Date: Sun, 13 Dec 2020 22:54:08 -0800 From: John-Mark Gurney <jmg@funkthat.com> To: Benjamin Kaduk <kaduk@mit.edu> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-20:33.openssl Message-ID: <20201214065408.GV31099@funkthat.com> In-Reply-To: <20201213020727.GP64351@kduck.mit.edu> References: <20201209230300.03251CA1@freefall.freebsd.org> <20201211064628.GM31099@funkthat.com> <813a04a4-e07a-9608-40a5-cc8e339351eb@FreeBSD.org> <20201213005708.GU31099@funkthat.com> <20201213020727.GP64351@kduck.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Benjamin Kaduk wrote this message on Sat, Dec 12, 2020 at 18:07 -0800:
> On Sat, Dec 12, 2020 at 04:57:08PM -0800, John-Mark Gurney wrote:
> >
> > If FreeBSD is going to continue to use OpenSSL, better testing needs to
> > be done to figure out such breakage earliers, and how to not have them
> > go undetected for so long.
>
> I don't think anyone would argue against increasing test coverage.
> The most important question seems to be how to know what should be getting
> tested but isn't. Do you have any ideas for where to start looking?
Is there a CI pipeline setup for OpenSSL testing on -current and the
stable branches? If so, where the results posted? Are the existing
test suite being run? Why was the engine test not being run? Has that
now been fixed?
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20201214065408.GV31099>