30-Day Status Update On The LibreSSL OpenSSL-Fork

Written by Michael Larabel in BSD on 17 May 2014 at 07:34 PM EDT. 25 Comments
BSD
Bob Beck of the OpenBSD project has provided a status update on the first 30 days of the LibreSSL project that's a fork of OpenSSL following the notorious heartbleed bug.

Bob's slides from BSDCan Ottawa 2014 are interesting and can be found in full via OpenBSD.org. Some highlights from the presentation on LibreSSL include:

- The "perfect storm" happened for OpenSSL with developers being concerned about adding features and not fixing/maintaining, fixes not being merged upstream, bug rot for years, and horrible code.

- LibreSSL is still after maintaining API/ABI compatibility with OpenSSL so it can be a drop-in replacement.

- OpenBSD developers have found numerous faults with OpenSSL and the decisions made by its developers.

- They have already fixed many bugs and have about a half-million line unidiff from OpenSSL 1.0.1g from where they forked.

- New ciphers for Brainpool, ChaCha, poly1305, and ANSSI FRP256v1 have been added to LibreSSL.

- LibreSSL accuses the OpenSSL Foundation as being a front for the FIPS consultancy.

- Long term goals of LibreSSL are a better API, reduced code-base, splitting libcrypto from libssl, and splitting non-cryptography tasks from libcrypto.

- The Linux Foundation has not committed support to LibreSSL although they are now funding OpenSSL via their core infrastructure initiative.
25 Comments
Related News
FreeBSD Working On Improving Its Audio Stack & Creating Graphical OS Installer
NetBSD 9.4 Released With Security & Stability Fixes
OpenBSD 7.5 Released - Faster Performance For Many-Core ARM Servers
NetBSD 10.0 Released With Much Improved Hardware Support & Faster Performance
FreeBSD 13.3 Released With Better WiFi Support, LLVM objdump Added
NetBSD 10.0 Should Be Released Soon - Likely Last RC Debuts
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
systemd Rolling Out "run0" As sudo Alternative
Linux Mint Looks To Fork More GNOME Software, Make XApp More Independent
Microsoft Updates Cascadia Code: Its Open-Source Font For Developers
Microsoft Open-Sources MS-DOS 4.0 Under MIT License
Systemd 256-rc1 Brings A Huge Number Of New Features
NVIDIA Developer Opens Feature Pull Request For Open-Source NVK Driver
Rust-Based Coreutils 0.0.26 Increases Compatibility With GNU Coreutils
Rust-Written Redox OS Gets USB Keyboards & Mice Working