Hi, On 27/04/2021 13:03, Gert Doering wrote: > The existing code was doing far too much work for too little > gain - copying the string segment for scanf(), checking extra > for spaces, making the result quite unreadable. > > Verify each segment with (short-circuited) isxdigit() checks, > then feed directly to scanf(), which will stop parsing on ':' > or end-of-string. > > Rewrite error message to differentiate "hash too short" (including > number of bytes read) and "hash too long" (it did not terminate when > we had enough bytes). > > While at it, add an option printer for the resulting o->verify_hash > list to show_settings(). > > v2: > fix typo in commit message > appease whitespace dragon > add printing of verify_hash_algo and verify_hash_depth > print correct hash length for SHA1 certs > fix incorrect assignment to options->verify_hash_algo in c3a7065d5 >
Thanks for the changes :) > Signed-off-by: Gert Doering <g...@greenie.muc.de> Patch looks good and does what it says. Couldn't break it in any way. Compile tests passed. Basic tests on various broken/non-broken hex strings passed too. Acked-by: Antonio Quartulli <anto...@openvpn.net> Regards, -- Antonio Quartulli _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
