added support for IP addresses in psl_is_cookie_domain_acceptable()

This commit is contained in:
Tim Rühsen 2014-08-19 17:46:36 +02:00 committed by Tim Ruehsen
parent 86621607ff
commit f95df36c08
2 changed files with 20 additions and 0 deletions

View File

@ -66,6 +66,7 @@
#include <alloca.h> #include <alloca.h>
#include <errno.h> #include <errno.h>
#include <langinfo.h> #include <langinfo.h>
#include <arpa/inet.h>
#ifdef WITH_LIBICU #ifdef WITH_LIBICU
# include <unicode/uversion.h> # include <unicode/uversion.h>
@ -883,6 +884,15 @@ const char *psl_get_version(void)
#endif #endif
} }
/* return whether hostname is an IP address or not */
static int _isip(const char *hostname)
{
struct in_addr addr;
struct in6_addr addr6;
return inet_pton(AF_INET, hostname, &addr) || inet_pton(AF_INET6, hostname, &addr6);
}
/** /**
* psl_is_cookie_domain_acceptable: * psl_is_cookie_domain_acceptable:
* @psl: PSL context pointer * @psl: PSL context pointer
@ -920,6 +930,9 @@ int psl_is_cookie_domain_acceptable(const psl_ctx_t *psl, const char *hostname,
if (!strcmp(hostname, cookie_domain)) if (!strcmp(hostname, cookie_domain))
return 1; /* an exact match is acceptable (and pretty common) */ return 1; /* an exact match is acceptable (and pretty common) */
if (_isip(hostname))
return 0; /* Hostname is an IP address and these must match fully (RFC 6265, 5.1.3) */
cookie_domain_length = strlen(cookie_domain); cookie_domain_length = strlen(cookie_domain);
hostname_length = strlen(hostname); hostname_length = strlen(hostname);

View File

@ -68,6 +68,13 @@ static void test_psl(void)
{ "www.example.com", "example.org", 0 }, { "www.example.com", "example.org", 0 },
{ "www.sa.gov.au", "sa.gov.au", 0 }, /* not accepted by normalization (PSL rule '*.ar') */ { "www.sa.gov.au", "sa.gov.au", 0 }, /* not accepted by normalization (PSL rule '*.ar') */
{ "www.educ.ar", "educ.ar", 1 }, /* PSL exception rule '!educ.ar' */ { "www.educ.ar", "educ.ar", 1 }, /* PSL exception rule '!educ.ar' */
/* RFC6265 5.1.3: Having IP addresses, request and domain IP must be identical */
{ "192.1.123.2", ".1.123.2", 0 }, /* IPv4 address, partial match */
{ "192.1.123.2", "192.1.123.2", 1 }, /* IPv4 address, full match */
{ "::1", "::1", 1 }, /* IPv6 address, full match */
{ "2a00:1450:4013:c01::8b", ":1450:4013:c01::8b", 0 }, /* IPv6 address, partial match */
{ "::ffff:192.1.123.2", "::ffff:192.1.123.2", 1 }, /* IPv6 address dotted-quad, full match */
{ "::ffff:192.1.123.2", ".1.123.2", 0 }, /* IPv6 address dotted-quad, partial match */
}; };
unsigned it; unsigned it;
psl_ctx_t *psl; psl_ctx_t *psl;