Well, ssleay did exist when I wrote the SSL code, of course. But it was huge and really really ugly. Besides the general uglyness, another showstopper back then was that there was no (documented) way of running it in non-blocking mode.
Openssl has probably gotten better in recent years, but I haven't had any reason to look closely at it. As far as I understand, from talking to openssl developers, I think the API is still more or less broken for non-blocking applications.
/ Niels Möller ()
Previous text:
2003-01-28 00:41: Subject: Re: OpenSSL wrapper vs Pike's SSL (Was: Bz2)
SSL has been stable for years now. Far longer than OpenSSL has been stable or even existing. If it got dented when a lot of stuff was rearranged in preparation for 7.4 it should be fixed.
I want to hear what is better in OpenSSL, not some general fuzzy feelings about going with the flow. Last time I checked the proto-OpenSSL code - several years ago mind you - it was so damned clutteded that I wouldn't trust sending my cats name over it. Niels code on the other hand, while not always easy to follow, is rather clean.
OpenSSL is faster than Pikes SSL module. That is known. I want to know about other differances in OpenSSLs advantage.
/ Peter Bortas