Is invoking exit(2) in a library the right thing to do?
Andreas Metzler
ametzler at downhill.at.eu.org
Mon Mar 5 19:40:06 CET 2007
On 2007-03-04 Werner Koch <wk at gnupg.org> wrote:
> On Sat, 3 Mar 2007 11:10, ametzler at downhill.at.eu.org said:
> > currently log_fatal() ends up invoking exit(2). Is this really the
> > right thing to do? It does not give applications using libgcrypt any
> Yes. It allows application to run an atexit handler. Libgcrypt even
> allows to register a dedicated handler: gcry_set_fatalerror_handler.
> In any case the process needs to terminate as their is a fatal error
> and something is going really wrong. Allow a process to continue is
> not a good idea because it allows bugs to lurk around for years
> without fixing. Such a bug is an indicator that something more severe
> might have gone wrong.
Hmm,
in this specific case (libnns-ldap failing due to missing
/dev/(u)random devices in early boot when connecting to the ldap
server using a ssl protected session.) the only thing actually using
gcrypt directly is gnutls.
Should gnutls have setup an error handler using
gcry_set_fatalerror_handler?
cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Gcrypt-devel
mailing list