SSL has been stable for years now. Far longer than OpenSSL has been stable or even existing. If it got dented when a lot of stuff was rearranged in preparation for 7.4 it should be fixed.
I want to hear what is better in OpenSSL, not some general fuzzy feelings about going with the flow. Last time I checked the proto-OpenSSL code - several years ago mind you - it was so damned clutteded that I wouldn't trust sending my cats name over it. Niels code on the other hand, while not always easy to follow, is rather clean.
OpenSSL is faster than Pikes SSL module. That is known. I want to know about other differances in OpenSSLs advantage.
/ Peter Bortas
Previous text:
2003-01-28 00:15: Subject: Re: OpenSSL wrapper vs Pike's SSL (Was: Bz2)
On Sun, Jan 26, 2003 at 01:25:02AM +0100, Martin Nilsson (Åskblod) @ Pike (-) developers forum wrote:
What's wrong with the SSL module, or more to the point, what is better with OpenSSL?
What is wrong with SSL: it simply doesn't work (Pike 7.4.10 stock) - a lot of unresolved references. It was fixed somewhere in 7.4.13 and in 7.4.15 it is broken again. So - it is unstable, at least.
Additionally, it doesn't provide all the functionality which is included in OpenSSL, and, again, OpenSSL is long standing, stable project, proven.
A lot of crypto stuff included in OpenSSL is far better and more optimized comparing to original Pike stuff - this is the major point, I think.
Personally, I don't think that this is good idea - to implement in Pike everything just because it can be implemented. Some things are quite ineffective in Pike, even when JIT and optimizer are in use.
Everything which needs speed _must_ be implemented in C, everything else _may_ be implemented in Pike. IMHO, of course :)
Regards, /Al
/ Brevbäraren