bzp2010 commented on code in PR #11305:
URL: https://github.com/apache/apisix/pull/11305#discussion_r1621952986
##########
apisix/ssl.lua:
##########
@@ -153,6 +159,9 @@ local function aes_decrypt_pkey(origin, field)
for _, aes_128_cbc_with_iv in ipairs(aes_128_cbc_with_iv_tbl) do
local decrypted = aes_128_cbc_with_iv:decrypt(decoded_key)
if decrypted then
Review Comment:
Basically, the current way is only clear of accumulated errors on the one
occasion when it finally succeeds, while errors to be thrown to Nginx if all
decryption were failures.
I think this should be acceptable? Maybe it's not necessary to clean up the
error every time? This nominally reduces some overheads, although they should
be negligibly less.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
