On Mon, 11 Jan 2021 15:04:03 GMT, Michael McMahon <micha...@openjdk.org> wrote:
>> Jayashree S Kumar has updated the pull request incrementally with one >> additional commit since the last revision: >> >> Incorporated changes suggested by Vyom in testcase > > Hi Jay, > Looking back to my original comment, I think I suggested that the fix should > account for multiple cname values (one for each IP address in the addresses > array). That is still my view. In other words, cname needs to be an array, > the same length as addresses (except in the case where the permission was > constructed using a wildcard - in that case it can continue as a single > value, ie the array would have length 1). > > Your solution here drops the caching aspect, and every time getCanonName() is > called it will do the DNS reverse lookup which could slow things down a lot. > Assuming that DNS always returns the same values but just in a different > order, then it should be possible to cache all the canonical names and do a > comparison across them all, without having to go back to DNS each time. > > - Michael. @Michael-Mc-Mahon: Please take a look at the above patch. Thanks! ------------- PR: https://git.openjdk.java.net/jdk/pull/1916