From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: Re: Fwd: [curl] Re: configure: --with-libidn or --with-libidn2? Date: Mon, 26 Dec 2016 12:35:51 -0500 Message-ID: <20161226173551.GA10684@jasmine> References: <87bmvylrk5.fsf@wasp.i-did-not-set--mail-host-address--so-tickle-me> <20161226170056.GB9351@jasmine> <87k2amty3p.fsf@wasp.i-did-not-set--mail-host-address--so-tickle-me> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:49351) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cLZC3-0000lV-5R for guix-devel@gnu.org; Mon, 26 Dec 2016 12:36:16 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cLZC0-0000bK-0g for guix-devel@gnu.org; Mon, 26 Dec 2016 12:36:15 -0500 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:44874) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cLZBz-0000ay-Qx for guix-devel@gnu.org; Mon, 26 Dec 2016 12:36:11 -0500 Content-Disposition: inline In-Reply-To: <87k2amty3p.fsf@wasp.i-did-not-set--mail-host-address--so-tickle-me> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: ng0 Cc: guix-devel@gnu.org On Mon, Dec 26, 2016 at 05:10:50PM +0000, ng0 wrote: > Leo Famulari writes: > > > On Mon, Dec 26, 2016 at 01:59:22PM +0000, ng0 wrote: > >> It seems as if curl can be build with libidn2 now and they have > >> addressed the bug which existed for a while. I will check with > >> upstream and send in a fix for our curl package once I am sure > >> that the old bug has been fixed. > > > > Which bug? > > > > In November 2016, the curl maintainers asked packagers to not link curl > > with libidn or libidn2 at all, due to security issues: > > > > https://curl.haxx.se/mail/lib-2016-11/0033.html > > > > Which has since then be fixed and in a recent (not in 7.52.1 > included) commit the --with-libidn2 option has been added. > > My understanding of libidn2 is that there were problems with some > usecases. For example a domain name like bäcker.de would give > problems to applications such as curl. Of course this was months > ago, and I would not trust my memory on this. I don't think this issue is fixed in a released version of libidn2. I see some unreleased changes in an unofficial 3rd-party libidn2 repository that appear to address the problem: https://gitlab.com/rockdaboot/libidn2/commit/1712c7188c367bb822aeb0a0f89735ebf4aa7d5a Specifically, "** Add TR46 / UTS#46 support to API and idn2 utility." I understand that to be the main blocker based on this curl discussion: https://curl.haxx.se/mail/lib-2016-11/0198.html Am I missing something?