On Mon, Apr 09, 2001 at 12:29:32PM +0200, Richard Levitte - VMS Whacker wrote:
> bodo> Log:
> bodo> Avoid assert() in the library.
> Hmm, my thinking with that assert is that it should be caught
> *EARLY*. If we release anything with a buf too small for any ciphers
> and digests that we support, it's a library bug and should be caught
> early. The best way I saw for it to be caught early was to generate a
> violent death, so we get it in our face. I'm not sure I understand
> the error in that thinking. Could that assert be triggered in some
> other way, or whall we leave it to windows users to discover such a
> bug? :-)
I don't think it's good to have active assert()s in default
compilations of libraries -- in particular, libraries for
multi-threaded programs. Everywhere else, we define NDEBUG unless an
appropriate ..._DEBUG preprocessor symbol is defined (otherwise we
should use -DNDEBUG in all non-debug configurations). With that
SSLerr(), the problem will still be noticed when testing, and in
addition to this the test is active even if NDEBUG is defined.
--
Bodo Möller <[EMAIL PROTECTED]>
PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html
* TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt
* Tel. +49-6151-16-6628, Fax +49-6151-16-6036
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
