On May 31, 2014, at 6:08 PM, Brendan MacDonell <[email protected]> wrote:
> On Sat, May 31, 2014 at 8:02 PM, Brent Cook <[email protected]> wrote: > I totally agree in the general case. BIO is a big pain, and it does seem > crazy to use it for stdio. > > However, in this specific case, this file already calls BIO_printf, BIO_puts > and BIO_write to stdout and stderr, in an unchecked manner, several hundred > times. I’m not sure if checking write() actually fixes the problem, as there > may be no guarantees of IO ordering when mixing BIO_write, BIO_puts and > regular write() calls to the same output stream. > > Might it be OK to consider unifying this single exception to the (bad) rule, > and then removing all BIO to stdin/stdout all at once in a follow-up patch? > > For what it's worth, bio_s_out is not stdout if -quiet is passed (it's a > BIO_s_null instead.) If you change this write to BIO_write, then it will be > suppressed as well. > Good point. The help for this command says: -quiet - No server output It seems like supressing here would be the correct behavior as well. Maybe a larger question is, should the openssl command really embed a static-file-serving HTTP 1.0 web server? The ‘-hack’ and ‘-bugs’ options seem like a little ripe, among many other things. - Brent
