Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent infinite loops from breaks certificate paths building #210

Merged
merged 3 commits into from Feb 9, 2017
Merged

Prevent infinite loops from breaks certificate paths building #210

merged 3 commits into from Feb 9, 2017

Conversation

jvehent
Copy link
Contributor

@jvehent jvehent commented Feb 9, 2017

Cross-signing in the web pki apparently contains a lot of infinite loops
that break the building of paths. This patch implement a simple []string
that contains the CNs of certs that have already been seen in the path,
to prevent the function from looping indefinitely.

@jvehent
Prevent infinite loops from breaks certificate paths building
13b6260 
Cross-signing in the web pki apparently contains a lot of infinite loops
that break the building of paths. This patch implement a simple []string
that contains the CNs of certs that have already been seen in the path,
to prevent the function from looping indefinitely.
autrilla
autrilla reviewed Feb 9, 2017
View reviewed changes
database/certificate.go Outdated
// GetCertPaths returns the various certificates paths from the current cert to roots.
// It takes a certificate as argument that will be used as the start of the path, and
// a genealogy slice that contains the list of known parents, to prevent looping. When
// first invoked, the genealogy variable should be an empty []string.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: I think the public API should not include the []string, since after all we're asking to pass an empty slice the first call. I think we should instead have a private recursive function and make the public function create the slice for the caller.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

@jvehent jvehent merged commit 42cec67 into master Feb 9, 2017
@jvehent jvehent deleted the genealogy branch February 9, 2017 17:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@autrilla autrilla autrilla approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jvehent @autrilla