openssl vs. libressl

Jeremy Huddleston Sequoia jeremyhu at
Thu Nov 12 15:56:58 PST 2015

> On Nov 12, 2015, at 12:28, René J.V. Bertin <rjvbertin at> wrote:
> On Thursday November 12 2015 08:45:19 Jeremy Huddleston Sequoia wrote:
>> See this ticket for details about Qt5 + Libressl:
> And an official statement from a highly visible Qt dev:
> "Our current position is "our code is written for OpenSSL". If you want to use 
> something that emulates OpenSSL, the burden is on you to make sure it's a good 
> emulation."

Libressl doesn't "emulate" OpenSSL.  It is a derivative of OpenSSL with a focus on better architecture and security.  The reason for SSLv2_client_method and et al not being part of Libressl is that they were deprecated and eventually removed because they're inherently insecure.  Qt should stop using them (even with OpenSSL).


More information about the macports-users mailing list