Hi Rémi, On Wed, Nov 03, 2021 at 09:47:36AM +0100, Remi Tricot-Le Breton wrote: > Hello, > > On 02/11/2021 16:50, Willy Tarreau wrote: > > Tim, > > > > On Fri, Oct 29, 2021 at 06:06:55PM +0200, Tim Duesterhus wrote: > > > It is not useful to start a configuration where an invalid static string > > > is > > > provided as the JWT algorithm. Better make the administrator aware of the > > > suspected typo by failing to start. > > I'm hopeful that I can finally emit dev12 this evening as we think we've > > just nailed down the resolvers bugs. I'll wait for Rémi's ack for these > > ones as I'm really clueless about that are for now, but that will likely > > get merged in next one as that seems to look fine at first glance. > > Regarding the question about "unlikely()" for the 2nd patch, it wouldn't > > change anything given that most of the cost is already spent in the > > comparisons, the assignment is totally benign. > > > > > > The first patch is ok, it even fixes a mistake I made in the error message, > which did not tell which algorithm was wrong.
OK thanks, now merged. > As for the second one, it would have been easier to simply add a string > length comparison before the strcmp in my opinion. We would have had a one > line fix instead of a full conversion of strXXX calls into ist equivalents > (most of which worked fine thanks to the constant algorithm string length). I don't really care, what I need to know is what I should apply. If you think of a better (or simpler) fix that makes you more comfortable, just send it to me and I'll happily merge it. Otherwise if you think this one does the job appropriately, that's fine by me as well. Thanks, Willy
