Re: Thanks to Debian OpenSSL developers

[CaT <cat@zip.com.au>]

On Fri, May 16, 2008 at 07:47:31AM +0200, Yves-Alexis Perez wrote:
> On jeu, 2008-05-15 at 23:38 +0200, Steffen Schulz wrote:
> > or what its worth...I see 3.5 problems that accumulated into this
> > mess:
> > 
> > - OpenSSL is complex and critical but the code is little documented.
> >   Code pieces like the ones in question should have warning-labels
> >   printed all over them and a distinguished place and interface.
> 
> There was a #ifndef PURIFY just before the instruction commented by #if
> 0.

/* Uninitialised memory used intentionally to add entropy */

That, I believe, speaks volumes.

#ifndef PURIFY says very little.

Most, if not all languages provide the ability to enter in comments for
a reason.

-- 
  "Police noticed some rustling sounds from Linn's bottom area
  and on closer inspection a roll of cash was found protruding
  from Linn's anus, the full amount of cash taken in the robbery."
    - http://www.smh.com.au/news/world/robber-hides-loot-up-his-booty/2008/05/09/1210131248617.html