Is invoking exit(2) in a library the right thing to do?

Andreas Metzler ametzler at downhill.at.eu.org
Mon Mar 5 19:40:06 CET 2007


On 2007-03-04 Werner Koch <wk at gnupg.org> wrote:
> On Sat,  3 Mar 2007 11:10, ametzler at downhill.at.eu.org said:

> > currently log_fatal() ends up invoking exit(2). Is this really the
> > right thing to do? It does not give applications using libgcrypt any

> Yes.  It allows application to run an atexit handler.  Libgcrypt even
> allows to register a dedicated handler: gcry_set_fatalerror_handler.

> In any case the process needs to terminate as their is a fatal error
> and something is going really wrong.  Allow a process to continue is
> not a good idea because it allows bugs to lurk around for years
> without fixing.  Such a bug is an indicator that something more severe
> might have gone wrong.


Hmm,

in this specific case (libnns-ldap failing due to missing
/dev/(u)random devices in early boot when connecting to the ldap
server using a ssl protected session.) the only thing actually using
gcrypt directly is gnutls.

Should gnutls have setup an error handler using
gcry_set_fatalerror_handler?

cu andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'



More information about the Gcrypt-devel mailing list