--- /dev/null
+ o Minor features (client):
+ - Relax the validation done to hostnames in SOCKS5 requests, and allow
+ a single trailing '.' to cope with clients that pass FQDNs using that
+ syntax to explicitly indicate that the domain name is
+ fully-qualified. Fixes bug 16674; bugfix on 0.2.6.2-alpha.
break;
}
+ /* Allow a single terminating '.' used rarely to indicate domains
+ * are FQDNs rather than relative. */
+ if ((c_sl_idx > 0) && (c_sl_idx + 1 == c_sl_len) && !*c) {
+ continue;
+ }
+
do {
if ((*c >= 'a' && *c <= 'z') ||
(*c >= 'A' && *c <= 'Z') ||
// comply with a ~30 year old standard.
tt_assert(string_is_valid_hostname("core3_euw1.fabrik.nytimes.com"));
+ // Firefox passes FQDNs with trailing '.'s directly to the SOCKS proxy,
+ // which is redundant since the spec states DOMAINNAME addresses are fully
+ // qualified. While unusual, this should be tollerated.
+ tt_assert(string_is_valid_hostname("core9_euw1.fabrik.nytimes.com."));
+ tt_assert(!string_is_valid_hostname("..washingtonpost.is.better.com"));
+ tt_assert(!string_is_valid_hostname("so.is..ft.com"));
+ tt_assert(!string_is_valid_hostname("..."));
+
// XXX: do we allow single-label DNS names?
+ // We shouldn't for SOCKS (spec says "contains a fully-qualified domain name"
+ // but only test pathologically malformed traling '.' cases for now.
+ tt_assert(!string_is_valid_hostname("."));
+ tt_assert(!string_is_valid_hostname(".."));
done:
return;
projects / thirdparty / tor.git / commitdiff
