SSL structs and testing
Ian Bruene
ianbruene at gmail.com
Sun Mar 31 19:33:21 UTC 2019
Is there any particular reason why SSL structs need to be passed all
over the place to functions that do not depend on SSL itself?
The notable example here is nts_ke_do_recieve, which only uses the SSL
to pass to SSL_read. I don't see any obvious reason that couldn't be
done in the calling function and then pass the buffer instead as the
logic doesn't depend on SSL, but on the buffer. As it is now, writing
tests for many of the most important functions in the nts codebase is
difficult at best because they require setting up SSL, which means
faking a connection, which is already awkward and verbose in languages
that make for easy shimming, let alone C.
--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A
Man Chooses, a Slave Obeys."/ -- Andrew Ryan
/"Utopia cannot precede the Utopian. It will exist the moment we are fit
to occupy it."/ -- Sophia Lamb
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190331/4e2e8e07/attachment.html>
More information about the devel
mailing list