After staring at the code for long enough I see a number of natural
cleavage points for solving this issue. MR in a few days.
On 3/31/19 2:33 PM, Ian Bruene wrote:
Is there any particular reason why SSL structs need to be passed all
over the place to functions that do not depend on SSL itself?
The notable example here is nts_ke_do_recieve, which only uses the SSL
to pass to SSL_read. I don't see any obvious reason that couldn't be
done in the calling function and then pass the buffer instead as the
logic doesn't depend on SSL, but on the buffer. As it is now, writing
tests for many of the most important functions in the nts codebase is
difficult at best because they require setting up SSL, which means
faking a connection, which is already awkward and verbose in languages
that make for easy shimming, let alone C.
--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A
Man Chooses, a Slave Obeys."/ -- Andrew Ryan
/"Utopia cannot precede the Utopian. It will exist the moment we are
fit to occupy it."/ -- Sophia Lamb
--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A
Man Chooses, a Slave Obeys."/ -- Andrew Ryan
/"Utopia cannot precede the Utopian. It will exist the moment we are fit
to occupy it."/ -- Sophia Lamb
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
