Message189280
If the name in the certificate contains many "*" characters, matching the compiled regular expression against the host name can take a very long time. Certificate validation happens before host name checking, so I think this is a minor issue only because it can only be triggered in cooperation with a CA (which seems unlikely).
The fix is to limit the number of "*" wildcards to a reasonable maximum (perhaps even 1). |
|
Date |
User |
Action |
Args |
2013-05-15 10:25:06 | fweimer | set | recipients:
+ fweimer |
2013-05-15 10:25:06 | fweimer | set | messageid: <1368613506.72.0.090501566592.issue17980@psf.upfronthosting.co.za> |
2013-05-15 10:25:06 | fweimer | link | issue17980 messages |
2013-05-15 10:25:06 | fweimer | create | |
|