Loading changes/bug16674 0 → 100644 +5 −0 Original line number Diff line number Diff line o Minor features (client): - Relax the validation done to hostnames in SOCKS5 requests, and allow a single trailing '.' to cope with clients that pass FQDNs using that syntax to explicitly indicate that the domain name is fully-qualified. Fixes bug 16674; bugfix on 0.2.6.2-alpha. src/common/util.c +6 −0 Original line number Diff line number Diff line Loading @@ -1056,6 +1056,12 @@ string_is_valid_hostname(const char *string) break; } /* Allow a single terminating '.' used rarely to indicate domains * are FQDNs rather than relative. */ if ((c_sl_idx > 0) && (c_sl_idx + 1 == c_sl_len) && !*c) { continue; } do { if ((*c >= 'a' && *c <= 'z') || (*c >= 'A' && *c <= 'Z') || Loading src/test/test_util.c +12 −0 Original line number Diff line number Diff line Loading @@ -4285,7 +4285,19 @@ test_util_hostname_validation(void *arg) // comply with a ~30 year old standard. tt_assert(string_is_valid_hostname("core3_euw1.fabrik.nytimes.com")); // Firefox passes FQDNs with trailing '.'s directly to the SOCKS proxy, // which is redundant since the spec states DOMAINNAME addresses are fully // qualified. While unusual, this should be tollerated. tt_assert(string_is_valid_hostname("core9_euw1.fabrik.nytimes.com.")); tt_assert(!string_is_valid_hostname("..washingtonpost.is.better.com")); tt_assert(!string_is_valid_hostname("so.is..ft.com")); tt_assert(!string_is_valid_hostname("...")); // XXX: do we allow single-label DNS names? // We shouldn't for SOCKS (spec says "contains a fully-qualified domain name" // but only test pathologically malformed traling '.' cases for now. tt_assert(!string_is_valid_hostname(".")); tt_assert(!string_is_valid_hostname("..")); done: return; Loading Loading
changes/bug16674 0 → 100644 +5 −0 Original line number Diff line number Diff line o Minor features (client): - Relax the validation done to hostnames in SOCKS5 requests, and allow a single trailing '.' to cope with clients that pass FQDNs using that syntax to explicitly indicate that the domain name is fully-qualified. Fixes bug 16674; bugfix on 0.2.6.2-alpha.
src/common/util.c +6 −0 Original line number Diff line number Diff line Loading @@ -1056,6 +1056,12 @@ string_is_valid_hostname(const char *string) break; } /* Allow a single terminating '.' used rarely to indicate domains * are FQDNs rather than relative. */ if ((c_sl_idx > 0) && (c_sl_idx + 1 == c_sl_len) && !*c) { continue; } do { if ((*c >= 'a' && *c <= 'z') || (*c >= 'A' && *c <= 'Z') || Loading
src/test/test_util.c +12 −0 Original line number Diff line number Diff line Loading @@ -4285,7 +4285,19 @@ test_util_hostname_validation(void *arg) // comply with a ~30 year old standard. tt_assert(string_is_valid_hostname("core3_euw1.fabrik.nytimes.com")); // Firefox passes FQDNs with trailing '.'s directly to the SOCKS proxy, // which is redundant since the spec states DOMAINNAME addresses are fully // qualified. While unusual, this should be tollerated. tt_assert(string_is_valid_hostname("core9_euw1.fabrik.nytimes.com.")); tt_assert(!string_is_valid_hostname("..washingtonpost.is.better.com")); tt_assert(!string_is_valid_hostname("so.is..ft.com")); tt_assert(!string_is_valid_hostname("...")); // XXX: do we allow single-label DNS names? // We shouldn't for SOCKS (spec says "contains a fully-qualified domain name" // but only test pathologically malformed traling '.' cases for now. tt_assert(!string_is_valid_hostname(".")); tt_assert(!string_is_valid_hostname("..")); done: return; Loading
