Daniel Stenberg schrieb:
> I'd say that the hardest part was and I think still is, the lack of good
> OpenSSL documentation. The GnuTLS lib is somewhat better documented and
> have a cleaner and more consistent naming and behaviour etc.
>
> The good part of today is that you'll be able to dig up lots of existing
> source code that already did this work and you can easily get inspired
> by other's hard work to let you do shortcuts to avoid possible wormcans.

I think the whole of OpenSSL is just one big wormcan...
Even for my simple tasks (I admit that I am quite new to OpenSSL so
maybe I just didn't get to the big picture yet) I had to figure most
things out from the source code - which doesn't have to a bad thing if
it is structured somehow. OpenSSL sources are very hard to follow though
since they use loads of #defines to export a set of functions that has
very little to do with what you actually see in the code. And -
personally - I don't find "type-dependent" #defines very helpful.

But that's just my two cents. Don't allow my frustration to stop you ;-)

Sebastian

PS: No, I didn't try GnuTLS yet...
Received on 2006-03-29