Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
I think GnuTLS is probably the second most popular TLS library, after openssl.
I'll also mentions s2n and rustls-ffi for completeness as C libraries, though the former isn't widely used, and the latter is very experimental still. https://github.com/aws/s2n-tls and https://github.com/rustls/rustls-ffi respectively.
> but a year or 2 ago the went back to OpenSSL for some reason which I did not fully understand.
That would be Void Linux [1]. One of the reasons iirc, is PEP 644 [2], in which CPython drops support for LibreSSL due to it not being fully compatible with OpenSSL 1.1.1 APIs.
[1] https://github.com/void-linux/void-packages/issues/20935
Most applications switching to LibreSSL should seriously consider to go one step further and check if the libtls can replace their existing libssl usage: https://github.com/bob-beck/libtls/blob/master/TUTORIAL.md.
Related posts
- Heartbleed and XZ Backdoor Learnings: Open Source Infrastructure Can Be Improved Efficiently With Moderate Funding
- Ask HN: How does the xz backdoor replace RSA_public_decrypt?
- Pingora: HTTP Server and Proxy Library, in Rust, by Cloudflare, Released
-
Terrapin-Scanner VS CryptoLyzer - a user suggested alternative
2 projects | 14 Jan 2024
- Use of HTTPS Resource Records