Difference between revisions of "Talk:Libcrypto API"

From OpenSSLWiki
Jump to navigationJump to search
(Initialization and engines?)
 
Line 6: Line 6:
  
 
--[[User:Ppelleti|Ppelleti]] 18:05, 3 March 2013 (UTC)
 
--[[User:Ppelleti|Ppelleti]] 18:05, 3 March 2013 (UTC)
 +
 +
== Best practices for printing errors ==
 +
 +
I'm curious about the recommendation to do this:
 +
 +
<pre>
 +
err:
 +
  unsigned long errCode;
 +
  while(errCode = ERR_get_error())
 +
  {
 +
    char *err = ERR_error_string(errCode, NULL);
 +
    printf("%s\n", err);
 +
  }
 +
</pre>
 +
 +
Wouldn't it be much simpler to just do:
 +
 +
<pre>
 +
err:
 +
  ERR_print_errors_fp(stderr);
 +
</pre>
 +
 +
Or, if one really does want to iterate through each line of the error queue individually, wouldn't it still be better for us to recommend using ERR_error_string_n with an explicit buffer?  ERR_error_string with a NULL argument is not thread-safe.
 +
 +
--[[User:Ppelleti|Ppelleti]] 18:12, 3 March 2013 (UTC)

Revision as of 18:12, 3 March 2013

Initialization and engines?

Should the recommended initialization code include a call to ENGINE_load_builtin_engines? (Or to OPENSSL_config, which calls ENGINE_load_builtin_engines.) Otherwise, the RdRand engine for getting better random numbers from newer Intel chips (as one example) won't be used.

(My own thoughts on OpenSSL initialization are here.)

--Ppelleti 18:05, 3 March 2013 (UTC)

Best practices for printing errors

I'm curious about the recommendation to do this:

 err:
   unsigned long errCode;
   while(errCode = ERR_get_error())
   {
     char *err = ERR_error_string(errCode, NULL);
     printf("%s\n", err);
   }

Wouldn't it be much simpler to just do:

 err:
  ERR_print_errors_fp(stderr);

Or, if one really does want to iterate through each line of the error queue individually, wouldn't it still be better for us to recommend using ERR_error_string_n with an explicit buffer? ERR_error_string with a NULL argument is not thread-safe.

--Ppelleti 18:12, 3 March 2013 (UTC)