On 29/12/2018 13:19, C.Wehrmeyer wrote:... Your corrections, improvements and enhancements would be very welcome as pull requests at https://github.com/openssl/openssl - thank you for your contributions. And don't give me any "trust us, we're experienced programmers" bullshit. I've *seen* ssl/record/ssl3_record.c: Yes, I ask; why not tell us? Let me show you how I'd have done that: So instead of correct portable code which derives obviously and straightforwardly from the specification, you'd write arrays of a different length from the original, the first 48 bytes of which would only be correct in some compilation environments, and even in the cases where those 48 bytes end up correct they have no obvious relationship to the specification they are implementing (your obfuscation making the code much more difficult to review). How are these changes improvements? I'd walk you out of an interview if you offered this as an implementation, let alone as an improvement. For the record, I have nothing to do with any of the code in OpenSSL. -- J. J. Farrell Not speaking for Oracle |
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users