Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 25 Apr 2013 08:28:17 -0400
From: Rich Felker <>
Subject: Re: High-priority library replacements?

On Thu, Apr 25, 2013 at 12:21:12AM -0700, Hal Clark wrote:
> I saw earlier that Cyassl was briefly mentioned. Now, in general I am
> interested in your idea of a "minimal, simple API", but I've had great
> experiences with Cyassl. IMO it is exactly what you're looking for.

Minimal, simple API basically means I wouldn't want to see anything
like the mess of OpenSSL's "BIO" layer. If I didn't care for making
users of the library happy, I would say it should just have one
function, an open function, that would hand over the socket to the
library and give you a new socket (from socketpair) to use in its
place as an unencrypted socket. But then everybody would whine about
threads. So I think there need to be some additional interfaces, but
not more than a few.

> Could you comment on what parts of it are unsuitable for your intended
> purposes? I'm curious what would need to be changed or replaced.

So far, based on what I've seen/read, I find it rather suitable. Lots
of people find the license (GPL) unacceptable however.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.