[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Libidn 1.33 released

From: Simon Josefsson
Subject: Libidn 1.33 released
Date: Wed, 20 Jul 2016 19:58:45 +0200
User-agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.4 (gnu/linux)

GNU Libidn is a fully documented implementation of the Stringprep,
Punycode and IDNA specifications.  Libidn's purpose is to encode and
decode internationalized domain name strings.  There are native C, C#
and Java libraries.

Noteworthy changes since the last release (from NEWS file):

* Version 1.33 (released 2016-07-20) [beta]

** libidn: Fix out-of-bounds stack read in idna_to_ascii_4i.
See tests/tst_toascii64oob.c for regression check (and the comment in
it how to use it).  Reported by Hanno Böck <address@hidden>.

** idn: Solve out-of-bounds-read when reading one zero byte as input.
Also replaced fgets with getline.  Reported by Hanno Böck <address@hidden>.

** libidn: stringprep_utf8_nfkc_normalize reject invalid UTF-8.
It was always documented to only accept UTF-8 data, but now it doesn't
crash when presented with such data.  Reported by Hanno Böck.

** Dropped valgrind suppressions file, should no longer be needed.

** API and ABI is backwards compatible with the previous version.

The C library contains a generic Stringprep implementation.  Profiles
for Nameprep, iSCSI, SASL, XMPP and Kerberos V5 are included.  Punycode
and ASCII Compatible Encoding (ACE) via IDNA are supported.  A mechanism
to define Top-Level Domain (TLD) specific validation tables, and to
compare strings against those tables, is included.  Default tables for
some TLDs are also included.

The Stringprep API consists of two main functions, one for converting
data from the system's native representation into UTF-8, and one
function to perform the Stringprep processing.  Adding a new Stringprep
profile for your application within the API is straightforward.  The
Punycode API consists of one encoding function and one decoding
function.  The IDNA API consists of the ToASCII and ToUnicode functions,
as well as an high-level interface for converting entire domain names to
and from the ACE encoded form.  The TLD API consists of one set of
functions to extract the TLD name from a domain string, one set of
functions to locate the proper TLD table to use based on the TLD name,
and core functions to validate a string against a TLD table, and some
utility wrappers to perform all the steps in one call.

Libidn is developed for the GNU/Linux system, but runs on over 20 Unix
platforms (including Solaris, IRIX, AIX, and Tru64) and Windows.  The
library is written in C and (parts of) the API is also accessible from
C++, Emacs Lisp, Python and Java.  A native Java and C# port is

Also included is a command line tool, several self tests, code examples,
and more.

Improving Libidn is costly, but you can help!  We are looking for
organizations that find Libidn useful and wish to contribute back.  You
can contribute by reporting bugs, improve the software, or donate money
or equipment.

Commercial support contracts for Libidn are available, and they help
finance continued maintenance.  Simon Josefsson Datakonsult AB, a
Stockholm based privately held company, is currently funding Libidn
maintenance.  We are always looking for interesting development
projects.  See for more details.

The project page of the library is available at:

All manual formats are available from:

Specifically, the following formats are available.

The main manual: - HTML format - PDF format

API Reference manual: - GTK-DOC HTML - GTK-DOC PDF

Doxygen documentation: - HTML format - PDF format

JavaDoc output for the Java API:

If you need help to use Libidn, or want to help others, you are
invited to join our help-libidn mailing list, see:

Here are the compressed sources (3.4MB):

Here are GPG detached signatures:

Here are the SHA-1 and SHA-224 signatures:

57872fdc665dcc585e16f4ac0bb35374b1103f7e  libidn-1.33.tar.gz
b9e7a2d9affe8c423ba24ff2731c7bd7307530f1f67d3f4ace921fc8  libidn-1.33.tar.gz

We also provide Windows binaries built using MinGW-w64 with the build
script windows/, for 32-bit and 64-bit x86 architecures:

Here are the SHA-1 and SHA-224 signatures:



The software is cryptographically signed by the author using an OpenPGP
key identified by the following information:

pub   3744R/54265E8C 2014-06-22
      Key fingerprint = 9AA9 BDB1 1BB1 B99A 2128  5A33 0664 A769 5426 5E8C
uid                  Simon Josefsson <address@hidden>

The key is available from:

Code coverage, clang-analyzer output, and cyclomatic code complexity charts:

Happy hacking,

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]