p.mayers at imperial.ac.uk
Wed Sep 11 02:27:33 PDT 2013
On 09/10/2013 09:07 PM, Rick Moen wrote:
> In the case of the much-ballyhooed inadvertent sabotaging of the RNG in
> the Debian/Ubuntu OpenSSL package, I think many commentators don't
> sufficiently appreciate just how bad the spaghetti-code problem in
> upstream OpenSSL is.
I once had to dig into the OpenSSL source to figure out a particular API
behaviour that was pooly documented.
"Unpleasant" doesn't begin to describe the experience.
This is after accounting for the built-in ick (by virtue of a
predisposition for X.509) that accompanies all SSL/TLS code.
More information about the linux-elitists