On Sun, 29 Jan 2017 22:47:01 +0100 Hiltjo Posthuma <[email protected]> wrote:
Hey Hiltjo, > Doesn't this miss some things like verify peer and the certificate > information? > > An alternative could be to use the LibreSSL libtls wrapper library > which handles these things. I was thinking exactly the same thing to be honest when I read the mail. It's just impossible to use the OpenSSL-API safely as a normal human being. And if you do, the code probably becomes unreadable and sounds like a magic spell. There's lots of "ritual" surrounding the use of OpenSSL and derivatives and libtls is a breath of fresh air. I was wondering though: Isn't libtls exclusive to OpenBSD/LibreSSL? I mean, you probably could compile it on Linux, but I was surprised there were no "packages" available as far as I checked. It might be a cool project idea to "port" it to Linux in case it hasn't been already. With best regards Laslo -- Laslo Hunhold <[email protected]>
