[josteink]

I read through that too, and immediately thought about the OpenBSD approach: Don't create hacks and workarounds in your own code for what bugs and shortcomings which should be fixed upstream. Send a patch to fix it upstream, and you've fixed your project too.

Clearly OpenSSL and BoringSSL (but not LibreSSL) lack a defined way to properly and deterministically identify themselves as projects, in a stable fashion. He should try submitting a patches to get each project to expose a unique property which can be detected in consumer-code.

That way (like OpenBSD does) he haven't just solved the problem for himself, but for other projects too.

If more people had that attitude towards code quality which the OpenBSD team has, we might not be in such a buggy universe as we are now.