Of course we can add OpenSSL.
I am however very strongely against too much module-duplication, we want to avoid the route perl has taken, where there are at least 10 modules for any task, and you never have the right one installed when you want to run a script.
But that is just a general fear, not anything specifically related to openssl.
/ Per Hedbor ()
Previous text:
2003-01-28 13:41: Subject: Re: OpenSSL wrapper vs Pike's SSL (Was: Bz2)
On which systems is an SSL key in the memory an issue?
Wouldn't that require that 1) you have root access to the system, or similar and 2) that you on the same system at the same time can't do much worse things much simpler then trying to scan the memory real time, like for instance replacing the server with a version that simply mails the keys to you, or edits the transmission to your liking?
When is that applicable? I'm not saying it's not an issue, I'm just curious.
But, *why not* have an OpenSSL glue in Pike? If someone wants to use it, why not? I don't think we should tell people what to use. When I want to use something in Pike, I commit a glue for it. Then I bugfix it (removes bashisms and suchlike) and makes sure it works nicely. I don't see any problem with anyone doing that with an OpenSSL glue.
Maybe an OpenSSL glue could be used to verify the Pike SSL, and vice versa?
/ Mirar