(community.letsencrypt.org)

314 points Bogdanp | 1 comments | 25 Jun 25 16:21 UTC | HN request time: 0s | source

Show context

timewizard ◴[25 Jun 25 18:11 UTC] No.44380241[source]▶

I've personally never felt comfortable using regexes to solve production problems. The certificate code referenced here shows why:

https://github.com/mozilla-firefox/firefox/blob/d5979c2a5c2e...

Yikes.

replies(3): >>44380967 #>>44381082 #>>44381215 #

cpburns2009 ◴[25 Jun 25 19:35 UTC] No.44381082[source]▶

>>44380241 #

All that regex does is split an IPv6 address into groups of 4 digits, joins them with ":", and collapses any sequence of ":0000:" to "::". I don't see anything problematic with it.

replies(1): >>44381405 #

timewizard ◴[25 Jun 25 20:13 UTC] No.44381405[source]▶

>>44381082 #

> and collapses any sequence of ":0000:" to "::"

Which is an error. Any ip like 2001:0000:0000::1 is going to be incorrect. It willingly produces errors. Whoever wrote this didn't even spend a few seconds thinking about the structure of IPv6 addresses.

> I don't see anything problematic with it.

Other than it being completely wrong and requiring a regex to be compiled for an amount of work that's certainly less than the compilation itself.

replies(4): >>44381780 #>>44381818 #>>44381852 #>>44384570 #

1. ranger_danger ◴[26 Jun 25 05:58 UTC] No.44384570[source]▶

>>44381405 #

> Any ip like 2001:0000:0000::1 is going to be incorrect

How so?

↑

Getting ready to issue IP address certificates