| From: | Alexey Klyukin <alexk(at)hintbits(dot)com> |
|---|---|
| To: | Magnus Hagander <magnus(at)hagander(dot)net> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: implement subject alternative names support for SSL connections |
| Date: | 2014-07-25 17:15:27 |
| Message-ID: | CAAS3tyLaRaMVYMuZ62MQNxZ0r0xFB+kyf7sreyjcOM_Gyd0_aQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Jul 25, 2014 at 6:34 PM, Magnus Hagander <magnus(at)hagander(dot)net>
wrote:
>
> I just took a very quick look at the code, and just noticed one thing:
>
> Why keep looping once you've found a match? When you set result=true
> you should break; from the loop I think. Not necessarily for
> performance, but there might be something about a different extension
> we can't parse for example, no need to fail in that case.
>
The for loop header is for (i = 0; i < alt_names_total && !result; i++), so
the loop
should terminate right when the result becomes true, which happens if the
pg_strcasecmp
finds a match between the given dNSName and the name supplied by the client.
>
> Please add it to the next CF - this was just a very quick review, and
> it needs a proper one along with openssl version testing :)
>
Done.
Sincerely,
--
Alexey Klyukin
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2014-07-25 17:20:32 | Re: implement subject alternative names support for SSL connections |
| Previous Message | Magnus Hagander | 2014-07-25 16:34:00 | Re: implement subject alternative names support for SSL connections |