[openssl-dev] [openssl.org #4700] fprintf(stderr, ...) in d1_both.c
Wyss, Felix via RT
rt at openssl.org
Fri Oct 7 11:35:47 UTC 2016
Good Morning,
Inspecting some code in the OpenSSL DTLS implementation, I noticed three places in the file “d1_both.c” where error conditions result in an sprintf to stderr:
Line 1071 in function dtls1_read_failed
Line 1143 in function dtls1_retransmit_buffered_messages
Line 1243 in function dtls1_retransmit_message
We’re using version 1.0.2j.
It should be obvious why it’s rather inappropriate for a library like OpenSSL to write to stderr instead of reporting errors to the application. Even more so considering that OpenSSL already has a sophisticated error reporting mechanism.
Regards,
--Felix Wyss
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4700
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list