New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally #13156
ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally #13156
Conversation
…ditionally OSSL_DECODER_CTX_set_params() and OSSL_ENCODER_CTX_set_params() would stop as soon as a decoder / encoder instance failed, which leaves the rest of them with a possibly previous and different value. Instead, these functions will now call them all, but will return 0 if any of the instance calls failed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm wondering if it is correct to fail if any of the encoders/decoders fail. If some pass and others fail that might be ok. But I can't think what better behaviour might look like.
We'd have to have the concept of half failures... whatever that would mean. (30% failed, 50% failed, 74.3% failed... maybe we should return a float 😆) |
You could have 0 == all failed, 1 == some success, 2 == all success. That way anything greater than 0 is just "success", and if you want to know that they all succeeded then you could get that information too. |
Mind you, what does "fail" actually mean for an encoder/decoder? Does it mean I don't understand this, or does it mean I do understand this, tried to process it, but couldn't. If the latter then perhaps it is ok to just say if any fail then the overall result is 0. |
I'm aware openssl has an idiosyncratic relationship with error codes, but seeing this, I have to ask: why not
? |
Because virtually all functions return 0 for fail and 1 for success (including all the other *_set_params functions). This would reverse the logic, which would be hugely confusing. |
Should we really re-invent yet another return code structure? We already have a couple of fairly common ones:
These both allow using If there is to be some kind of count of failures, I'd suggest going for the negative, that would at least be some sort of compatible with already existing patterns. 1 = success, 0 = all failed, -n = negated count of failures. Seriously, though, I'm not sure why the count of failures is relevant. What is the caller going to do with that? That any of the en-/decoder instances has failed should tell the caller that they shouldn't expect any well defined result if they continue to use the OSSL_ENCODER_CTX where setting the params failed. |
All good, was just asking because "1 == some success, 2 == all success" IMO sounds like a footgun waiting to happen.
Both reasonable. |
Either way, this PR is approved... I guess we can come back to failure rates at another time, if that turns out to be relevant |
Yes, its fine. Just me thinking out aloud. |
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
Merged 9096809 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally |
…ditionally OSSL_DECODER_CTX_set_params() and OSSL_ENCODER_CTX_set_params() would stop as soon as a decoder / encoder instance failed, which leaves the rest of them with a possibly previous and different value. Instead, these functions will now call them all, but will return 0 if any of the instance calls failed. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from #13156)
OSSL_DECODER_CTX_set_params() and OSSL_ENCODER_CTX_set_params() would
stop as soon as a decoder / encoder instance failed, which leaves the
rest of them with a possibly previous and different value.
Instead, these functions will now call them all, but will return 0 if
any of the instance calls failed.