[linux-elitists] Surveillance

Andy Bennett andyjpb at ashurst.eu.org
Wed Sep 11 05:49:56 PDT 2013


Hi,

>> In the case of the much-ballyhooed inadvertent sabotaging of the RNG in
>> the Debian/Ubuntu OpenSSL package[1], I think many commentators don't
>> sufficiently appreciate just how bad the spaghetti-code problem in
>> upstream OpenSSL is.
> 
> I once had to dig into the OpenSSL source to figure out a particular API
> behaviour that was pooly documented.
> 
> "Unpleasant" doesn't begin to describe the experience.

Yes... I was fishing in there the other day trying to work out how it
did buffering. In the end I just buffered in my application and let it
make a packet (and corresponding SSL context) every time I called its API.

:-(





Regards,
@ndy

-- 
andyjpb at ashurst.eu.org
http://www.ashurst.eu.org/
0x7EBA75FF



More information about the linux-elitists mailing list