
235
	{ 0x196E, 0x196F },
236
	{ 0x1975, 0x197F },
237
	{ 0x19AC, 0x19AF },
238
	{ 0x19CA, 0x19CF },
239
	{ 0x19DB, 0x19DD },
240
	{ 0x1A1C, 0x1A1D },
241
	{ 0x1A5F, 0x1A5F },
242
	{ 0x1A7D, 0x1A7E },
243
	{ 0x1A8A, 0x1A8F },
244
	{ 0x1A9A, 0x1A9F },
245
	{ 0x1AAE, 0x1AFF },
246
	{ 0x1B4C, 0x1B4F },
247
	{ 0x1B7D, 0x1B7F },
248
	{ 0x1BF4, 0x1BFB },
249
	{ 0x1C38, 0x1C3A },
250
	{ 0x1C4A, 0x1C4C },
251
	{ 0x1C80, 0x1CBF },
252
	{ 0x1CC8, 0x1CCF },
253
	{ 0x1CF7, 0x1CFF },
254
	{ 0x1DE7, 0x1DFB },
255
	{ 0x1F16, 0x1F17 },
256
	{ 0x1F1E, 0x1F1F },
257
	{ 0x1F46, 0x1F47 },
258
	{ 0x1F4E, 0x1F4F },
259
	{ 0x1F58, 0x1F58 },
260
	{ 0x1F5A, 0x1F5A },
261
	{ 0x1F5C, 0x1F5C },
262
	{ 0x1F5E, 0x1F5E },
263
	{ 0x1F7E, 0x1F7F },
264
	{ 0x1FB5, 0x1FB5 },
265
	{ 0x1FC5, 0x1FC5 },
266
	{ 0x1FD4, 0x1FD5 },
267
	{ 0x1FDC, 0x1FDC },
268
	{ 0x1FF0, 0x1FF1 },
269
	{ 0x1FF5, 0x1FF5 },
270
	{ 0x1FFF, 0x1FFF },
271
	{ 0x2065, 0x2069 },
272
	{ 0x2072, 0x2073 },
273
	{ 0x208F, 0x208F },
274
	{ 0x209D, 0x209F },
275
	{ 0x20BB, 0x20CF },
276
	{ 0x20F1, 0x20FF },
277
	{ 0x218A, 0x218F },
278
	{ 0x23F4, 0x23FF },
279
	{ 0x2427, 0x243F },
280
	{ 0x244B, 0x245F },
281
	{ 0x2700, 0x2700 },
282
	{ 0x2B4D, 0x2B4F },
283
	{ 0x2B5A, 0x2BFF },
284
	{ 0x2C2F, 0x2C2F },
285
	{ 0x2C5F, 0x2C5F },
286
	{ 0x2CF4, 0x2CF8 },
287
	{ 0x2D26, 0x2D26 },
288
	{ 0x2D28, 0x2D2C },
289
	{ 0x2D2E, 0x2D2F },
290
	{ 0x2D68, 0x2D6E },
291
	{ 0x2D71, 0x2D7E },
292
	{ 0x2D97, 0x2D9F },
293
	{ 0x2DA7, 0x2DA7 },
294
	{ 0x2DAF, 0x2DAF },
295
	{ 0x2DB7, 0x2DB7 },
296
	{ 0x2DBF, 0x2DBF },
297
	{ 0x2DC7, 0x2DC7 },
298
	{ 0x2DCF, 0x2DCF },
299
	{ 0x2DD7, 0x2DD7 },
300
	{ 0x2DDF, 0x2DDF },
301
	{ 0x2E3C, 0x2E7F },
302
	{ 0x2E9A, 0x2E9A },
303
	{ 0x2EF4, 0x2EFF },
304
	{ 0x2FD6, 0x2FEF },
305
	{ 0x2FFC, 0x2FFF },
306
	{ 0x3040, 0x3040 },
307
	{ 0x3097, 0x3098 },
308
	{ 0x3100, 0x3104 },
309
	{ 0x312E, 0x3130 },
310
	{ 0x318F, 0x318F },
311
	{ 0x31BB, 0x31BF },
312
	{ 0x31E4, 0x31EF },
313
	{ 0x321F, 0x321F },
314
	{ 0x32FF, 0x32FF },
315
	{ 0x4DB6, 0x4DBF },
316
	{ 0x9FA6, 0x9FCB },
317
	{ 0x9FCD, 0x9FFF },
318
	{ 0xA48D, 0xA48F },
319
	{ 0xA4C7, 0xA4CF },
320
	{ 0xA62C, 0xA63F },
321
	{ 0xA698, 0xA69E },
322
	{ 0xA6F8, 0xA6FF },
323
	{ 0xA78F, 0xA78F },
324
	{ 0xA794, 0xA79F },
325
	{ 0xA7AB, 0xA7F7 },
326
	{ 0xA82C, 0xA82F },
327
	{ 0xA83A, 0xA83F },
328
	{ 0xA878, 0xA87F },
329
	{ 0xA8C5, 0xA8CD },
330
	{ 0xA8DA, 0xA8DF },
331
	{ 0xA8FC, 0xA8FF },
332
	{ 0xA954, 0xA95E },
333
	{ 0xA97D, 0xA97F },
334
	{ 0xA9CE, 0xA9CE },
335
	{ 0xA9DA, 0xA9DD },
336
	{ 0xA9E0, 0xA9FF },
337
	{ 0xAA37, 0xAA3F },
338
	{ 0xAA4E, 0xAA4F },
339
	{ 0xAA5A, 0xAA5B },
340
	{ 0xAA7C, 0xAA7F },
341
	{ 0xAAC3, 0xAADA },
342
	{ 0xAAF7, 0xAB00 },
343
	{ 0xAB07, 0xAB08 },
344
	{ 0xAB0F, 0xAB10 },
345
	{ 0xAB17, 0xAB1F },
346
	{ 0xAB27, 0xAB27 },
347
	{ 0xAB2F, 0xABBF },
348
	{ 0xABEE, 0xABEF },
349
	{ 0xABFA, 0xABFF },
350
	{ 0xD7A4, 0xD7AF },
351
	{ 0xD7C7, 0xD7CA },
352
	{ 0xD7FC, 0xD7FF },
353
	{ 0xFA6E, 0xFA6F },
354
	{ 0xFADA, 0xFAFF },
355
	{ 0xFB07, 0xFB12 },
356
	{ 0xFB18, 0xFB1C },
357
	{ 0xFB37, 0xFB37 },
358
	{ 0xFB3D, 0xFB3D },
359
	{ 0xFB3F, 0xFB3F },
360
	{ 0xFB42, 0xFB42 },
361
	{ 0xFB45, 0xFB45 },
362
	{ 0xFBC2, 0xFBD2 },
363
	{ 0xFD40, 0xFD4F },
364
	{ 0xFD90, 0xFD91 },
365
	{ 0xFDC8, 0xFDCF },
366
	{ 0xFDFE, 0xFDFF },
367
	{ 0xFE1A, 0xFE1F },
368
	{ 0xFE27, 0xFE2F },
369
	{ 0xFE53, 0xFE53 },
370
	{ 0xFE67, 0xFE67 },
371
	{ 0xFE6C, 0xFE6F },
372
	{ 0xFE75, 0xFE75 },
373
	{ 0xFEFD, 0xFEFE },
374
	{ 0xFF00, 0xFF00 },
375
	{ 0xFFBF, 0xFFC1 },
376
	{ 0xFFC8, 0xFFC9 },
377
	{ 0xFFD0, 0xFFD1 },
378
	{ 0xFFD8, 0xFFD9 },
379
	{ 0xFFDD, 0xFFDF },
380
	{ 0xFFE7, 0xFFE7 },
381
	{ 0xFFEF, 0xFFF8 },
382
	{ 0x1000C, 0x1000C },
383
	{ 0x10027, 0x10027 },
384
	{ 0x1003B, 0x1003B },
385
	{ 0x1003E, 0x1003E },
386
	{ 0x1004E, 0x1004F },
387
	{ 0x1005E, 0x1007F },
388
	{ 0x100FB, 0x100FF },
389
	{ 0x10103, 0x10106 },
390
	{ 0x10134, 0x10136 },
391
	{ 0x1018B, 0x1018F },
392
	{ 0x1019C, 0x101CF },
393
	{ 0x101FE, 0x1027F },
394
	{ 0x1029D, 0x1029F },
395
	{ 0x102D1, 0x102FF },
396
	{ 0x1031F, 0x1031F },
397
	{ 0x10324, 0x1032F },
398
	{ 0x1034B, 0x1037F },
399
	{ 0x1039E, 0x1039E },
400
	{ 0x103C4, 0x103C7 },
401
	{ 0x103D6, 0x103FF },
402
	{ 0x1049E, 0x1049F },
403
	{ 0x104AA, 0x107FF },
404
	{ 0x10806, 0x10807 },
405
	{ 0x10809, 0x10809 },
406
	{ 0x10836, 0x10836 },
407
	{ 0x10839, 0x1083B },
408
	{ 0x1083D, 0x1083E },
409
	{ 0x10856, 0x10856 },
410
	{ 0x10860, 0x108FF },
411
	{ 0x1091C, 0x1091E },
412
	{ 0x1093A, 0x1093E },
413
	{ 0x10940, 0x1097F },
414
	{ 0x109B8, 0x109BD },
415
	{ 0x109C0, 0x109FF },
416
	{ 0x10A04, 0x10A04 },
417
	{ 0x10A07, 0x10A0B },
418
	{ 0x10A14, 0x10A14 },
419
	{ 0x10A18, 0x10A18 },
420
	{ 0x10A34, 0x10A37 },
421
	{ 0x10A3B, 0x10A3E },
422
	{ 0x10A48, 0x10A4F },
423
	{ 0x10A59, 0x10A5F },
424
	{ 0x10A80, 0x10AFF },
425
	{ 0x10B36, 0x10B38 },
426
	{ 0x10B56, 0x10B57 },
427
	{ 0x10B73, 0x10B77 },
428
	{ 0x10B80, 0x10BFF },
429
	{ 0x10C49, 0x10E5F },
430
	{ 0x10E7F, 0x10FFF },
431
	{ 0x1104E, 0x11051 },
432
	{ 0x11070, 0x1107F },
433
	{ 0x110C2, 0x110CF },
434
	{ 0x110E9, 0x110EF },
435
	{ 0x110FA, 0x110FF },
436
	{ 0x11135, 0x11135 },
437
	{ 0x11144, 0x1117F },
438
	{ 0x111C9, 0x111CF },
439
	{ 0x111DA, 0x1167F },
440
	{ 0x116B8, 0x116BF },
441
	{ 0x116CA, 0x11FFF },
442
	{ 0x1236F, 0x123FF },
443
	{ 0x12463, 0x1246F },
444
	{ 0x12474, 0x12FFF },
445
	{ 0x1342F, 0x167FF },
446
	{ 0x16A39, 0x16EFF },
447
	{ 0x16F45, 0x16F4F },
448
	{ 0x16F7F, 0x16F8E },
449
	{ 0x16FA0, 0x1AFFF },
450
	{ 0x1B002, 0x1CFFF },
451
	{ 0x1D0F6, 0x1D0FF },
452
	{ 0x1D127, 0x1D128 },
453
	{ 0x1D1DE, 0x1D1FF },
454
	{ 0x1D246, 0x1D2FF },
455
	{ 0x1D357, 0x1D35F },
456
	{ 0x1D372, 0x1D3FF },
457
	{ 0x1D455, 0x1D455 },
458
	{ 0x1D49D, 0x1D49D },
459
	{ 0x1D4A0, 0x1D4A1 },
460
	{ 0x1D4A3, 0x1D4A4 },
461
	{ 0x1D4A7, 0x1D4A8 },
462
	{ 0x1D4AD, 0x1D4AD },
463
	{ 0x1D4BA, 0x1D4BA },
464
	{ 0x1D4BC, 0x1D4BC },
465
	{ 0x1D4C4, 0x1D4C4 },
466
	{ 0x1D506, 0x1D506 },
467
	{ 0x1D50B, 0x1D50C },
468
	{ 0x1D515, 0x1D515 },
469
	{ 0x1D51D, 0x1D51D },
470
	{ 0x1D53A, 0x1D53A },
471
	{ 0x1D53F, 0x1D53F },
472
	{ 0x1D545, 0x1D545 },
473
	{ 0x1D547, 0x1D549 },
474
	{ 0x1D551, 0x1D551 },
475
	{ 0x1D6A6, 0x1D6A7 },
476
	{ 0x1D7CC, 0x1D7CD },
477
	{ 0x1D800, 0x1EDFF },
478
	{ 0x1EE04, 0x1EE04 },
479
	{ 0x1EE20, 0x1EE20 },
480
	{ 0x1EE23, 0x1EE23 },
481
	{ 0x1EE25, 0x1EE26 },
482
	{ 0x1EE28, 0x1EE28 },
483
	{ 0x1EE33, 0x1EE33 },
484
	{ 0x1EE38, 0x1EE38 },
485
	{ 0x1EE3A, 0x1EE3A },
486
	{ 0x1EE3C, 0x1EE41 },
487
	{ 0x1EE43, 0x1EE46 },
488
	{ 0x1EE48, 0x1EE48 },
489
	{ 0x1EE4A, 0x1EE4A },
490
	{ 0x1EE4C, 0x1EE4C },
491
	{ 0x1EE50, 0x1EE50 },
492
	{ 0x1EE53, 0x1EE53 },
493
	{ 0x1EE55, 0x1EE56 },
494
	{ 0x1EE58, 0x1EE58 },
495
	{ 0x1EE5A, 0x1EE5A },
496
	{ 0x1EE5C, 0x1EE5C },
497
	{ 0x1EE5E, 0x1EE5E },
498
	{ 0x1EE60, 0x1EE60 },
499
	{ 0x1EE63, 0x1EE63 },
500
	{ 0x1EE65, 0x1EE66 },
501
	{ 0x1EE6B, 0x1EE6B },
502
	{ 0x1EE73, 0x1EE73 },
503
	{ 0x1EE78, 0x1EE78 },
504
	{ 0x1EE7D, 0x1EE7D },
505
	{ 0x1EE7F, 0x1EE7F },
506
	{ 0x1EE8A, 0x1EE8A },
507
	{ 0x1EE9C, 0x1EEA0 },
508
	{ 0x1EEA4, 0x1EEA4 },
509
	{ 0x1EEAA, 0x1EEAA },
510
	{ 0x1EEBC, 0x1EEEF },
511
	{ 0x1EEF2, 0x1EFFF },
512
	{ 0x1F02C, 0x1F02F },
513
	{ 0x1F094, 0x1F09F },
514
	{ 0x1F0AF, 0x1F0B0 },
515
	{ 0x1F0BF, 0x1F0C0 },
516
	{ 0x1F0D0, 0x1F0D0 },
517
	{ 0x1F0E0, 0x1F0FF },
518
	{ 0x1F10B, 0x1F10F },
519
	{ 0x1F12F, 0x1F12F },
520
	{ 0x1F16C, 0x1F16F },
521
	{ 0x1F19B, 0x1F1E5 },
522
	{ 0x1F203, 0x1F20F },
523
	{ 0x1F23B, 0x1F23F },
524
	{ 0x1F249, 0x1F24F },
525
	{ 0x1F252, 0x1F2FF },
526
	{ 0x1F321, 0x1F32F },
527
	{ 0x1F336, 0x1F336 },
528
	{ 0x1F37D, 0x1F37F },
529
	{ 0x1F394, 0x1F39F },
530
	{ 0x1F3C5, 0x1F3C5 },
531
	{ 0x1F3CB, 0x1F3DF },
532
	{ 0x1F3F1, 0x1F3FF },
533
	{ 0x1F43F, 0x1F43F },
534
	{ 0x1F441, 0x1F441 },
535
	{ 0x1F4F8, 0x1F4F8 },
536
	{ 0x1F4FD, 0x1F4FF },
537
	{ 0x1F53E, 0x1F53F },
538
	{ 0x1F544, 0x1F54F },
539
	{ 0x1F568, 0x1F5FA },
540
	{ 0x1F641, 0x1F644 },
541
	{ 0x1F650, 0x1F67F },
542
	{ 0x1F6C6, 0x1F6FF },
543
	{ 0x1F774, 0x1FFFD },
544
	{ 0x2A6D7, 0x2A6FF },
545
	{ 0x2A701, 0x2B733 },
546
	{ 0x2B735, 0x2B73F },
547
	{ 0x2B741, 0x2B81C },
548
	{ 0x2B81E, 0x2F7FF },
549
	{ 0x2FA1E, 0x2FFFD },
550
	{ 0x30000, 0x3FFFD },
551
	{ 0x40000, 0x4FFFD },
552
	{ 0x50000, 0x5FFFD },
553
	{ 0x60000, 0x6FFFD },
554
	{ 0x70000, 0x7FFFD },
555
	{ 0x80000, 0x8FFFD },
556
	{ 0x90000, 0x9FFFD },
557
	{ 0xA0000, 0xAFFFD },
558
	{ 0xB0000, 0xBFFFD },
559
	{ 0xC0000, 0xCFFFD },
560
	{ 0xD0000, 0xDFFFD },
561
	{ 0xE0000, 0xE0000 },
562
	{ 0xE0002, 0xE001F },
563
	{ 0xE0080, 0xE00FF },
564
	{ 0xE01F0, 0xEFFFD },
565
};
566
567
/* RFC3454 Table B.1 */
568
static const struct u32_range map_to_nothing[] = {
569
	{ 0x00AD, 0x00AD },
570
	{ 0x034F, 0x034F },
571
	{ 0x1806, 0x1806 },
572
	{ 0x180B, 0x180D },
573
	{ 0x200B, 0x200D },
574
	{ 0x2060, 0x2060 },
575
	{ 0xFE00, 0xFE0F },
576
	{ 0xFEFF, 0xFEFF },
577
};
578
579
/* Local: allow tab, CR and LF */
580
static const struct u32_range whitelist[] = {
581
	{ 0x09, 0x00 },
582
	{ 0x0a, 0x0a },
583
	{ 0x0d, 0x0d },
584
};
585
586
/* RFC3454 Tables in appendix C */
587
static const struct u32_range prohibited[] = {
588
	/* C.2.1 ASCII control characters */
589
	{ 0x0000, 0x001F },
590
	{ 0x007F, 0x007F },
591
	/* C.2.2 Non-ASCII control characters */
592
	{ 0x0080, 0x009F },
593
	{ 0x06DD, 0x06DD },
594
	{ 0x070F, 0x070F },
595
	{ 0x180E, 0x180E },
596
	{ 0x200C, 0x200C },
597
	{ 0x200D, 0x200D },
598
	{ 0x2028, 0x2028 },
599
	{ 0x2029, 0x2029 },
600
	{ 0x2060, 0x2060 },
601
	{ 0x2061, 0x2061 },
602
	{ 0x2062, 0x2062 },
603
	{ 0x2063, 0x2063 },
604
	{ 0x206A, 0x206F },
605
	{ 0xFEFF, 0xFEFF },
606
	{ 0xFFF9, 0xFFFC },
607
	{ 0x1D173, 0x1D17A },
608
	/* C.3 Private use */
609
	{ 0xE000, 0xF8FF },
610
	{ 0xF0000, 0xFFFFD },
611
	{ 0x100000, 0x10FFFD },
612
	/* C.4 Non-character code points */
613
	{ 0xFDD0, 0xFDEF },
614
	{ 0xFFFE, 0xFFFF },
615
	{ 0x1FFFE, 0x1FFFF },
616
	{ 0x2FFFE, 0x2FFFF },
617
	{ 0x3FFFE, 0x3FFFF },
618
	{ 0x4FFFE, 0x4FFFF },
619
	{ 0x5FFFE, 0x5FFFF },
620
	{ 0x6FFFE, 0x6FFFF },
621
	{ 0x7FFFE, 0x7FFFF },
622
	{ 0x8FFFE, 0x8FFFF },
623
	{ 0x9FFFE, 0x9FFFF },
624
	{ 0xAFFFE, 0xAFFFF },
625
	{ 0xBFFFE, 0xBFFFF },
626
	{ 0xCFFFE, 0xCFFFF },
627
	{ 0xDFFFE, 0xDFFFF },
628
	{ 0xEFFFE, 0xEFFFF },
629
	{ 0xFFFFE, 0xFFFFF },
630
	{ 0x10FFFE, 0x10FFFF },
631
	/* C.5 Surrogate codes */
632
	{ 0xD800, 0xDFFF },
633
	/* C.6 Inappropriate for plain text */
634
	{ 0xFFF9, 0xFFF9 },
635
	{ 0xFFFA, 0xFFFA },
636
	{ 0xFFFB, 0xFFFB },
637
	{ 0xFFFC, 0xFFFC },
638
	{ 0xFFFD, 0xFFFD },
639
	/* C.7 Inappropriate for canonical representation */
640
	{ 0x2FF0, 0x2FFB },
641
	/* C.8 Change display properties or are deprecated */
642
	{ 0x0340, 0x0340 },
643
	{ 0x0341, 0x0341 },
644
	{ 0x200E, 0x200E },
645
	{ 0x200F, 0x200F },
646
	{ 0x202A, 0x202A },
647
	{ 0x202B, 0x202B },
648
	{ 0x202C, 0x202C },
649
	{ 0x202D, 0x202D },
650
	{ 0x202E, 0x202E },
651
	{ 0x206A, 0x206A },
652
	{ 0x206B, 0x206B },
653
	{ 0x206C, 0x206C },
654
	{ 0x206D, 0x206D },
655
	{ 0x206E, 0x206E },
656
	{ 0x206F, 0x206F },
657
	/* C.9 Tagging characters */
658
	{ 0xE0001, 0xE0001 },
659
	{ 0xE0020, 0xE007F },
660
};
661
(-)utf8_stringprep.c (+229 lines)
Line 0 Link Here
1
/*
2
 * Copyright (c) 2013 Damien Miller <djm@mindrot.org>
3
 *
4
 * Permission to use, copy, modify, and distribute this software for any
5
 * purpose with or without fee is hereby granted, provided that the above
6
 * copyright notice and this permission notice appear in all copies.
7
 *
8
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15
 */
16
17
/*
18
 * This is a simple RFC3454 stringprep profile to sanitise UTF-8 strings
19
 * from untrusted sources.
20
 *
21
 * It is intended to be used prior to display of untrusted strings only.
22
 * It should not be used for logging because of bi-di ambiguity. It
23
 * should also not be used in any case where lack of normalisation may
24
 * cause problems.
25
 *
26
 * This profile uses the prohibition and mapping tables from RFC3454
27
 * (listed below) but the unassigned character table has been updated to
28
 * Unicode 6.2. It uses a local whitelist of whitespace characters (\n,
29
 * \a and \t). Unicode normalisation and bi-di testing are not used.
30
 *
31
 * XXX: implement bi-di handling (needed for logs)
32
 * XXX: implement KC normalisation (needed for passing to libs/syscalls)
33
 */
34
35
#include <sys/types.h>
36
#include <stdio.h>
37
#include <stdlib.h>
38
#include <string.h>
39
#include <limits.h>
40
#include <ctype.h>
41
42
#include "misc.h"
43
44
struct u32_range {
45
	u_int32_t lo, hi;  /* Inclusive */
46
};
47
48
#include "stringprep-tables.c"
49
50
/* Returns 1 if code 'c' appears in the table or 0 otherwise */
51
static int
52
code_in_table(u_int32_t c, const struct u32_range *table, size_t tlen)
53
{
54
	const struct u32_range *e, *end = (void *)(tlen + (char *)table);
55
56
	for (e = table; e < end; e++) {
57
		if (c >= e->lo && c <= e->hi)
58
			return 1;
59
	}
60
	return 0;
61
}
62
63
/*
64
 * Decode the next valid UCS character from a UTF-8 string, skipping past bad
65
 * codes. Returns the decoded character or 0 for end-of-string and updates
66
 * nextc to point to the start of the next character (if any).
67
 * had_error is set if an invalid code was encountered.
68
 */
69
static u_int32_t
70
decode_utf8(const char *in, const char **nextc, int *had_error)
71
{
72
	int state = 0;
73
	size_t i;
74
	u_int32_t c, e;
75
76
	e = c = 0;
77
	for (i = 0; in[i] != '\0'; i++) {
78
		e = (u_char)in[i];
79
		/* Invalid code point state */
80
		if (state == -1) {
81
			/*
82
			 * Continue eating continuation characters until
83
			 * a new start character comes along.
84
			 */
85
			if ((e & 0xc0) == 0x80)
86
				continue;
87
			state = 0;
88
		}
89
90
		/* New code point state */
91
		if (state == 0) {
92
			if ((e & 0x80) == 0) { /* 7 bit code */
93
				c = e & 0x7f;
94
				goto have_code;
95
			} else if ((e & 0xe0) == 0xc0) { /* 11 bit code point */
96
				state = 1;
97
				c = (e & 0x1f) << 6;
98
			} else if ((e & 0xf0) == 0xe0) { /* 16 bit code point */
99
				state = 2;
100
				c = (e & 0xf) << 12;
101
			} else if ((e & 0xf8) == 0xf0) { /* 21 bit code point */
102
				state = 3;
103
				c = (e & 0x7) << 18;
104
			} else {
105
				/* A five or six byte header, or 0xff */
106
				goto bad_encoding;
107
			}
108
			/*
109
			 * Check that the header byte has some non-zero data
110
			 * after masking off the length marker. If not it is
111
			 * an invalid encoding.
112
			 */
113
			if (c == 0) {
114
 bad_encoding:
115
				c = 0;
116
				state = -1;
117
				if (had_error != NULL)
118
					*had_error = 1;
119
			}
120
			continue;
121
		}
122
123
		/* Sanity check: should never happen */
124
		if (state < 1 || state > 5) {
125
			*nextc = NULL;
126
			if (had_error != NULL)
127
				*had_error = 1;
128
			return 0;
129
		}
130
		/* Multibyte code point state */
131
		state--;
132
		c |= (e & 0x3f) << (state * 6);	
133
		if (state > 0)
134
			continue;
135
136
		/* RFC3629 bans codepoints > U+10FFFF */
137
		if (c > 0x10FFFF) {
138
			if (had_error != NULL)
139
				*had_error = 1;
140
			continue;
141
		}
142
 have_code:
143
		*nextc = in + i + 1;
144
		return c;
145
	}
146
	if (state != 0 && had_error != NULL)
147
		*had_error = 1;
148
	*nextc = in + i;
149
	return 0;
150
}
151
152
/*
153
 * Attempt to encode a UCS character as a UTF-8 sequence. Returns the number
154
 * of characters used or -1 on error (insufficient space or bad code).
155
 */
156
static int
157
encode_utf8(u_int32_t c, char *s, size_t slen)
158
{
159
	size_t i, need;
160
	u_char h;
161
162
	if (c < 0x80) {
163
		if (slen >= 1) {
164
			s[0] = (char)c;
165
		}
166
		return 1;
167
	} else if (c < 0x800) {
168
		need = 2;
169
		h = 0xc0;
170
	} else if (c < 0x10000) {
171
		need = 3;
172
		h = 0xe0;
173
	} else if (c < 0x200000) {
174
		need = 4;
175
		h = 0xf0;
176
	} else {
177
		/* Invalid code point > U+10FFFF */
178
		return -1;
179
	}
180
	if (need > slen)
181
		return -1;
182
	for (i = 0; i < need; i++) {
183
		s[i] = (i == 0 ? h : 0x80);
184
		s[i] |= (c >> (need - i - 1) * 6) & 0x3f;
185
	}
186
	return need;
187
}
188
189
190
/*
191
 * Normalise a UTF-8 string using the RFC3454 stringprep algorithm.
192
 * Returns 0 on success or -1 on failure (prohibited code or insufficient
193
 * length in the output string.
194
 * Requires an output buffer at most the same length as the input.
195
 */
196
int
197
utf8_stringprep(const char *in, char *out, size_t olen)
198
{
199
	int r;
200
	size_t o;
201
	u_int32_t c;
202
203
	if (olen < 1)
204
		return -1;
205
206
	for (o = 0; (c = decode_utf8(in, &in, NULL)) != 0;) {
207
		/* Mapping */
208
		if (code_in_table(c, map_to_nothing, sizeof(map_to_nothing)))
209
			continue;
210
211
		/* Prohibitied output */
212
		if (code_in_table(c, prohibited, sizeof(prohibited)) &&
213
		    !code_in_table(c, whitelist, sizeof(whitelist)))
214
			return -1;
215
216
		/* Map unassigned code points to U+FFFD */
217
		if (code_in_table(c, unassigned, sizeof(unassigned)))
218
			c = 0xFFFD;
219
220
		/* Encode the character */
221
		r = encode_utf8(c, out + o, olen - o - 1);
222
		if (r < 0)
223
			return -1;
224
		o += r;
225
	}
226
	out[o] = '\0';
227
	return 0;
228
}
229

Return to bug 2058