On Tue, May 13, 2014 at 06:44:18AM -0700, Todd Lyons wrote:
> Devs, if you have any outstanding bug entries, please push over the
> next two weeks to try and get as many of them knocked out as you can.
My $0.02. I only looked in detail at the change that adds fingerprint
operators. There are two potential issues to pay attention to:
- Do you really want a per-digest algorithm verb (md5, sha1,
sha256)? Or would it be better to have a "digest" verb with the
algorithm name as a parameter?
- The implementation adds an optional (void *) pointer and a type
to represent a certificate, but when this is used to compute
digests, there is no check that the type is as expected, the
value is unconditionally treated as a certificate if not NULL.
I think the code needs to be more future-proof.
--
Viktor.
