Author fweimer
Recipients fweimer
Date 2013-05-15.10:25:06
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1368613506.72.0.090501566592.issue17980@psf.upfronthosting.co.za>
In-reply-to
Content
If the name in the certificate contains many "*" characters, matching the compiled regular expression against the host name can take a very long time.  Certificate validation happens before host name checking, so I think this is a minor issue only because it can only be triggered in cooperation with a CA (which seems unlikely).

The fix is to limit the number of "*" wildcards to a reasonable maximum (perhaps even 1).
History
Date User Action Args
2013-05-15 10:25:06fweimersetrecipients: + fweimer
2013-05-15 10:25:06fweimersetmessageid: <1368613506.72.0.090501566592.issue17980@psf.upfronthosting.co.za>
2013-05-15 10:25:06fweimerlinkissue17980 messages
2013-05-15 10:25:06fweimercreate