[Cryptography] GnuTLS -- time to look at the diff.

Harald Koch chk at pobox.com
Fri Mar 7 13:49:01 EST 2014


On 7 March 2014 12:22, Nico Williams <nico at cryptonector.com> wrote:

> Goto isn't the problem.
>
>
Anyone hung up on goto should learn that you can write the same code with:

do {
   if (something fails) {
      break;
   }

   ...

} while (false);

/* cleanup code goes here */


This has no goto, but it has exactly the same failure modes as the
goto-laden code (btw, if you're looking for a "goto cleanup;" equivalent in
Java, this is how you do it).

I believe the real issue here remains that writing *and testing* security
code is hard. And re-implementing an essential security library for license
purity is, bluntly, foolish.

-- 
Harald
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140307/bfb69598/attachment.html>


More information about the cryptography mailing list