"This is a major, systemic, pandemic of incomplete error handling. We cannot just discard unrelated errors if they become inconvenient. The code that caused the error needs to be fixed to handle it": The pandemic of incomplete OpenSSL error handling https://blog.jak-linux.org/2026/07/03/openssl-pandemic/
Blog of Julian Andres KlodeThe pandemic of incomplete OpenSSL error handlingRecently a person reported a bug in APT saying that TLS is failing on FIPS systems with MD5 errors, and suggested we call ERR_clear_error() around TLS operations.
Like any serious software engineer would do, I said No. Just because one component failed to handle its errors does not mean I can go around and discard all errors in another place - the program should have failed earlier (or discarded the error when it was determined to be safe).