From: Theo Buehler Subject: Re: rpki-client: check for duplicate file names and hashes in manifests To: Job Snijders Cc: tech@openbsd.org Date: Tue, 13 Feb 2024 14:22:53 +0100 On Tue, Feb 13, 2024 at 01:12:16PM +0000, Job Snijders wrote: > On Tue, Feb 13, 2024 at 01:59:07PM +0100, Theo Buehler wrote: > > This checks for duplicates among file names and hashes in the > > FileAndHash list of a manifest. The check is of course not entirely > > free, but I think acceptable: on a modernish machine this adds well > > below 1s overhead on the total runtime. > > > > For the two largest manifests with roughly 20k entries, the function > > takes 15ms on my m1 mini. The vast majority (>99%) of manifests has > > fewer than 32 entries for which the check is a couple dozen us on a > > slow m1 core. > > I haven't tested it yet but while there, might make sense to flip the > order of this check and the strndup()? I think the strndup() should remain grouped with the valid_mft_filename() check and I see no real reason to move it. In my mind, the current order makes sense as it is and it matches the way things are described in RFC 9286. First deal with the file name, then with the hash. With your diff you do something with the name, then something with the hash, then something with the name, then again something with the hash for CRLs. That's a bit strange.