sslutil: synchronize hostname matching logic with CPython sslutil contains its own hostname matching logic. CPython has code for the same intent. However, it is only available to Python 2.7.9+ (or distributions that have backported 2.7.9's ssl module improvements). This patch effectively imports CPython's hostname matching code from its ssl.py into sslutil.py. The hostname matching code itself is pretty similar. However, the DNS name matching code is much more robust and spec conformant. As the test changes show, this changes some behavior around wildcard handling and IDNA matching. The new behavior allows wildcards in the middle of words (e.g. 'f*.com' matches 'foo.com') This is spec compliant according to RFC 6125 Section 6.5.3 item 3. There is one test where the matcher is more strict. Before, '*.a.com' matched '.a.com'. Now it doesn't match. Strictly speaking this is a security vulnerability.

/*
 * Utility functions
 *
 * Copyright (c) 2011 Yuya Nishihara <yuya@tcha.org>
 *
 * This software may be used and distributed according to the terms of the
 * GNU General Public License version 2 or any later version.
 */

#ifndef UTIL_H_
#define UTIL_H_

#ifdef __GNUC__
#define PRINTF_FORMAT_ __attribute__((format(printf, 1, 2)))
#else
#define PRINTF_FORMAT_
#endif

void abortmsg(const char *fmt, ...) PRINTF_FORMAT_;
void abortmsgerrno(const char *fmt, ...) PRINTF_FORMAT_;

void enablecolor(void);
void enabledebugmsg(void);
void debugmsg(const char *fmt, ...) PRINTF_FORMAT_;

void fchdirx(int dirfd);
void fsetcloexec(int fd);
void *mallocx(size_t size);
void *reallocx(void *ptr, size_t size);

int runshellcmd(const char *cmd, const char *envp[], const char *cwd);

#endif  /* UTIL_H_ */