SoylentNews is people
SoylentNews
It has finally happened. Bob Beck of The OpenBSD Foundation has just announced that the first release of LibreSSL portable is now available, and can be found in the LibreSSL directory of your favourite OpenBSD mirror.
libressl-2.0.0.tar.gz has been tested to build on various versions of Linux, Solaris, Mac OS X and FreeBSD.
This is intended to be an initial portable release of OpenBSD's libressl to allow the community to start using it and providing feedback, and has been done to address the issue of incorrect portable versions being attempted by third-parties. Support for additional platforms will be added as time and resources permit.
This discussion has been archived.
No new comments can be posted.
First Release of LibreSSL Portable Available
|
Log In/Create an Account
| Top
| 15 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Reply hazy, ask again later.
(Score: 5, Informative) by NCommander on Saturday July 12 2014, @03:20AM
I've been following OpenSSL rampage [opensslrampage.org] to get an idea the sort of crud they're ripping out of OpenSSL. I knew that code base was ugly, but I never quite realized how badly the braindamage is. There is a pretty good presentation about libreSSL, its genesis, and the internal ugliness that is stock OpenSSL. I'm looking forward to when the vast majority of the distros have migrated away from OpenSSL.
Long live LibreSSL!
Still always moving
(Score: 2) by kaszz on Saturday July 12 2014, @03:33AM
Sounds good. :bravo:
Theo will likely use the benevolent bugswatter *smash* away any norty bugs from inferior beings ;)
(Score: 2) by gallondr00nk on Saturday July 12 2014, @08:35AM
For those interested, I believe it's this presentation at BSDCan 2014 - LibreSSL with Bob Beck [youtube.com]
(Score: 1) by DeKO on Saturday July 12 2014, @11:29PM
Thanks for that link. The Rampage website is as amusing as thedailywtf. I just learned a new anti-pattern to terrorize coworkers: ifdowhile.
(Score: 2) by maxwell demon on Sunday July 13 2014, @12:28AM
For even better effect, I suggest to use doifwhile instead. As added bonus, it also stresses the compiler's optimizer:
SCNR :-)
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Saturday July 12 2014, @03:29AM
3.9p1 < 4.6
Consumer culture has trained me to be a lazy freeloader. Give me free stuff, Internet!
(Score: 2) by frojack on Saturday July 12 2014, @05:38AM
I wonder if this is aimed at the Joe User, or software developers.
Is this something that is drop in compatible with existing SSL libraries?
How moch software out there relies on the detritus they excised?
No, you are mistaken. I've always had this sig.
(Score: 2, Informative) by Anonymous Coward on Saturday July 12 2014, @05:47AM
Yes, it's a drop-in replacement. I just overwrote openssl with libressl today and I haven't found a single piece of software that breaks.
(Score: 2) by kaszz on Saturday July 12 2014, @06:41AM
Neat!
That should mean that the API has an alright design?
(Score: 2, Interesting) by Anonymous Coward on Saturday July 12 2014, @07:30AM
No, it still sucks. API compatibility is there to embrace OpenSSL. Then comes the time to extend it with a proper API. Finally OpenSSL will be extinguished and salt sown all over its lands.
(Score: 3, Funny) by maxwell demon on Saturday July 12 2014, @11:56AM
Wait ... you're not speaking about Microsoft, are you? :-)
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by tibman on Monday July 14 2014, @02:03PM
Just read a good article about replacing openSSL with libreSSL: https://blog.hboeck.de/archives/851-LibreSSL-on-Gentoo.html [hboeck.de]
Still not exactly aimed at Joe User but you could use this guys work to get libreSSL up. He also talks about various programs that had to be altered or tricked to work with the new ssl library.
SN won't survive on lurkers alone. Write comments.
(Score: 3, Funny) by albert on Saturday July 12 2014, @08:23AM
That was a link to the donations page. OK, so if I donate... I get a pick a platform? Sweet. Oh, maybe we should put it up for a vote here. Well, I have ideas!
* System III UNIX, using the STREAMS network API
* DOSRMX, with the insane 48-bit segment:offset addressing
* FreeRTOS running on the Intel 8052, making good use of the 256 bytes of RAM
I wonder if they'd mind keeping a log of the curse words they invent.
(Score: 2) by KritonK on Monday July 14 2014, @09:31AM
I just compiled libressl under CentOS 6, and got a few warnings. After the kind of cleanup that openssl underwent, I'd have expected not to get any warnings at all.
(Score: 0) by Anonymous Coward on Monday July 14 2014, @11:30AM
You mean like the Debian guys did with OpenSSL? https://en.wikipedia.org/wiki/Openssl#Predictable_keys_.28Debian-specific.29 [wikipedia.org]