"Perry E. Metzger" <[EMAIL PROTECTED]> writes:
> The code in SSLeay is very, very good. I would suggest looking at it.
I have to do a little SSLeay-bashing here. Sorry Eric, if you're
reading this.
I had a serious look at SSLeay about two years ago. I did not like the
code. I should add that I looked primarily at the SSL implementation.
Perhaps the crypto lib in SSLeay is better, although hacks like
(SSLeay-0.9.0b/include/des.h, line 92):
#define _ ks._
does not exactly make me feel comfortable about its quality.
My impression is that SSLeay sacrifices almost anything for speed.
Which of course is appropriate for some applications, but it causes
duplication, code bloat and general ugliness. I don't doubt that Eric
has managed to get the code *really* fast, in particular on x86, but I
would still prefer a different tradeoff.
And at last, there are legal problems with SSLeay. Its license
includes an advertising requirement, which more or less rules out
using it in a GPL:ed project.
> BTW, the hard part of this project is getting the protocol, login,
> etc. handled -- the crypto part itself is easy. Take care of the hard
> part and plugging in new crypto modules can go in last.
I could not agree more.
/Niels
