First Release of LibreSSL Portable Is Available

ConstantineM writes: It has finally happened. Bob Beck of The OpenBSD Foundation has just announced that the first release of LibreSSL portable is now available, and can be found in the LibreSSL directory of your favourite OpenBSD mirror. libressl-2.0.0.tar.gz has been tested to build on various versions of Linux, Solaris, Mac OS X and FreeBSD. This is intended to be an initial portable release of OpenBSD's libressl to allow the community to start using it and providing feedback, and has been done to address the issue of incorrect portable versions being attempted by third-parties. Support for additional platforms will be added as time and resources permit.

Re:first security vulnerability to be discovered!

[Noryungi]

in 3....2.......1............

That was the goal from the vey beginning: make the code less horrible to get people involved and correct as much as possible.

So, yes, they will find more problems. They expect that.

Re:

[TechyImmigrant]

in 3....2.......1............

That was the goal from the vey beginning: make the code less horrible to get people involved and correct as much as possible.

So, yes, they will find more problems. They expect that.

But in the RNG? FFS! Pay attention. It's always the RNG to fall first. Friends don't let friend write crypto libraries without doing a competent job on the RNG. In fact putting an RNG in a library in that way is just stupid and they all do it.

Putting the RNG in place that enables state duplication is stupid beyond belief. A single RNG service serving all comers is able to separate state between them. The sensible consumer will source multiple sources of entropy and mix them if they have a trust problem in t

Donate

[Anonymous Coward]

Through my student years I was very much supported by donations.

The LibReSSL effort was the first time I donated ever. So FFS donate, it is that kind of asshole attitude that produces good code, so support it.

Re:

[tepples]

Do you go to homeless shelters and ask for donations from the homeless too?

If by "donations" you include donations of one's time, yes. Some homeless shelters expect those people who are able to perform some sort of work to do so.

Re:

[akpoff]

Development of portable versions of other OpenBSD projects doesn't appear to have suffered.[1] What makes you think LibreSSL will be any different?

[1] The OpenBSD Foundation [openbsdfoundation.org]:
OpenSSH [openssh.com]
OpenNTPD [openntpd.org]
OpenSMTPD [opensmtpd.org]

Re:Donate

[Noryungi]

Oh boy, there is so much wrong here... Where to start?

First of all, OpenSSL problems are not ''getting fixed''. Part of the problem is that funding for OpenSSL was primarily based on company XYZ sponsoring function ABC. This gave incentives to the OpenSSL devs to add more functionalities on top of the cruft, the horrible mess that was the code base. More funding equals more developpers equals more eyeballs, but we haven't seen the progress so far.

Second of all, OpenBSD has given a HUGE amount of (BSD licensed) code to the rest of the world, Linux included. Try typing "ssh -V" on any Linux machine and I can guarantee you will get OpenSSH. And if you are like me, this is something you use EVERY. FREAKING. DAY. So please stop the trolling about OpenBSD, mmmmkay?

Third, the amount of code that has been cleaned up, improved, deleted and just plain scrubbed is simply amazing. You can say whatever you want about OpenBSD cranky devs, they know their stuff and they know their way around C code.

Fourth, OpenSSL is BSD/Apache licensed, and not GPL, so stop spouting off about supporting GPL software - not everything has to be blessed by Stallmann to be acceptable. And, yes, the Linux Foundation recognizes this - while you don't.

Re:

[WaffleMonster]

First of all, OpenSSL problems are not ''getting fixed''.

http://www.openssl.org/about/r... [openssl.org]

Third, the amount of code that has been cleaned up, improved, deleted and just plain scrubbed is simply amazing. You can say whatever you want about OpenBSD cranky devs, they know their stuff and they know their way around C code.

Nothing structural has changed.

Heartbleed didn't arise from confusing seas of preprocessor macros or broken allocators we've been hearing so much about. It was allowed to happen because there were no structures in place mandating early data validation up front.

Re:

[thegarbz]

Nothing structural needed to be changed in this phase.

Step one of the LibreSSL project is and always has been clean up the code to make it readable by mortals. An illegible clusterfuck does not attract volunteer developers to help audit. Heartbleed arose because OpenSSL was a perfect contradiction to the idea that "Because it's open source anyone can look at the code and therefore bugs get fixed quickly." Structural changes are still to come.

Also posting an about page from OpenSSL doesn't really mean all th

Stallman's "blessings" are for software freedom

[jbn-o]

[...] not everything has to be blessed by Stallmann to be acceptable

Regarding this point, Stallman certainly does endorse Free Software. And so much of what is in OpenBSD is Free Software—software that respects a user's software freedom [gnu.org]—and the same goes for OpenSSL. Stallman (and his organization, the Free Software Foundation(FSF)) are known for standing up for a user's software freedom. Non-copylefted Free Software is Free Software. Furthermore, in 2004 the FSF gave Theo de Raadt an award for [fsf.org]

Re:

[Anonymous Coward]

OpenBSD does not contain any binary blob in it's kernel. They're the ones that fought so hard to kill off binary blobs, and ended up with a FSF award for it.

Re:

[DuckDodgers]

I prefer GPL to BSD. But any FSF-approved open source license trumps proprietary, so I'll happily use OpenSSL, OpenSSH, LLVM, etc... I make my arguments in favor of GPL, but if the people giving their free time to open source don't agree, it's no skin off my back. I'll take a full top to bottom OpenBSD stack over a walled garden from Apple, Microsoft, Amazon, Google, or anyone else any day of the week.

Re:

[the_B0fh]

The OpenBSD group does a number of things. LibreSSL is one of them. They ask for donations to the general fund. If you like, you donate. If you don't, don't donate. OpenBSD runs a lean organization. Everything they do is open sourced and standards driven. And they make it _portable_ correctly.

If you have an axe to grind against them for forking a piece of shit code, take it and shove it.

Other OS's

[armanox]

Guess I'll have to see if this builds on IRIX when I get home...just to see.

Re:

[phantomfive]

Post when you get home. I'm betting it will build.

Re:

[armanox]

Does not compile. ./configure fails when used with MIPSPro Compiler, and when using gcc I get the following:

CC libcrypto_la-malloc-wrapper.lo
malloc-wrapper.c: In function 'CRYPTO_strdup':
malloc-wrapper.c:143:2: error: implicit declaration of function 'strdup' [-Werror=implicit-function-declaration]
malloc-wrapper.c:143:2: error: return makes pointer from integer without a cast [-Werror]
cc1: all warnings being treated as errors
*** Error code 1 (bu21)
*** Error code 1 (bu21)

Re:

[phantomfive]

Fascinating

Re:

[armanox]

Got it to get along a bit further with some editing of the configure file.

Changing CFLAGS="$CFLAGS -Wall -Werror -std=c99 -g -Wno-pointer-sign" to #CFLAGS="$CFLAGS -Wall -Werror -std=c99 -g " brings us to a different stopping point.

CC asn1/libcrypto_la-n_pkey.lo
asn1/n_pkey.c:92:2: warning: implicit declaration of function '__INTADDR__' [-Wimplicit-function-declaration]
asn1/n_pkey.c:92:2: error: initializer element is not constant
asn1/n_pkey.c:92:2: error: (near initialization for 'NETSC

Re:

[phantomfive]

You could try removing -Werror and changing -std to -std=gnu99, that might fix some of them

Re:

[phantomfive]

Not really, it would mean you would need to visually inspect the warnings to make sure there were no problems. If you were actually going to use it in a place where security was crucial

Re:Other OS's

[armanox]

Which I already eliminated that possibility saying I was building it at home. I'd also like to believe that there are very few security critical things still using IRIX, even though I know better (at least SGI was still releasing security patches until this year....).

Re:

[armanox]

No dice. I've posted it over on Nekochan to see if people who are more familiar with compiling things in IRIX can come up with anything. In the mean time, I'll go back to trying to get Qt5 to compile...

Re:

[phantomfive]

In the mean time, I'll go back to trying to get Qt5 to compile...

Brave man

Re:

[armanox]

Slowly moving along on that one. Working on all the prereqs for XCB right now. I also have a hatred of autotools right now.

Re:

[phantomfive]

What's wrong with autotools?

Re:

[armanox]

The easy answer is I don't know how to use them, and they're required to build the Qt5 prereqs (pthreads-stubs)

Re:

[phantomfive]

oh, that's super annoying, especially since the entire purpose of autotools is to make things cross-platform compatible

Re:

[Kumba]

Just an FYI, but IRIX support was removed in gcc-4.8, in case you're thinking of trying that. Not that Linux is going to get you any farther on an Octane, as I am currently chasing down a futex hanging bug in 4.8 on MIPS R10000 platforms. See gcc PR61538 and Gentoo Bug 516548 for the gory details. Have to git bisect gcc to chase this down, which is _not_ fun.

Re:

[armanox]

Certainly doesn't sound fun. Looks like I was stuck with something it didn't like in the MIPSPro files (/usr/include). Removing that from $C_INCLUDE_PATH got it to move on a bit further.

Re:

[armanox]

We've got progress - it's continuing to build now, thanks to some help from nekochan - apparently it really doesn't like MIPSPro, and despite being farther down in my $C_INCLUDE_FILES, the MIPSPro headers in /usr/include were causing issues. Changed $C_INCLUDE_FILES to remove /usr/include and it's continuing to build. I wonder what else will decide to build with that removed.

Re: Other OS's

[staalmannen]

I want to check if it builds on Plan9 APE. There is an old openssl port, but when I tried a more recent one it choked (lots of symlinks generated during configure, not supported on Plan9)

Re:

[armanox]

I'd be surprised. I'm running fairly recent software on my Octane, but it is time for a round of updates (Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1g PHP/5.4.27)

Re:

[prat393]

Why IRIX? Used at your job?

Re: Other OS's

[armanox]

Not in production, at least. IRIX happens to be my favourite UNIX.

Re:Happy to let someone else test it

[Noryungi]

There is not just ''cruft'' in the code base: if I remember correctly, they removed thousands upon thousands of lines of code from OpenSSL - think VMS, Borland C, Windows 3.x, MS Visual C++ (etc) support.

And they tested the whole thing on the OpenBSD ports - so far, nothing has been broken.

Oh and FIPS support? Not gonna happen. Bob Beck has been very very clear on that subject. OpenBSD does not care too much about US government standard.

Re:

[greg1104]

Most of FIPS is a certification process oriented on testing. However, there is a checklist of things you need to support, and one of them used to be the easy to backdoor [0xbadc0de.be] Dual_EC_DRBG [wikipedia.org].

Now that the requirement for Dual_EC_DRBG has been dropped from NIST's checklist, it would be possible to have LibreSSL meet FIPS requirements without having the troublesome component. Most of FIPS certification is about throwing money at testing vendors, as described by OpenSSL themselves [openssl.org]. Doing that would really be incompa

Re:

[the_B0fh]

Considering that FIPS is a USA abortion and OpenBSD is Canadian, eh...

The word you are looking for is "abomination".

Re:

[WaffleMonster]

Unless you are using 15+ year old C compilers, unsupported and dead OSes or want to use insecure ciphers and hash routines, you're not gonna miss the cruft.

Bottom line LibreSSL is useless here as long as it won't run Windows. Need DTLS heartbeat support so they are going to have to find a way to get over that too.

Re:Happy to let someone else test it

[Bengie]

Heartbeat support is optional and negotiated. I don't know why you think it 'must' be supported.

Re:

[WaffleMonster]

Heartbeat support is optional and negotiated.

All support was completely and unconditionally yanked from LibreSSL.

I don't know why you think it 'must' be supported.

UDP is connectionless. No session is required to be setup and managed prior to normal operation.

When making existing UDP protocols work over DTLS there is now a session and associated need for session management Including heartbeat to reason about continued health of the session.

Without heartbeats the only alternative is custom modification of each protocol.

Re:

[Bengie]

Heartbeat is only to let the other side know the connection is still expected to be alive when no data is being transmitted. It's not hard for the application level to issue data every 4.5 minutes when it detects an idle connection. The time out length is also configurable. Set the timeout for 24 hours, enjoy.

Re:

[Anonymous Coward]

Almost no one uses OpenSSL on Windows.

Re:

[greg1104]

OpenSSL is used to add SSL support when compiling PostgreSQL on Windows [postgresql.org]. It's a constant headache to the developers and packagers of the database. We were all complaining about how much the OpenSSL license sucks [lwn.net], too, before it was cool to rag on OpenSSL.

Re:

[Zero__Kelvin]

"Bottom line LibreSSL is useless here as long as it won't run Windows.'

The sad part is that you actually believe it.

Re:

[WaffleMonster]

Bottom line LibreSSL is useless here as long as it won't run Windows.

The sad part is that you actually believe it.

Real world runs Windows. If we don't support Windows we go out of business.

Re:

[Anonymous Coward]

If this feature is that important, perhaps you should go for a commercial SSL product or pay developers to add it to whichever opensource SSL lib you prefer... But I guess whining how you cant make money of off others' free work is much better.

Re:

[WaffleMonster]

The source is open. If you're a Windows user and would like to use the library, then fork and add the capability yourself.

Unacceptable if LibreSSL is to be a viable alternative to OpenSSL. Last thing we want to do is take responsibility for maintaining an SSL stack.

Re:

[dibos]

So donate to the OpenBSD Foundation, and in your donation leave a note that you want LibreSSL to work on Windows. If enough people do that, guess what... it is pretty likely. Or find out who is on the porting team, and pay them DIRECTLY to put a little extra effort in to make it run on Windows. Put your money where your mouth is.

Re:

[Bengie]

LibReSSL is 100% posix compliant. Just create a posix wrapper for Windows for the required parts.

Re:

[cbhacking]

The sad thing is, NT itself has (or rather, had) a POSIX API. Up through Win8 (but not 8.1) you can actually get a basic but functional *nix environment running on NT natively (or as natively as NT runs Win32 at least, which is to say it works pretty much seamlessly and nobody back a handful of hacker-types care about the underlying guts). Shells, libraries, utilities, GCC-based build toolchain... pretty nifty, and it integrates better with Windows than Cygwin ever has, while also being faster and supportin

Re:

[Bengie]

The OpenBSD people do not believe in "work arounds". Their answer to an OS not properly doing something is "fix the OS". As it should be.

Does app incompatibility count?

[tepples]

Their answer to an OS not properly doing something is "fix the OS".

How would someone go about fixing an operating system whose biggest problem is that it can't run many of the proprietary applications on which he relies? There are plenty of applications for Windows that aren't ported to any *BSD.

Re:

[Bengie]

Well, sucks to be you. That's really what it comes down to. When it comes security and design, don't compromise because some idiots painted themselves into a corner.

Re:

[tepples]

So if the whole PC gaming industry or the whole graphic design industry paints itself into a corner, how are end users supposed to not compromise?

Re:

[Zero__Kelvin]

"How would someone go about fixing an operating system whose biggest problem is that it can't run many of the proprietary applications on which he relies?"

Agreed. Way back when we were all warning you of the hole you were digging yourself and you kept spouting loudly and proudly that relying on garbage was "Tony the Tiger Great" we knew this post was coming. The answer of course is: Get yourself a clue stick and start digging

Re:

[Just Some Guy]

Failure to provide work arounds will inherently limit adoption of the project.

I'm certain the OpenBSD guys have literally never cared a single bit. Their goal is to make a secure, clean, and open codebase that people can use and build upon. Anything beyond it simply existence is a bonus.

Re:

[lilrobbie]

Well... perhaps it's actually a more realistic acknowledgement that if the OS is so badly broken it misses things like proper random number generation, chances are, it can't ever be made secure.

Let's switch to a metaphor. Imagine your OS is a house, and OpenSSL/LibreSSL is some type of security screen being fitted to your Windows (hah! do you see what I did there?). The OpenBSD people are basically saying if your house doesn't have the relatively industry-standard secure mounting points for putting their sc

Re:

[Bengie]

Their "Ivory Tower" is a tower of "don't be f*cking retarded". The OpenBSD group is one of the most respected groups because they don't give two sh*ts about politics or making people happy. They only care about doing things correctly.

As a professional programmer, I no longer have respect for people who don't take pride in their work, and these people have a lot of pride.

Re:

[Bengie]

Either you're trolling or ignorant of the real issues. The LibReSSL fork was entirely deserving. OpenBSD is inflexible when it comes to doing things properly, but their code quality is the best. It is the quality of their code that makes them flexible. They write the most portable, secure, and easily understood code of all projects. They've spearheaded nearly every security advancement that has made it into any OSS OS.

People who think like you are the reason OpenSSL has so many bugs.

Happy to let someone else test it

[Anonymous Coward]

Well, FIPS is mandated by the same group of people who want to subvert any strong crypto. So why worry ?

Welp, time to start the VMS port

[jandrese]

Oh good, now we can get that vital VMS, DOS, and MacOS 7 support so they're not stuck on OpenSSL.

Re:

[Bengie]

OpenSSL is a hopeless caused of poor design, bad code practices, and poor leadership. No one person to point a finger at, but it is a situation where starting over would almost be a valid option. OpenBSD decided to take the route of heavy re-factoring to maintain backwards compatibility with most projects.

The OpenBSD group had no intentions of "working with" anyone. They wanted to get it done and do it correctly, no beating around the bush to get permission from the current project managers for a massive

Re:

[Zero__Kelvin]

No, because they're right and you're stupid. Not judging; just saying ...

Also works fine under NetBSD

[ci4]

Test suite summary for libressl 2.0.0
'make check' under -current amd64:

TOTAL: 41
PASS: 41
SKIP: 0
XFAIL: 0
FAIL: 0
XPASS: 0
ERROR: 0

Re:

[ConstantineM]

Awesome! Another good test would be building pkgsrc on top of LibreSSL, with no signs of the original OpenSSL present.

Re:

[Anonymous Coward]

Of course, it it were OpenSSL code ported to OpenBSD, it would be:

      if $OS != OpenBSD; then
                      return true
      else
                    RunTest
      fi

Unsigned

[Anonymous Coward]

And the tarball is unsigned.... why?

LibreSSL vs OpenSSL Speed test

[Anonymous Coward]

I saw the updated http://www.libressl.org/ [libressl.org] page with details for the portable version.

Saw someone else did a speed test https://gist.github.com/bertjw... [github.com]

and thought I would do the same

http://pastebin.com/SBVWPQmB [pastebin.com]

I'm not an expert but at this stage it appears

LibreSSL Speed as % of OpenSSL
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes

Aes-128 cbc 152.40 152.

Technical discussion

[jgotts]

There is a lot of political discussion on this thread. How about a bit of technical discussion?

I spent about 20-30 minutes code reviewing the first few files in ssl/*.c.

The codebase looks better than most C code I look at. The indentation is a pleasure to look at.

I did notice a few issues. Wrappers are apparently still being used around memory allocation functions. I don't know if this is for API compatibility or what. There is more casting than I would like to read. I hope it is all absolutely necessary. I