30-Day Status Update On The LibreSSL OpenSSL-Fork
Written by Michael Larabel in BSD on 17 May 2014 at 07:34 PM EDT. 25 Comments
Bob Beck of the OpenBSD project has provided a status update on the first 30 days of the LibreSSL project that's a fork of OpenSSL following the notorious heartbleed bug.

Bob's slides from BSDCan Ottawa 2014 are interesting and can be found in full via OpenBSD.org. Some highlights from the presentation on LibreSSL include:

- The "perfect storm" happened for OpenSSL with developers being concerned about adding features and not fixing/maintaining, fixes not being merged upstream, bug rot for years, and horrible code.

- LibreSSL is still after maintaining API/ABI compatibility with OpenSSL so it can be a drop-in replacement.

- OpenBSD developers have found numerous faults with OpenSSL and the decisions made by its developers.

- They have already fixed many bugs and have about a half-million line unidiff from OpenSSL 1.0.1g from where they forked.

- New ciphers for Brainpool, ChaCha, poly1305, and ANSSI FRP256v1 have been added to LibreSSL.

- LibreSSL accuses the OpenSSL Foundation as being a front for the FIPS consultancy.

- Long term goals of LibreSSL are a better API, reduced code-base, splitting libcrypto from libssl, and splitting non-cryptography tasks from libcrypto.

- The Linux Foundation has not committed support to LibreSSL although they are now funding OpenSSL via their core infrastructure initiative.

About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related BSD News
Popular News
Trending Reviews & Featured Articles