[racket] Example of using OpenSSL instead of mzcrypto

From: Neil Van Dyke (neil at neilvandyke.org)
Date: Tue Apr 24 15:26:26 EDT 2012

Calling these tools can be a little more complicated.

I'd put those port close calls in a "dynamic-wind" cleanup thunk.  I'd 
also catch the exceptions that could be raised by the port-closing 
procedure itself in the cleanup thunk.  And I'd make sure that any 
custodian I was using didn't close the ports at the wrong time for me.

Regarding I/O, I'd make stdin a null port so that the process wouldn't 
block (unless I actually had to feed it input).  And I'd probably poll 
the ports with "sync", so that, for example, I get any potential error 
messages to stderr, and so that that the process's stderr buffer filling 
won't block the process while I'm just reading the process's stdout.

I also prefer to use "process*" over "process", because it eliminates 
some possible command line assembling errors (especially quoting and 
escaping) and eliminates resulting exploits.  (I'll just assert here 
that most people who assemble command lines as single strings using 
variables do it wrong and potentially create security exploits or 
accidents.)

Neil V.

-- 
http://www.neilvandyke.org/

Posted on the users mailing list.