squid icon indicating copy to clipboard operation
squid copied to clipboard

Published 20 hours ago verified publisher icon squid-cache

GnuTLS: load and send X.509 certificate chains

Open yadij opened this issue 4 years ago • 3 comments

Feature parity with OpenSSL in terms of loading and validating a chain of X.509 intermediary certificates from a PEM file during configuration, and delivery of the resulting chain on TLS ServerHello handshakes.

yadij avatar May 25 '21 12:05 yadij

Replacement PR for #458

yadij avatar May 25 '21 12:05 yadij

Putting aside my dislike of the extra CPU cycles this API design creates from all the de-ref/re-ref taking I can accept your changes.

@rousskov This last push is simply a rebase to fix the code collision and github editors empty line removal. Over to you for final review.

yadij avatar Jan 18 '22 09:01 yadij

Putting aside my dislike of the extra CPU cycles this API design creates from all the de-ref/re-ref taking

What makes you think that these reference and dereference operations spend extra CPU cycles? At that low level, both pointers and references are just memory addresses to the compiler. The low-level CPU instructions are exactly the same, regardless of whether the memory is accessed via a raw pointer or a reference.

When used correctly, these never-nil and always-immutable pointers (called references) can make code safer, clearer, and faster. They do not cost anything extra in terms of CPU cycles.

rousskov avatar Jan 20 '22 20:01 rousskov