On Fri, Jul 25, 2014 at 6:34 PM, Magnus Hagander <mag...@hagander.net> wrote:
> > I just took a very quick look at the code, and just noticed one thing: > > Why keep looping once you've found a match? When you set result=true > you should break; from the loop I think. Not necessarily for > performance, but there might be something about a different extension > we can't parse for example, no need to fail in that case. > The for loop header is for (i = 0; i < alt_names_total && !result; i++), so the loop should terminate right when the result becomes true, which happens if the pg_strcasecmp finds a match between the given dNSName and the name supplied by the client. > > Please add it to the next CF - this was just a very quick review, and > it needs a proper one along with openssl version testing :) > Done. Sincerely, -- Alexey Klyukin
