That removes the check for LibreSSL, and implies that the scariness of LibreSSL no longer applies, it won't cause the consensus issues some worried about. Which I doubt would have been any worse than different versions of OpenSSL but...
And different version of OpenSSL also have a moratorium out on them in respect of Bitcoin (and I'm surprised you don't know this, seeing as the only Red Hat/.rpm repo that ever existed ran into exactly that issue: using a version of OpenSSL that was "better", but contained different ECDSA code that broke Bitcoin nodes using it).
It's not about "worse" or "better", it's about "produces the same bugs".Yes, LibreSSL is likely a "better" crypto library than OpenSSL for general use, but the Bitcoin blockchain has contained signatures verified with OpenSSL long before LibreSSL even existed.
With 0.12 though, the only functions still handled by OpenSSL are the internal PRNG and AES256 for the wallet encryption. So the previous LibreSSL issues essentially don't exist for 0.12+, although there's very little functionality left for LibreSSL to be called for.
The problem with the Fedora / Red Hat OpenSSL was related to the Red Hat legal team, Red Hat's OpenSSL only supports two or three ECDSA curves, they ripped a bunch out due to legal fears.
However this issue is resolved:
Code:
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L)
+#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)
+#if defined(LIBRESSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x10100000L)
Basically a fix for openssl 1.1 broke libressl because libressl uses a high OPENSSL_VERSION_NUMBER yet does not use the OpenSSL API from post fork.
