Hello,
On 02/11/2021 16:50, Willy Tarreau wrote:
Tim,
On Fri, Oct 29, 2021 at 06:06:55PM +0200, Tim Duesterhus wrote:
It is not useful to start a configuration where an invalid static string is
provided as the JWT algorithm. Better make the administrator aware of the
suspected typo by failing to start.
I'm hopeful that I can finally emit dev12 this evening as we think we've
just nailed down the resolvers bugs. I'll wait for Rémi's ack for these
ones as I'm really clueless about that are for now, but that will likely
get merged in next one as that seems to look fine at first glance.
Regarding the question about "unlikely()" for the 2nd patch, it wouldn't
change anything given that most of the cost is already spent in the
comparisons, the assignment is totally benign.
The first patch is ok, it even fixes a mistake I made in the error
message, which did not tell which algorithm was wrong.
As for the second one, it would have been easier to simply add a string
length comparison before the strcmp in my opinion. We would have had a
one line fix instead of a full conversion of strXXX calls into ist
equivalents (most of which worked fine thanks to the constant algorithm
string length).
Rémi
