Swift
summaryrefslogtreecommitdiffstats
path: root/Swiften/TLS/ServerIdentityVerifier.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften/TLS/ServerIdentityVerifier.cpp')
-rw-r--r--Swiften/TLS/ServerIdentityVerifier.cpp20
1 files changed, 15 insertions, 5 deletions
diff --git a/Swiften/TLS/ServerIdentityVerifier.cpp b/Swiften/TLS/ServerIdentityVerifier.cpp
index a908ad0..0608a03 100644
--- a/Swiften/TLS/ServerIdentityVerifier.cpp
+++ b/Swiften/TLS/ServerIdentityVerifier.cpp
@@ -10,11 +10,15 @@
#include <Swiften/Base/foreach.h>
-#include <Swiften/IDN/IDNA.h>
+#include <Swiften/IDN/IDNConverter.h>
namespace Swift {
-ServerIdentityVerifier::ServerIdentityVerifier(const JID& jid) {
+ServerIdentityVerifier::ServerIdentityVerifier(const JID& jid, IDNConverter* idnConverter) : domainValid(false) {
domain = jid.getDomain();
- encodedDomain = IDNA::getEncoded(domain);
+ boost::optional<std::string> domainResult = idnConverter->getIDNAEncoded(domain);
+ if (!!domainResult) {
+ encodedDomain = *domainResult;
+ domainValid = true;
+ }
}
@@ -22,4 +26,7 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) {
bool hasSAN = false;
+ if (certificate == NULL) {
+ return false;
+ }
// DNS names
std::vector<std::string> dnsNames = certificate->getDNSNames();
@@ -65,9 +72,12 @@ bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) {
bool ServerIdentityVerifier::matchesDomain(const std::string& s) const {
+ if (!domainValid) {
+ return false;
+ }
if (boost::starts_with(s, "*.")) {
std::string matchString(s.substr(2, s.npos));
std::string matchDomain = encodedDomain;
- int dotIndex = matchDomain.find('.');
- if (dotIndex >= 0) {
+ size_t dotIndex = matchDomain.find('.');
+ if (dotIndex != matchDomain.npos) {
matchDomain = matchDomain.substr(dotIndex + 1, matchDomain.npos);
}