Brian stumbled on this side by side comparison of SSL/TLS libraries and gave his review of it:
So in summary of what code bases I find usable from a licensing prospective:
TropicSSL and axTLS are clear winners in terms of the license
CyaSSL and PolarSSL are GPL V2 + FLOSS which is less desirable
Next I looked at the code bases.
CyaSSL looks the most complex, and that is born out in terms of the code size (27kLOC). Meanwhile PolarSSL/TopicSSL and axTLS come in at less than half of that with 12-14kLOC.
In terms of file/module organization TropicSSL/XySSL/PolarSSL looks a bit better than axTLS at least at first glance.
I conclude that if I want to have the most robust SSL/TSL I should look to port CyaSSL. If I want the freest SSL I should adopt axTLS or TropicSSL/XySSL. axTLS is still maintained by the original author while XySSL is not.
Via the forum.