[rurban]

I just started making openssl -Werror safe. Oh my, what did I get into.

Halfway through it's about 125 changed files, > 1000 changes. look at the WIP commit. The API is insane. 50% of args are unused. All the structs and vtables updates are uninitialized, ie missing methods.

https://github.com/rurban/openssl/commits/Werror

[cratermoon]

One of the (possibly first?) things the LibreSSL people did after forking OpenSSL was to enable -Wall, -Werror, -Wextra, -Wuninitialized on the code[1]. Many years ago we'd look at compiler (and linter) warnings with a skeptical eye, but these days, they really mean something. That alone smoked out a lot of lurking problems.

1 https://en.wikipedia.org/wiki/LibreSSL#Proactive_measures