>-** may modify cn, so caller must pass a modifiable copy.
>+** This function may modify *cn, so caller must pass a modifiable copy.
Let's still call it cn instead of *cn. You're still using cn
in the other comments in this function.
Nit: The name of the environment variable should ideally
include CERT_NAME. Also note that the old code allows not
only shell-style wildcards but also unions (|), so WILDCARDS
doesn't completely describe what the old code allows.
>+ if (useShellExp) {
>+ /* Backward compatible code, uses full Regular Expressions. */
The comment says "regular expressions", but the environment
variable and static variable say "shell expressions". They
seem to contradict either other.
>+ if (wildcard && secondcndot && secondcndot[1] && firsthndot
Should we also require that secondcndot[1] != '.'?
>+ && PORT_Strrchr(cn, '*') == wildcard
Is it cheaper to test
&& PORT_Strchr(cn+1, '*') == NULL
instead?
>+ && !PORT_Strncasecmp(cn, hn, wildcard - cn)
I verified that if wildcard - cn is 0, PORT_Strncasecmp
returns the desired 0. The reason I checked this is that
for the similar function strncmp, the return value when the
third argument is 0 doesn't seem to be specified: http://www.opengroup.org/onlinepubs/000095399/functions/strncmp.html
>+ /* CN has no wildcard or shell expression.
Nit: use lowercase cn to match the parameter name.
(From update of attachment 366877)
r=wtc.
>-** may modify cn, so caller must pass a modifiable copy.
>+** This function may modify *cn, so caller must pass a modifiable copy.
Let's still call it cn instead of *cn. You're still using cn
in the other comments in this function.
Nit: The name of the environment variable should ideally
include CERT_NAME. Also note that the old code allows not
only shell-style wildcards but also unions (|), so WILDCARDS
doesn't completely describe what the old code allows.
>+ if (useShellExp) {
>+ /* Backward compatible code, uses full Regular Expressions. */
The comment says "regular expressions", but the environment
variable and static variable say "shell expressions". They
seem to contradict either other.
>+ if (wildcard && secondcndot && secondcndot[1] && firsthndot
Should we also require that secondcndot[1] != '.'?
>+ && PORT_Strrchr(cn, '*') == wildcard
Is it cheaper to test
&& PORT_Strchr(cn+1, '*') == NULL
instead?
>+ && !PORT_Strncasec mp(cn, hn, wildcard - cn)
I verified that if wildcard - cn is 0, PORT_Strncasecmp www.opengroup. org/onlinepubs/ 000095399/ functions/ strncmp. html
returns the desired 0. The reason I checked this is that
for the similar function strncmp, the return value when the
third argument is 0 doesn't seem to be specified:
http://
>+ /* CN has no wildcard or shell expression.
Nit: use lowercase cn to match the parameter name.