OpenSSL code is a mess, says creator of LibreSSL fork

  1. OpenBSD founder Theo de Raadt has created a fork of the OpenSSL cryptographic library that contained the Heartbleed bug, saying that the original code lacks clarity, contains a lot of "discarded leftovers", and is too much of a mess. He...

    Read more
  2. SirGCal

    SirGCal TS Booster Posts: 181   +51

    Being a developer myself, I'm all about clean code. I can't stand the clutter people do to code these days...
    JC713 likes this.
  3. JC713

    JC713 TS Evangelist Posts: 7,240   +960

    I think creating a new version is better than struggling to repair the existing version.
    SirGCal and jobeard like this.
  4. jobeard

    jobeard TS Ambassador Posts: 14,684   +486

    @JC713 has a good point, given that the existing base "is a mess".
    But "mess" needs to be more than strictly stylistic changes that don't meet the aesthetic values of the reader. "Mess" needs to be nasty control flow problems or function arguments which create complex
    "if then else" or nested "if then else" structures that can not be understood. When this happens, the library really needs to be refactored into a new set of functions with single objectives each.
    JC713 likes this.
  5. Now that large companies are chipping in to help pay for this and other open source infrastructure/security projects, perhaps OpenSSL will have the resources to clean things up.
  6. Despite the "mess" that OpenSSL is in, I cannot support the decision to fork and duplicate efforts. Doing so would only further dilute the already-scarce funding and manpower available to open-source development. Hopefully OpenSSL and LibreSSL can find ways to synergise their efforts, at the very least.
  7. cliffordcooley

    cliffordcooley TechSpot Paladin Posts: 7,600   +2,005

    If OpenSSL is in a mess, it is probably because it was a work in progress. Now that they can see how the code needs to be, it can be rewritten and probably simplified. I see no reason why OpenSSL should be kept, if LibreSSL can be properly coded as a complete future replacement.

Similar Topics

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.