This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: New version of the libidn2 patch
- From: Zack Weinberg <zackw at panix dot com>
- To: Florian Weimer <fweimer at redhat dot com>
- Cc: GNU C Library <libc-alpha at sourceware dot org>
- Date: Sun, 1 Apr 2018 15:17:29 -0400
- Subject: Re: New version of the libidn2 patch
- References: <8052b0b3-7a93-700b-6544-7384e6a24526@redhat.com> <750b6e34-3317-0446-d62f-a503887276c1@redhat.com>
On Sun, Apr 1, 2018 at 2:54 PM, Florian Weimer <fweimer@redhat.com> wrote:
> On 03/15/2018 11:03 PM, Florian Weimer wrote:
>>
>> For some reason, libidn2 does not fail the conversion, but uses the
>> replacement character '?' for unencodable characters. This will have to be
>> fixed in libidn2 eventually.>
>
> This has now been fixed in upstream libidn2.
I don't think I can comment usefully on any of the code changes but I
have some concerns about the behavior in some of the failure cases.
Most importantly, I don't understand exactly what we do if the
application calls getaddrinfo, passing AI_IDN, with a name that would
be changed by punycoding it, but libidn2 is not available. The NEWS
makes it sound like we might transmit a raw non-ASCII name to the DNS
server in that case, and I think we shouldn't do that.
(The analogous NI_IDN case doesn't concern me -- a punycoded DNS name
is still a valid DNS name according to legacy parsers; the worst it
could do is confuse a human who hasn't heard of IDN, and searching for
"xn--" will bring a clue.)
I also wonder if we shouldn't somehow detect and refuse to use
versions of libidn2 without all the necessary bugfixes.
zw