From: "Randy Turner" <rtur...@amalfisystems.com>
From the length of some of the threads I've read in the past, a number
of developers seem to be burning a lot of development hours "guessing"
at how functions are supposed to work
Yes indeed. This is why I often go for commercial software in preference fo
"free" - it took me a day and a half to get a working Visual Studio 2005
debug DLL built, at a cost to my client of ... er ... well ... none of
anyone else's business really, but lots more than any software package I
remember buying. If instead of the "free" OpenSSL there'd been available a
non-"free" product that cost £500 with normal commercial standards of
installation and documentation and support we'd be laughing all the way to
the bank.
Having said which, trying to use Windows' native Schannel isn't a lot
better, to be honest: sure, there's more documentation than there is of
OpenSSL, but much of it is incomprehensible, and sure, there's "free" (ie
included in the MSDN subscription) support from Microsoft engineers, but
that takes time.
Bottom line seems to me to be that this crypto/security business is in a
class of its own; it's essentially difficult, and no product has received
the productisation effort that is common in other fields.
---
One thing I still haven't found anywhere, it's not even in the O'Reilly
book, is a description of the "object" system - I've sort-of picked up that
if you XXX_new() something you maybe ought to XXX_free() it sometime later,
and there's some sort of use counting going on, but I've not found any
documentation for any of this yet.
Tim Ward - Brett Ward Limited - 07801 703 600
www.brettward.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
