Contributed by phessler on from the how-i-learned-to-stop-worrying-and-shine-the-turd dept.
Changes so far to OpenSSL 1.0.1g since the 11th include:
- Splitting up libcrypto and libssl build directories
- Fixing a use-after-free bug
- Removal of ancient MacOS, Netware, OS/2, VMS and Windows build junk
- Removal of “bugs” directory, benchmarks, INSTALL files, and shared library goo for lame platforms
- Removal of most (all?) backend engines, some of which didn’t even have appropriate licensing
- Ripping out some windows-specific cruft
- Removal of various wrappers for things like sockets, snprintf, opendir, etc. to actually expose real return values
- KNF of most C files
- Removal of weak entropy additions
- Removal of all heartbeat functionality which resulted in Heartbleed
To clarify, not all of the cryptographic engines were removed; the padlock and aesni engines are still in place.
As always, it's heartening to see a concentrated effort on such a critical software component.
(Comments are closed)