these bugs induced by openssl 3 are so exhausting

@ariadne i love having an application crash because checks notes the CPU supports vector instructions

@lotte @kescher not exhaustively, but hey, they are bullying distros into taking it by revoking maintenance of openssl 1.1 :)

@lanodan they are, but apparently they think they can just do this shit now that they're the de-facto standard crypto library, especially for TLS @lotte @ariadne

@kescher @lanodan @lotte @ariadne rustls is a thing... of course I know projects can't just switch to it easily, but there are alternatives to OpenSSL

@lanodan @kescher @lotte @ariadne TIL ring's compiles some C forked from BoringSSL

@be @lanodan @kescher @lotte

ring is just basically "we took boringssl libcrypto and pretend it's memory safe"

also, the maintainer is a jerk

@be @lanodan @kescher @lotte

while i am sure that it is hard to screw up the memory safety of a block cipher, there are things in ring where you can't just handwave in memory safety like that.

Sign in to participate in the conversation

For people who care about, support, or build Free, Libre, and Open Source Software (FLOSS).