|
|
|
|
|
|
by jacques_chester
4454 days ago
|
|
|
OpenSSL is less like a library, and more like a framework. You need to mesh your code to it pretty closely to get anything done. All you want is a SHA256? Too bad, here's a dozen things you need to do first. A lot of what makes OpenSSL complicated is that it covers almost every crypto/algo/protocol permutation (there are lots) and it is heavily tuned to run fast on a variety of hardware. I like PolarSSL as an alternative. It is just a collection of libraries. When I just need SHA256, I can just compile, link and use SHA256. No book-keeping, no boilerplate. But it's not as wide-ranging or optimised. |
|
|
And all the people who favor bsd style license instead.
Weve seen it before, a license which appeals to those who would benefit from it but not required to provide something back to the community - such projects fare worse in the long term than GPL or GNU projects.
I think this mentality also explains why people hate on openssl - they expect something for nothing.
Its 2014 we should know better than to trust corporations will do the right thing and require any modifications be released back to community. They wont and they dont.