[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] Overly permissive hostname matching

From: Jeffrey Walton
Subject: Re: [Bug-wget] Overly permissive hostname matching
Date: Thu, 20 Mar 2014 17:58:05 -0400

On Thu, Mar 20, 2014 at 5:52 PM, Tim Rühsen <address@hidden> wrote:
> Am Mittwoch, 19. März 2014, 10:59:05 schrieb Daniel Kahn Gillmor:
>> I'm imagining a C library API that has a public suffix list context
>> object that can do efficient lookups (however we define the lookups),
>> and the library would bundle a pre-compiled context, based on the
>> currently-known public suffix list.
>> something like:
>> ---------------
>> struct psl_ctx;
>> typedef struct psl_ctx * psl_ctx_t;
>> const psl_ctx_t psl_builtin;
>> psl_ctx_t psl_new_ctx_from_filename(const char* filename);
>> psl_ctx_t psl_new_ctx_from_fd(int fd);
>> void psl_free_ctx(psl_ctx_t ctx);
>> /*
>>   query forms, very rough draft -- do we need both?
>>   need to consider memory allocation responsibilities and
>>   DNS internationalization/canonicalization issues
>> */
>> const char* psl_get_public_suffix(const psl_ctx_t, const char* domain);
>> const char* psl_get_registered_domain(const psl_ctx_t, const char* d);
>> ---------------
> I broke out the public suffix code together and created a first go (really 
> very
> quick, distcheck fails - couldn't figure out this evening).
> https://github.com/rockdaboot/libpsl
> The first step was a psl_is_tld() function.
> There is a test case for some major things (wildcards, exceptions).
> I hope there will be some interest and some contributions...
Yes, I'd be interested. Especially since Angel pointed out failures in
my use of the PSL (the close-open failures are troubling to me).

I had a sidebar with one of the OpenSSL devs because OpenSSL is
cutting in hostname matching in version 1.0.2.

He shared a link to a IETF working group on the subject:


reply via email to

[Prev in Thread] Current Thread [Next in Thread]