The error is originating in the libidn2 library. Interestingly, compiling against libidn1, that library doesn't flag the error.
Dnsmasq passes the input domain name to libidn so that it can be translated to punycode if it contains non-ascii characters. I guess the authors of libidn2 would consider this valid behaviour if you reported it as a bug. A possible solution in this case would be to use the untranslated name (maybe with a warning) if it fails the translation call. Cheers, Simon. On 12/01/2019 00:22, Tasnad Kernetzky wrote: > Hi all, > > I wanted to report a bug (at least we belieave it is one). We had a > short discussion over at the archlinux bugtracker > (https://bugs.archlinux.org/task/60366). > > In short: > >> echo 'address=/ab--c.example.com/#' | dnsmasq --test -C - > >> dnsmasq: error at line 1 of stdin > > Althoug the URL is "forbidden": > >> host 'ab--c.example.com' >> host: 'ab--c.example.com' is not a legal IDNA2008 name (string > contains forbidden two hyphens pattern), use +noidnin > > it would be nice to be able to block it. We ended up there, since the > filter list from > https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts started > to include these kinds of URLs. > > > My feeling is, that parsing the two dashes somehow fails. Interestingly, > adding one more character before the dashes does not trigger the bug: > >> echo 'address=/abb--c.example.com/#' | dnsmasq --test -C - > >> dnsmasq: syntax check OK. > > > Escaping (ab\-\-c.example.com) allows dnsmasq to start, but renders the > line ineffective. > > > Do you know about this and is it intended behaviour? > > > Regards, > > Tasnad > > > > _______________________________________________ > Dnsmasq-discuss mailing list > Dnsmasqfirstname.lastname@example.org > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss >
Description: OpenPGP digital signature
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasqemail@example.com http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss