On Mon, Mar 29, 2021 at 10:57:00AM +0900, Michael Paquier wrote:
> + switch (port->hba->clientcertname)
> + {
> + case clientCertDN:
> + peer_username = port->peer_dn;
> + break;
> + default:
> + peer_username = port->peer_cn;
> + }
>
> This does not need a "default". I think that you should use "case
> clientCertCN" instead here.
>
> + BIO_get_mem_ptr(bio, &bio_buf);
> No status checks? OpenSSL calls return 1 on success and 0 on failure,
> so I would check after <= 0 here.
>
> ++ if (port->hba->clientcertname == clientCertDN)
> ++ {
> ++ ereport(LOG,
> May be better to use a switch() here as well.
>
> It looks like this patch misses src/test/ssl/ssl/client-dn.crt,
> causing the SSL tests to fail.For the sake of the archives, this has been applied as of 6d7a6fe with all those nits from me addressed. -- Michael
signature.asc
Description: PGP signature
