Implement SLPCheckServiceUrlSyntax

Brought to you by: jcalcote

This project can now be found here.

#7 Implement SLPCheckServiceUrlSyntax

Status: open

Owner: nobody

Labels: None

Priority: 5

Updated: 2012-11-14

Created: 2011-12-08

Creator: Michal Srb

Private: No

Hi, current OpenSLP uses function SLPCheckServiceUrlSyntax containing this comment:

/*!@todo Do we actually need to do something here to ensure correct
* service-url syntax, or should we expect that it will be used
* by smart developers who know that ambiguities could be encountered
* if they don't?

It showed up that not all developers are smart enough - my customer uses some NetWare service that registers with incomplete service url causing slp clients to hang. Of course the clients and the service have to be fixed, but I think OpenSLP should not participate in spreading incorrect (and possibly malicious) urls.

I attached my suggestion of patch that checks if the beginning of the url (up to the ":/" string) is comforting with RFC 2609, section 2.1.

Discussion

Michal Srb - 2011-12-08

Implement SLPCheckServiceUrlSyntax to check beginning of service url.

openslp-checkurl.patch

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Implement SLPCheckServiceUrlSyntax

Group

Searches

Help

#7 Implement SLPCheckServiceUrlSyntax

Discussion