[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#27809: libidn2 underscore stripping problem

From: Marius Bakke
Subject: bug#27809: libidn2 underscore stripping problem
Date: Tue, 25 Jul 2017 22:22:03 +0200
User-agent: Notmuch/0.24.2 (https://notmuchmail.org) Emacs/25.2.1 (x86_64-unknown-linux-gnu)

Leo Famulari <address@hidden> writes:

> It was recently reported that libidn2 can cause issues for domains whose
> names contain underscores, and maybe some other characters, too.  It
> matters to us because we build GnuTLS with libidn2.
> I'm not sure yet what the solution is for us. Help wanted!
> Original report:
> https://github.com/systemd/systemd/issues/6426
> libidn2 discussion:
> https://gitlab.com/libidn/libidn2/issues/30
> Upstream fix:
> https://gitlab.com/libidn/libidn2/commit/a5cbc16efd02adb78d2d082b21c3ac4d3fa88d2e

The commit refers to TR46 which is a Unicode standards document:


It appears the new IDNA processing rules disallow use of underscores in
domain names, which is in direct conflict with e.g. RFC2782[0].

Part of the confusion comes from the fact that underscores are indeed
disallowed in *hostnames* (as in A and AAAA records)[1].

So if libidn2 enforces STD3 compliance on *all* domain types (how can it
distinguish?), that is not good.

I'm not sure if it's worth grafting it until we have a real-world use
case however. Though we could consider swallowing the ~2300 rebuilds in
the next staging round for the new version which contains the fix.

[0] https://tools.ietf.org/html/rfc2782
[1] https://tools.ietf.org/html/rfc1123#section-2

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]