On Sun, 29 Jan 2017 22:47:01 +0100
Hiltjo Posthuma <hiltjo_AT_codemadness.org> wrote:
Hey Hiltjo,
> Doesn't this miss some things like verify peer and the certificate
> information?
>
> An alternative could be to use the LibreSSL libtls wrapper library
> which handles these things.
I was thinking exactly the same thing to be honest when I read the
mail. It's just impossible to use the OpenSSL-API safely as a normal
human being. And if you do, the code probably becomes unreadable and
sounds like a magic spell. There's lots of "ritual" surrounding the
use of OpenSSL and derivatives and libtls is a breath of fresh air.
I was wondering though: Isn't libtls exclusive to OpenBSD/LibreSSL? I
mean, you probably could compile it on Linux, but I was surprised there
were no "packages" available as far as I checked. It might be a cool
project idea to "port" it to Linux in case it hasn't been already.
With best regards
Laslo
--
Laslo Hunhold <dev_AT_frign.de>
Received on Sun Jan 29 2017 - 23:02:12 CET