Merged in [19895] from jennifer@painless-security.com:

Look at v2 'title' attribute in reference type heuristics for XML drafts. Related to #3529. - Legacy-Id: 19897 Note: SVN reference [19895] has been migrated to Git commit ea79fe0dcc183bc5cd8b27da67865c300b9dce4e
2022-01-31 16:54:14 +00:00 · 2022-01-31 16:54:14 +00:00 · dd66187362
parent 5c0e5a3064
commit dd66187362
3 changed files with 49 additions and 1 deletions
--- a/ietf/utils/test_draft_with_references_v3.xml
+++ b/ietf/utils/test_draft_with_references_v3.xml
@ -149,5 +149,46 @@
                <seriesInfo name='DOI' value='10.17487/RFC1207'/>
            </reference>
        </references>
        <references title="Malformed Normative References">
            <!-- title attribute was for references title was removed for v3, but should be recognized -->
            <reference anchor='RFC4086' target='https://www.rfc-editor.org/info/rfc4086'>
                <front>
                    <title>Randomness Requirements for Security</title>
                    <author initials='D.' surname='Eastlake 3rd' fullname='D. Eastlake 3rd'>
                        <organization/>
                    </author>
                    <author initials='J.' surname='Schiller' fullname='J. Schiller'>
                        <organization/>
                    </author>
                    <author initials='S.' surname='Crocker' fullname='S. Crocker'>
                        <organization/>
                    </author>
                    <date year='2005' month='June'/>
                    <abstract>
                        <t>Security systems are built on strong cryptographic algorithms that foil pattern analysis
                            attempts. However, the security of these systems is dependent on generating secret
                            quantities for passwords, cryptographic keys, and similar quantities. The use of
                            pseudo-random processes to generate secret quantities can result in pseudo-security. A
                            sophisticated attacker may find it easier to reproduce the environment that produced the
                            secret quantities and to search the resulting small set of possibilities than to locate the
                            quantities in the whole of the potential number space.
                        </t>
                        <t>Choosing random quantities to foil a resourceful and motivated adversary is surprisingly
                            difficult. This document points out many pitfalls in using poor entropy sources or
                            traditional pseudo-random number generation techniques for generating such quantities. It
                            recommends the use of truly random hardware techniques and shows that the existing hardware
                            on many systems can be used for this purpose. It provides suggestions to ameliorate the
                            problem when a hardware solution is not available, and it gives examples of how large such
                            quantities need to be for some applications. This document specifies an Internet Best
                            Current Practices for the Internet Community, and requests discussion and suggestions for
                            improvements.
                        </t>
                    </abstract>
                </front>
                <seriesInfo name='BCP' value='106'/>
                <seriesInfo name='RFC' value='4086'/>
                <seriesInfo name='DOI' value='10.17487/RFC4086'/>
            </reference>
        </references>
    </back>
 </rfc>
--- a/ietf/utils/tests.py
+++ b/ietf/utils/tests.py
@ -463,6 +463,7 @@ class XMLDraftTests(TestCase):
                'rfc255': XMLDraft.REF_TYPE_INFORMATIVE,
                'bcp6': XMLDraft.REF_TYPE_INFORMATIVE,
                'rfc1207': XMLDraft.REF_TYPE_UNKNOWN,
                'rfc4086': XMLDraft.REF_TYPE_NORMATIVE,
            }
        )
--- a/ietf/utils/xmldraft.py
+++ b/ietf/utils/xmldraft.py
@ -77,12 +77,18 @@ class XMLDraft(Draft):
                return self.REF_TYPE_INFORMATIVE
        return self.REF_TYPE_UNKNOWN
    def _reference_section_name(self, section_elt):
        section_name = section_elt.findtext('name')
        if section_name is None and 'title' in section_elt.keys():
            section_name = section_elt.get('title')  # fall back to title if we have it
        return section_name
    def get_refs(self):
        """Extract references from the draft"""
        refs = {}
        # accept nested <references> sections
        for section in self.xmlroot.findall('back//references'):
-            ref_type = self._reference_section_type(section.findtext('name'))
+            ref_type = self._reference_section_type(self._reference_section_name(section))
            for ref in (section.findall('./reference') + section.findall('./referencegroup')):
                refs[self._document_name(ref.get('anchor'))] = ref_type
        return refs