Simo Sorce
Simo Sorce
@slava please rebase this on top of master (do not use merge commits)
@thijskh I learned over time that policing admins is a defeating proposition. As long as the defaults are sane there is really no problem in giving admin foot guns, document...
We can't accept unsafe options by default of course, needs a gating switch
My httpd internals memories are a bit rusty in places, but are you moving the mutex from allocation on a global memory pool to a per-process pool ?
I guess the question is how thi affects the usage of the mutex, does it still remain a global mutex that all processes can reach? Or does this change open...
In that case I am ok with this, but I'd like another pair of eyes to take a look.
you can unconditionally add exp and nbf verification unless they are explicitly disabled in your api by passing verify_exp/nbf: False It generally never makes sense to skip that verification anyway...
If you have a specific need not covered by jwcrypto, feel free to open a feature request. I will have to think if letting aud to be optional is a...
Is it going to cause you any issue?
@alfonsrv can you please apply DCO and rebase on main ?