SSL structs and testing
Ian Bruene
ianbruene at gmail.com
Mon Apr 1 04:52:44 UTC 2019
After staring at the code for long enough I see a number of natural
cleavage points for solving this issue. MR in a few days.
On 3/31/19 2:33 PM, Ian Bruene wrote:
>
> Is there any particular reason why SSL structs need to be passed all
> over the place to functions that do not depend on SSL itself?
>
> The notable example here is nts_ke_do_recieve, which only uses the SSL
> to pass to SSL_read. I don't see any obvious reason that couldn't be
> done in the calling function and then pass the buffer instead as the
> logic doesn't depend on SSL, but on the buffer. As it is now, writing
> tests for many of the most important functions in the nts codebase is
> difficult at best because they require setting up SSL, which means
> faking a connection, which is already awkward and verbose in languages
> that make for easy shimming, let alone C.
>
> --
> /"In the end; what separates a Man, from a Slave? Money? Power? No. A
> Man Chooses, a Slave Obeys."/ -- Andrew Ryan
>
> /"Utopia cannot precede the Utopian. It will exist the moment we are
> fit to occupy it."/ -- Sophia Lamb
>
--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A
Man Chooses, a Slave Obeys."/ -- Andrew Ryan
/"Utopia cannot precede the Utopian. It will exist the moment we are fit
to occupy it."/ -- Sophia Lamb
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190331/428e1d9d/attachment.html>
More information about the devel
mailing list