[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget
From: |
Darshit Shah |
Subject: |
Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget |
Date: |
Fri, 6 Jun 2014 13:39:32 +0530 |
I'm facing an issue with the patch I submitted for libpsl and would be
glad if someone could help me.
The configure.ac file does not work as expected. When libpsl is not
installed on a system, the LDFLAGS does not contain -lpsl flag, but
the configure summary shows LIBPSL: Yes.
There is some discrepency in the output that I'd like to fix. The
build completes successfully because the HAVE_LIBPSL variable isn't
set, and Wget compiles without libpsl support. This should however
happen only when --without-libpsl was explicitly specified as a
configure option.
On Thu, Jun 5, 2014 at 4:24 PM, Darshit Shah <address@hidden> wrote:
> On Thu, Jun 5, 2014 at 4:16 PM, Tim Ruehsen <address@hidden> wrote:
>> On Thursday 05 June 2014 15:27:21 Darshit Shah wrote:
>>> Tim,
>>>
>>> As the author of libpsl, I'm waiting on you to ACK this, so we can merge.
>>
>> Sorry for letting you wait, Darshit.
> Sure, no issues.
>>
>> The patch looks good to me though i am not able to test it right now. But i
>> am
>> sure, you did it already ;-)
>> Not correctly checking the cookie domain is a real life security thread (if
>> cookies are enabled by the Wget user). So merging the patch today is better
>> than doing it tomorrow...
> Pushed!
> Yes, I did check the patch for issues on my own.
>>
>> I would like to see test catching 'super-cookies' (IDNA and non-IDNA). But
>> that can be done in a second patch and should not delay the merge.
>>
> Let's see, I'll try and add some tests.
>
>> Not sure about using pkg-config in Wget's configure.ac. That would be an
>> option for detecting libpsl (and other libs as well, I guess). We can work
>> also on that later if there are no complaints against that.
>>
> I'm not sure about using pkg-config. I don't know much about it and
> cannot comment on it right now.
>
>> I am just now working on a V0.3.0 release of libpsl that should satisfy dkg's
>> requirements for a Debian package. So I hope to see libpsl in Debian in the
>> near future.
>> BTW, the new release will use libicu (if found) instead of idn2 utility to
>> generate the built-in PSL data. The difference is that libicu seems to be
>> more
>> common than idn2, e.g. Darshit had to package idn2 for Arch Linux.
>>
> That's great. Yes, having a package that is in the official
> repositories will be much easier. I'm following the development and
> will keep the Arch Linux package up to date with the latest releases.
>
>> Again, many thanks for working on the patch, Darshit !
> Sure.
>>
>> Tim
>>
>>>
>>> On Wed, Jun 4, 2014 at 4:30 PM, Giuseppe Scrivano <address@hidden>
>> wrote:
>>> > Darshit Shah <address@hidden> writes:
>>> >> From 5b25217ecf6eb1897d769f2ee0aa5e922e6cbff4 Mon Sep 17 00:00:00 2001
>>> >> From: Darshit Shah <address@hidden>
>>> >> Date: Fri, 30 May 2014 22:10:12 +0530
>>> >> Subject: [PATCH] Support libpsl for cookie domain checking
>>> >>
>>> >> ---
>>> >>
>>> >> ChangeLog | 5 +++++
>>> >> NEWS | 2 ++
>>> >> README.checkout | 44 ++++++++++++++++++++++++--------------------
>>> >> configure.ac | 11 +++++++++++
>>> >> src/ChangeLog | 6 +++++-
>>> >> src/build_info.c.in | 1 +
>>> >> src/cookies.c | 24 +++++++++++++++++++-----
>>> >> 7 files changed, 67 insertions(+), 26 deletions(-)
>>> >
>>> > seems correct to me.
>>> >
>>> > ACK
>>> >
>>> > Regards,
>>> > Giuseppe
>>
>
>
>
> --
> Thanking You,
> Darshit Shah
--
Thanking You,
Darshit Shah
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/01
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Rühsen, 2014/06/01
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/03
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Giuseppe Scrivano, 2014/06/04
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/05
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Ruehsen, 2014/06/05
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/05
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget,
Darshit Shah <=
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Giuseppe Scrivano, 2014/06/06
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/07
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Rühsen, 2014/06/11
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Rühsen, 2014/06/11
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/11
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Rühsen, 2014/06/12
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Giuseppe Scrivano, 2014/06/12
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Darshit Shah, 2014/06/12
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Rühsen, 2014/06/12
- Re: [Bug-wget] [bug-wget] Libpsl for cookie domain checking in Wget, Tim Rühsen, 2014/06/12