1. 16

  2. 1

    What agwa.name wants from LibreSSL is to behave in every little bit exactly as OpenSSL does, even though OpenSSL itself is a complete and utter mess.

    OpenSSL allowed developers to interfere with RNG freely, so LibreSSL must do that, too? Even if times have changed?

    Well, you can’t really go at improving and cleaning up the library if you have to keep up all the old bugs and the whole crusty API around.

    It’s inconceivable to expect LibreSSL to be both better than OpenSSL, yet to have the exact same API and the exact same set of bugs and nuances as the original OpenSSL.

    LibreSSL is meant to be a simple-enough replacement of OpenSSL for most modern software out there (possibly with some minimal patching of some of the outside software), and not a one-to-one drop-in-replacement for random edge cases that depend on random and deprecated OpenSSL craft.