OpenBSD Journal

l2k15 Hackathon Report: Bernard Spil on portable LibreSSL

Contributed by tj on from the less-openssl-the-better dept.

The next trip report comes from hackathon invitee Bernard Spil, who's been upstreaming LibreSSL-related ports fixes and integrating it into other projects.

Hi, my time to chime in on a hackathon report!

All of a sudden an email arrives from beck asking me if I'd be
interested to attend a LibreSSL focused hackathon in 3 weeks time so we
can discuss how LibreSSL is used by other projects. Hell yeah I'm
interested! And besides that flattered and a bit scared... It's not
daily that you get to meet some "giants" of Open Source.

A bit of planning and a train and plane later I meet up with Claudio,
Theo and Tonimir at Zagreb airport, Tonimir drives us to the Hack-room
and we're off!

What ensues is 5 days of hacking. Bob, Joel, Brent and myself primarily
on LibreSSL amidst a gang of guys ferociously hacking away at code.

The first full day we get a lot of the exchanging of information piece
done. I had tried to elicit as much information as possible from the
FreeBSD people and projects that make use of LibreSSL but the response
was mainly "Mostly works just fine, nothing serious". The upstream
projects I interacted with were often extremely sceptical or downright
dismissive of including support for LibreSSL, for no good reason one
must conclude! During the hackathon, the LibreSSL.org website was
updated to contain more information on the lifecycle and support of
LibreSSL. This resulted in a patch that's now in code-review for FreeBSD
to track the latest stable release to reduce the frequent shlib version
bumps to two times per year, and having an additional port for the
"Latest and Greatest".

The following day I've managed to work on preliminary patching of the
FreeBSD ports tree for 2.3.0 with patches from OpenBSD's ports.
Meanwhile exchanging info and patches with Stuart for upstream projects.
The removal of SSLv3 and SHA-0 surfaces another load of projects with
last decade's crypto. This I've continued after the Hackathon and should
result in a PC-BSD EDGE release using 2.3.0 in the coming week.

The last day was spent working on understanding the build system and
trying to replace OpenSSL in FreeBSD base with LibreSSL. LibreSSL builds
as part of the base system but building the dependent software runs into
some snags that I hope to iron out at EuroBSDcon 2015. I was so caught
up in the hackathon that I managed to miss my flight back home by a full
day...

Once again, a big thanks to all of you for having me! The energy that
the team exudes and the intensity of the hackathon was a true
inspiration. I've had an awesome time.

Thanks for the report, Bernard. It's great to see people who are enthusiastic about getting OpenBSD technologies into other projects as well.

(Comments are closed)


Comments
  1. By Anonymous Coward (2601:186:4102:4919:e961:86b5:e9b4:3fa9) on

    > The last day was spent working on understanding the build system and
    trying to replace OpenSSL in FreeBSD base with LibreSSL.


    Yea!

    Comments
    1. By Bernard Spil (brnrd) on https://wiki.freebsd.org/BernardSpil

      > > The last day was spent working on understanding the build system and
      > trying to replace OpenSSL in FreeBSD base with LibreSSL.
      >
      >
      > Yea!

      Initial WIP/broken version here:
      https://github.com/Sp1l/freebsd/tree/user/brnrd/libressl

      Description is in secure/usr.bin/openssl

  2. By Ilyas Bakirov (82.200.241.50) on

    I wonder why LibreSSL portable version is not versioned like OpenSSH portable with -p ending in version number...

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]