This is perhaps sometimes useful for determining what hardening options it was built with (for comparing packages).

LibreSSL 2.0
built on: date not available
options:bn(64,64) rc4(ptr,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx)
compiler: information not available

Anticipating on nodejs/node#428 I'm wondering if LibreSSL is ready to be shipped with software that has to support Windows?

I've only found http://undeadly.org/cgi?action=article&sid=20141201141720 and if I interpret that correctly it doesn't indicate a stable build. Furthermore https://github.com/busterb/portable/commits/win32-minimal shows not a lot has changed since that blog post (apart from opening up #55).

I've been running LibreSSL Portable 2.0.5 without any issues for quite some time, but since updating to 2.1 the cipher list has been different, notably that the elliptic curve ciphers seem to be missing when used in combination with my webserver (nginx).

The commandline shows the correct selection:
$ openssl ciphers -v 'TLSv1.2+aRSA+EECDH:EECDH+RC4+aRSA:EECDH+aRSA+AES:RC4+aRSA+SHA:aRSA+AES:!AECDH:!ECDSA:!DH:!SRP'
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=ChaCha20-Poly1305 Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
ECDHE-RSA-RC4-SHA SSLv3 Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1
ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1
RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
AES256-GCM-SHA384 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(256) Mac=AEAD
AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD
AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA256
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1

However, when used in my nginx configuration (list generated with ssllabs.com and confirmed with openssl 1.0.1f):

Cipher Suites (SSL 3+ suites in server-preferred order; deprecated and SSL 2 suites always at the end)
TLS_RSA_WITH_RC4_128_SHA (0x5) 128
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d) 256
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x3d) 256
TLS_RSA_WITH_AES_256_CBC_SHA (0x35) 256
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c) 128
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x3c) 128
TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128

My nginx configuration:
ssl_protocols TLSv1.2 TLSv1.1 TLSv1 SSLv3;
ssl_ciphers TLSv1.2+aRSA+EECDH:EECDH+RC4+aRSA:EECDH+aRSA+AES:RC4+aRSA+SHA:aRSA+AES:!AECDH:!ECDSA:!DH:!SRP;
ssl_prefer_server_ciphers on;

Just to be clear, this all worked just fine with LibreSSL 2.0.5. Any thoughts?

ChaCha20+Poly1305 should only be used if it is the top client's cipher.

AES with AES-NI outperforms ChaCha20 (1350 bytes benchmark):

AES-128-GCM:      1059.9 MB/s
AES-256-GCM:       941.1 MB/s
ChaCha20-Poly1305: 512.3 MB/s

Source:
https://www.zeitgeist.se/2014/08/23/optimize-aes-and-chacha20-usage-with-boringssl/

=> AES with AES-NI is ~twice as fast, thus should be the preferred cipher suite.

Maybe it is a good idea to introduce equal preference groups, like BoringSSL recently added.
[ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:ECDHE-ECDSA-AES256-GCM-SHA384:…

Also see cloudflare's openssl patch: https://github.com/cloudflare/sslconfig/blob/master/patches/openssl__chacha20_poly1305_cf.patch#L4191

Hi,
memmem() existence check is missing in configure.ac.
These lines should be in configure.ac.

AC_CHECK_FUNC(memmem,
        AM_CONDITIONAL(NO_MEMMEM, false),
        AC_DEFINE(NO_MEMMEM)
        AM_CONDITIONAL(NO_MEMMEM, true))

There is "#ifdef NO_MEMMEM" directive in include/string.h,
so this check is needed.

Thanks.

Thanks to Stefan Kowski for reporting. We should either bundle the dll or eliminate the dependency if possible.

I think MAP_ANON should be replaced with MAP_ANONYMOUS.

Seeing this
http://austingroupbugs.net/view.php?id=850
I noticed these descriptions.

• MAP_ANON is synonym for MAP_ANONYMOUS
• MAP_ANON shall have the same value as MAP_ANONYMOUS

It seems that MAP_ANONYMOUS will be more common than MAP_ANON.

constant MAP_ANON is used in these files.
./crypto/compat/getentropy_linux.c
./crypto/compat/arc4random_linux.h
./crypto/compat/getentropy_solaris.c
./crypto/compat/arc4random_solaris.h
./crypto/compat/getentropy_osx.c
./crypto/compat/arc4random_osx.h
./tests/arc4randomforktest.c

Thanks.

Making all in crypto
make[1]: Entering directory '/home/austin/libressl-2.0.0/crypto'
CC md5/libcrypto_la-md5_dgst.lo
md5/md5_dgst.c: In function 'md5_block_data_order':
md5/md5_dgst.c:107:49: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
^
md5/md5_dgst.c:107:109: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
HOST_c2l(data,l); X( 0)=l; HOST_c2l(data,l); X( 1)=l;
^
md5/md5_dgst.c:109:168: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(A,B,C,D,X( 0), 7,0xd76aa478L); HOST_c2l(data,l); X( 2)=l;
^
md5/md5_dgst.c:110:170: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(D,A,B,C,X( 1),12,0xe8c7b756L); HOST_c2l(data,l); X( 3)=l;
^
md5/md5_dgst.c:111:170: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(C,D,A,B,X( 2),17,0x242070dbL); HOST_c2l(data,l); X( 4)=l;
^
md5/md5_dgst.c:112:170: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(B,C,D,A,X( 3),22,0xc1bdceeeL); HOST_c2l(data,l); X( 5)=l;
^
md5/md5_dgst.c:113:168: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(A,B,C,D,X( 4), 7,0xf57c0fafL); HOST_c2l(data,l); X( 6)=l;
^
md5/md5_dgst.c:114:170: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(D,A,B,C,X( 5),12,0x4787c62aL); HOST_c2l(data,l); X( 7)=l;
^
md5/md5_dgst.c:115:170: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(C,D,A,B,X( 6),17,0xa8304613L); HOST_c2l(data,l); X( 8)=l;
^
md5/md5_dgst.c:116:170: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(B,C,D,A,X( 7),22,0xfd469501L); HOST_c2l(data,l); X( 9)=l;
^
md5/md5_dgst.c:117:168: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(A,B,C,D,X( 8), 7,0x698098d8L); HOST_c2l(data,l); X(10)=l;
^
md5/md5_dgst.c:118:170: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(D,A,B,C,X( 9),12,0x8b44f7afL); HOST_c2l(data,l); X(11)=l;
^
md5/md5_dgst.c:119:171: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(C,D,A,B,X(10),17,0xffff5bb1L); HOST_c2l(data,l); X(12)=l;
^
md5/md5_dgst.c:120:171: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(B,C,D,A,X(11),22,0x895cd7beL); HOST_c2l(data,l); X(13)=l;
^
md5/md5_dgst.c:121:169: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(A,B,C,D,X(12), 7,0x6b901122L); HOST_c2l(data,l); X(14)=l;
^
md5/md5_dgst.c:122:171: error: right-hand operand of comma expression has no effect [-Werror=unused-value]
R0(D,A,B,C,X(13),12,0xfd987193L); HOST_c2l(data,l); X(15)=l;
^
cc1: all warnings being treated as errors
Makefile:5417: recipe for target 'md5/libcrypto_la-md5_dgst.lo' failed
make[1]: *** [md5/libcrypto_la-md5_dgst.lo] Error 1
make[1]: Leaving directory '/home/austin/libressl-2.0.0/crypto'
Makefile:381: recipe for target 'all-recursive' failed
make: *** [all-recursive] Error 1

it would be nice to have a way to build with CFLAGS=-m32 and get the correct architecture built for libcompat-noopt.a

In the following commit TLSEXT_TYPE_application_layer_protocol_negotiation was added:
libressl/openbsd@9439a6a

This is included in LibreSSL 2.1.2 release without the ALPN implementation. Nginx uses this define to determine wether it should try to enable ALPN support as follows:

#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
    SSL_CTX_set_alpn_select_cb(conf->ssl.ctx, ngx_http_ssl_alpn_select, NULL);                                                                                                 
#endif

#ifdef TLSEXT_TYPE_next_proto_neg
    SSL_CTX_set_next_protos_advertised_cb(conf->ssl.ctx,
                                          ngx_http_ssl_npn_advertised, NULL);
#endif

Which breaks the build of course. In light of keeping keeping compatibility with software build for OpenSSL I would personally like to see that either this define is removed from the current release or perhaps do another minor update (as I saw that the ALPN implementation is being worked on) with the ALPN API available (if this is compatible).

What's the stand on this aspect from the developer team?

Hi,
modification of configure.ac by this commit01726893f54a5d92cae0e13d60c77d4199d647f0
should use '=' instead of '=='.

this line,

AS_IF([test "x$enable_asm" == "xno"]

should be

AS_IF([test "x$enable_asm" = "xno"]

in bash environment, '==' works fine, but sh environment this causes error.

# if  test "xno" = "xno"; then echo "aaa"; fi
aaa
#
# if  test "xno" == "xno"; then echo "aaa"; fi
sh: ==: A test command parameter is not valid.

Thanks.

Trying to statically compile nginx with LibreSSL 2.1.2 following the instructions here
https://www.mare-system.de/blog/page/1405201517/

It works perfectly fine with LibreSSL 2.1.1, but it won't compile with 2.1.2. One of those problems is that it's saying it can't find winsock2.h, which considering I'm trying to compile in Arch Linux, this obviously wasn't supposed to happen.

Here's the PKGBUILD

# $Id: PKGBUILD 107711 2014-03-18 17:19:21Z bpiotrowski $
# Maintainer: Bartłomiej Piotrowski <[email protected]>
# Maintainer: Sébastien Luttringer
# Contributor: Sergej Pupykin <[email protected]>
# Contributor: Miroslaw Szot <[email protected]>

pkgname=nginx-pouar
provides=('nginx')
conflicts=('nginx')
replaces=('nginx')
pkgver=1.7.8
pkgrel=1
pkgdesc='Lightweight HTTP server and IMAP/POP3 proxy server'
arch=('i686' 'x86_64')
url='http://nginx.org'
license=('custom')
depends=('pcre' 'zlib' 'openssl'  'geoip' 'geoip-database' 'gd')
makedepends=(
    'libxslt'
    'gd'
    'git'
)
backup=('etc/nginx/fastcgi.conf'
        'etc/nginx/fastcgi_params'
        'etc/nginx/koi-win'
        'etc/nginx/koi-utf'
        'etc/nginx/mime.types'
        'etc/nginx/nginx.conf'
        'etc/nginx/scgi_params'
        'etc/nginx/uwsgi_params'
        'etc/nginx/win-utf'
        'etc/logrotate.d/nginx')
install=nginx.install
_cachepurge_ver="2.2"
_cachepurge_dirname="ngx_cachepurge"
_slowfscache_ver="1.10"
_slowfscache_dirname="ngx_slowfscache"
_echo_ver="v0.57"
_echo_dirname="ngx_echo"
_headersmore_ver="v0.25"
_headersmore_dirname="ngx_headersmore"
_uploadprogress_ver="v0.9.1"
_uploadprogress_dirname="ngx_uploadprogress"
_upstreamfair_hash="a18b4099fbd458111983200e098b6f0c8efed4bc"
_upstreamfair_dirname="ngx_upstreamfair"
_authpam_ver="1.3"
_authpam_dirname="ngx_authpam"
_pagespeed_ver="1.9.32.2"
_pagespeed_dirname="ngx_pagespeed"
_accesskey_ver="2.0.3"
_accesskey_dirname="ngx_accesskey"
_rtmp_ver="v1.1.6"
_rtmp_dirname="ngx_rtmp"
_davext_ver="v0.0.3"
_davext_dirname="ngx_daxext"
_naxsi_ver="0.53-2"
_naxsi_dirname="ngx_naxsi"
_clojure_ver="v0.3.0"
_clojure_dirname="ngx_clojure"
_lua_ver="v0.9.13"
_lua_dirname="ngx_lua"
_http_internal_redirect_ver="0.6"
_http_internal_redirect_dirname="ngx_http_internal_redirect"
source=($url/download/nginx-$pkgver.tar.gz
        service
        logrotate
        "${_cachepurge_dirname}.tar.gz::http://labs.frickle.com/files/ngx_cache_purge-${_cachepurge_ver}.tar.gz"
        "${_slowfscache_dirname}.tar.gz::http://labs.frickle.com/files/ngx_slowfs_cache-${_slowfscache_ver}.tar.gz"
        "${_uploadprogress_dirname}.tar.gz::https://github.com/masterzen/nginx-upload-progress-module/tarball/${_uploadprogress_ver}"
        "${_headersmore_dirname}.tar.gz::https://github.com/agentzh/headers-more-nginx-module/tarball/${_headersmore_ver}"
        "${_echo_dirname}.tar.gz::https://github.com/agentzh/echo-nginx-module/tarball/${_echo_ver}"
        "${_upstreamfair_dirname}.tar.gz::https://github.com/gnosek/nginx-upstream-fair/tarball/${_upstreamfair_hash}"
        "${_authpam_dirname}.tar.gz::http://web.iti.upv.es/~sto/nginx/ngx_http_auth_pam_module-${_authpam_ver}.tar.gz"
        "${_pagespeed_dirname}.tar.gz::https://github.com/pagespeed/ngx_pagespeed/archive/v${_pagespeed_ver}-beta.tar.gz"
        "psol-${_pagespeed_ver}.tar.gz::https://dl.google.com/dl/page-speed/psol/${_pagespeed_ver}.tar.gz"
        "${_accesskey_dirname}.tar.gz::http://wiki.nginx.org/images/5/51/Nginx-accesskey-${_accesskey_ver}.tar.gz"
        "${_rtmp_dirname}.tar.gz::https://github.com/arut/nginx-rtmp-module/archive/${_rtmp_ver}.tar.gz"
        "${_davext_dirname}.tar.gz::https://github.com/arut/nginx-dav-ext-module/archive/${_davext_ver}.tar.gz"
        "${_naxsi_dirname}.tar.gz::https://github.com/nbs-system/naxsi/archive/${_naxsi_ver}.tar.gz"
        "${_clojure_dirname}.tar.gz::https://github.com/nginx-clojure/nginx-clojure/archive/${_clojure_ver}.tar.gz"
        "${_lua_dirname}.tar.gz::https://github.com/openresty/lua-nginx-module/archive/${_lua_ver}.tar.gz"
        "${_http_internal_redirect_dirname}.tar.gz::https://github.com/flygoast/ngx_http_internal_redirect/archive/v${_http_internal_redirect_ver}.tar.gz"
        git+https://github.com/simpl/ngx_mongo.git
        'http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.1.2.tar.gz'
        "libressl-dummy-rand-egd.patch"
        'nginx__libressl.patch')
md5sums=('fd5ab813fc1853cd8efe580ead577c3e'
         'ce9a06bcaf66ec4a3c4eb59b636e0dfd'
         '3441ce77cdd1aab6f0ab7e212698a8a7'
         '82c6281e14ffee73e0ad69c134d6e5e1'
         '68a1af12d5c1218fb2b3e05ed7ff6f0c'
         'f7dee95dbe8ada5f4d8e9d59ca1f4797'
         '10e178b0cecf6ce891ee297d32ba2f14'
         '1ba466e7efc03cd9934dd711ce9d84e7'
         'ac5e7f485476af70e0ee1c52016cddaf'
         'bf3c3389353f11f5f2047b67ce08ba79'
         '53d356f24cf2a67e45d0c1ba061ed839'
         '60a6b6e4e3c2fa7aff7fe25150b0f067'
         '9b5304346d5139b1841f5baa01ab0cbe'
         'ceca9874cd89e6027fae8178f5c3af86'
         '2cb502dbda335be4ebd5fed0b3182bae'
         '348b50914a1eedaed09a2509621adf43'
         'e43f86f16529179f754e4c96e1fdd84f'
         '23eecdc84fb996fe22f2ec7ff93622da'
         'b94a636bdfcac5c69f265d493a25874c'
         'SKIP'
         'c979a977e3b54fbecfa762c74a631bc3'
         '708f29ac93db537a705dfe1f6dac0a50'
         'SKIP')





prepare() {

  cd ${srcdir}

    cp -r ngx_cache_purge-* ${_cachepurge_dirname}
    cp -r ngx_slowfs_cache-* ${_slowfscache_dirname}
    cp -r openresty-headers-more-nginx-module-* ${_headersmore_dirname}
    cp -r openresty-echo-nginx-module-* ${_echo_dirname}
    cp -r masterzen-nginx-upload-progress-module-* ${_uploadprogress_dirname}
    cp -r gnosek-nginx-upstream-fair-* ${_upstreamfair_dirname}
    cp -r ngx_http_auth_pam_module-${_authpam_ver} ${_authpam_dirname}
    cp -r ngx_pagespeed-* ${_pagespeed_dirname}
    cp -r psol ${_pagespeed_dirname}/
    cp -r nginx-accesskey* ${_accesskey_dirname}
    cp -r nginx-rtmp-module* ${_rtmp_dirname}
    cp -r nginx-dav-ext-module* ${_davext_dirname}
    cp -r naxsi* ${_naxsi_dirname}
    cp -r nginx-clojure-* ${_clojure_dirname}
    cp -r lua-nginx-module-* ${_lua_dirname}
    cp -r ngx_http_internal_redirect-* ${_http_internal_redirect_dirname}
    # patch -Np0 < $srcdir/libressl-dummy-rand-egd.patch || exit 1
    #cd nginx-$pkgver
    #patch -Np1 < $srcdir/nginx__libressl.patch
}
build() {
    cd $srcdir/libressl-2.1.2
    echo "#! /bin/bash

./configure" > config
./configure && make -j8 check 
if  [ -d ".openssl" ]; then
  rm -Rf .openssl
fi

mkdir -p .openssl/lib

cp crypto/.libs/libcrypto.a ssl/.libs/libssl.a .openssl/lib
cd .openssl && ln -s ../include ./

  cd $srcdir/nginx-$pkgver
  ./configure \
   --with-openssl="$srcdir/libressl-2.1.2" \
    --prefix=/etc/nginx \
    --conf-path=/etc/nginx/nginx.conf \
    --sbin-path=/usr/bin/nginx \
    --pid-path=/run/nginx.pid \
    --lock-path=/run/lock/nginx.lock \
    --user=http \
    --group=http \
    --http-log-path=/var/log/nginx/access.log \
    --error-log-path=stderr \
    --http-client-body-temp-path=/var/lib/nginx/client-body \
    --http-proxy-temp-path=/var/lib/nginx/proxy \
    --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
    --http-scgi-temp-path=/var/lib/nginx/scgi \
    --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
    --with-imap \
    --with-imap_ssl_module \
    --with-ipv6 \
    --with-pcre-jit \
    --with-file-aio \
      --with-pcre \
        --with-libatomic  \
 --with-http_ssl_module  \
  --with-http_spdy_module  \
  --with-http_realip_module  \
  --with-http_addition_module  \
  --with-http_xslt_module   \
  --with-http_image_filter_module \
  --with-http_geoip_module   \
  --with-http_sub_module      \
  --with-http_dav_module     \
  --with-http_flv_module  \
  --with-http_mp4_module \
  --with-http_gunzip_module \
  --with-http_gzip_static_module  \
  --with-http_auth_request_module  \
  --with-http_random_index_module  \
  --with-http_secure_link_module  \
  --with-http_degradation_module \
  --with-http_stub_status_module \
    --with-http_perl_module \
      --with-mail  \
       --with-mail_ssl_module \
         --with-google_perftools_module \
     --with-poll_module \
       --with-rtsig_module  \
  --with-select_module \
                --add-module=../${_cachepurge_dirname} \
                --add-module=../${_echo_dirname} \
                --add-module=../${_headersmore_dirname} \
                --add-module=../${_slowfscache_dirname} \
                --add-module=../${_uploadprogress_dirname} \
                --add-module=../${_upstreamfair_dirname} \
                --add-module=../${_authpam_dirname} \
                --add-module=../${_pagespeed_dirname} \
                --add-module=../${_accesskey_dirname} \
                --add-module=../${_rtmp_dirname} \
                --add-module=../${_http_internal_redirect_dirname} \
                --add-module=../${_davext_dirname} \
                --add-module=../ngx_mongo

        touch $srcdir/libressl-2.1.2/.openssl/include/openssl/ssl.h

  make
}

package() {
  cd $srcdir/nginx-$pkgver
  make DESTDIR="$pkgdir" install

  sed -e 's|\<user\s\+\w\+;|user html;|g' \
    -e '44s|html|/usr/share/nginx/html|' \
    -e '54s|html|/usr/share/nginx/html|' \
    -i "$pkgdir"/etc/nginx/nginx.conf

  rm "$pkgdir"/etc/nginx/*.default

  install -d "$pkgdir"/var/lib/nginx
  install -dm700 "$pkgdir"/var/lib/nginx/proxy

  chmod 750 "$pkgdir"/var/log/nginx
  chown http:log "$pkgdir"/var/log/nginx

  install -d "$pkgdir"/usr/share/nginx
  cp -r "$pkgdir"/etc/nginx/html/ "$pkgdir"/usr/share/nginx

  install -Dm644 ../logrotate "$pkgdir"/etc/logrotate.d/nginx
  install -Dm644 ../service "$pkgdir"/usr/lib/systemd/system/nginx.service
  install -Dm644 LICENSE "$pkgdir"/usr/share/licenses/$pkgname/LICENSE

  rmdir "$pkgdir"/run
}

# vim:set ts=2 sw=2 et:

Hi,
LibreSSL uses the arc4random function directly on FreeBSD. The implementations of arc4random on FreeBSD and possibly other systems, such as NetBSD and DragonFly BSD, suffer from the PID wraparound issue described here: https://www.agwa.name/blog/post/libressls_prng_is_unsafe_on_linux.
I'm not sure how to implement a stir-less API on FreeBSD that can properly deal with forking. There does not seem to be anything like MAP_INHERIT_ZERO. There is "pthread_atfork(NULL, NULL, arc4random_stir)", but that is only available when using pthreads.

asprintf(), vasprintf() and strndup() are GNU extensions and not POSIX.
Could you include these 3 functions like strlcat() and strlcpy()
under crypto/compat/, please ?
Thanks.

Through various macro expansion and copying, we end up with 2 copies of the user's CFLAGS in the build line. They should only appear once.

Thanks for providing signed checksums of the releases on http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/ !

I respectfully suggest offering OpenPGP signatures, at least as an alternative, would be more portable. My systems don't have signify.

https://issues.asterisk.org/jira/browse/ASTERISK-24472

Hi,
It seems that current head build fails on mingw64, error messages are like this.

...
  CCLD     libcrypto.la
whrlpool\\.libs\\libcrypto_la-wp_block.o: In function `whirlpool_block':C:\mingw64\msys\home\xyz\libressl-2.1.2d\crypto/whrlpool/wp_block.c:634: undefined reference to `__stack_chk_fail'
whrlpool\\.libs\\libcrypto_la-wp_block.o:wp_block.c:(.rdata$.refptr.__stack_chk_guard[.refptr.__stack_chk_guard]+0x0): undefined reference to `__stack_chk_guard'
...

I think this comes from PL #53 that added -fstack-protector-all .

With ./configure --disable-hardening , I could build, though, is there any way to work with -fstack-protector-all on mingw64 ?

Thanks.

Hello. For feature requests/bug reports on libressl-portalbe what do you prefer, this specific github or one of the mailing list of openbsd (which one ?) ?
Thank you.

Hi,
tests/pq_test.sh uses /dev/stdin like this.

./pq_test | cmp $srcdir/pq_expected.txt /dev/stdin

I checked with HP-UX 11.31, but it does not have /dev/stdin.
How about using '-' instead of /dev/stdin, like this.

./pq_test | cmp $srcdir/pq_expected.txt -

Sorry, but I don't have any other environment such as supported by current libressl-portable,
I can't verify this method works well in other platform.

Thanks.

Hello.

The latest digest list of LibreSSL tarballs (SHA256 and SHA256.sig) fails to verify because file names now contain full path specification (e.g. /home/sign/libressl-2.0.0.tar.gz).

BTW, great work on LibreSSL - many thanks.

PS Those wishing to verify LibreSSL tarballs can use my portable version of OpenBSD's signify (project I began back in May [1]). It is quite self-contained and doesn't depend on things like libbsd or OpenSSL or LibreSSL. So, I anticipate it should build on many systems (tested on Linux and Windows/Cygwin).

The latest version was sync'd on 20140902:

• http://sf.net/projects/slackdepot/files/signify/signify-portable-20140902.tar.bz2

My example-driven HOWTO should be enough to get one started.

[1] http://www.linuxquestions.org/questions/slackware-14/openbsd%27s-new-john-hancock-4175504101/

__progname is used in tests/arc4randomforktest.c,
but it seems not portable.
I think argv[0] is better.
Thanks.

Since mingw/mingw64 is a supported platform, it would be ideal to set it up for continuous integration - preferably a true Windows build or a Ubuntu to Windows cross compile.

This could be tricky due to the proliferation of buggy targets, based on reading BoringSSL commits.

I wonder if there are any ARMv7/v8 enthusiasts out there that would like to take this on.

Hi,
I was just wondering if something about the release process is interfering with the work done in #40 ?

I can successfully build against nginx if I clone from Github, but downloading the 2.1.2 release direct from http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-2.1.2.tar.gz doesn't appear to contain the ./config file created in this PR. I had figured the release may well have been created prior to this commit, but the commit directly after it, e864776, contains a change that is reflected in the download.

As a side note, changes in 2.1.2 which define TLSEXT_TYPE_application_layer_protocol_negotiation break nginx again, but I'm viewing that as something on their side.

At line 81 of tests/gcm128test.c, member K is initialized like this.

.K = {},

This syntax seems allowed with gcc, but not with c99.

How about changing the initialization code like this.

.K = {0},

Thanks

I see there's a release published at http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/

It would be nice to have the code tagged here in the repo as well for simpler history retrieval and verification. Signed tags, preferably.

Hi,

I noticed that patch error occurs in current HEAD.

...
copying openssl(1) source
can't find file to patch at input line 5
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/src/usr.bin/openssl/openssl.c b/src/usr.bin/openssl/openssl.c
|index e7dd11c..cfd4593 100644
|--- a/src/usr.bin/openssl/openssl.c
|+++ b/src/usr.bin/openssl/openssl.c
--------------------------
File to patch:

It seems that update.sh should execute patch -p4 not patch -p5.

(cd apps; patch -p5 < $CWD/patches/win_bio_sock_init.diff)

After changing -p5 to -p4, it runs through good like this.

...
copying openssl(1) source
patching file openssl.c
patching file s_socket.c
copying libssl source
...

Thanks.

Hello. Could you provide a way to suffix the names of manual pages ? Currently, you have to rename those man pages: libressl creates a /usr/share/man/man1/passwd.1 for example, a path/name that is already used by the shadow tool suite. Openssl uses MANSUFFIX passed to make.
Thank you.

I tried libressl-2.0.0.tar.gz on Fedora rawhide with glibc-headers-2.19.90-23.fc21.x86_64, but configure fails:
configure:3445: checking whether we are cross compiling
configure:3453: gcc -o conftest -Wall -Werror -std=c99 -g -Wno-pointer-sign -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE conftest.c >&5
In file included from /usr/include/stdio.h:27:0,
from conftest.c:11:
/usr/include/features.h:148:3: error: #warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE" [-Werror=cpp]

warning "_BSD_SOURCE and _SVID_SOURCE are deprecated, use _DEFAULT_SOURCE"

^
cc1: all warnings being treated as errors
configure:3457: $? = 1
configure:3464: ./conftest
./configure: line 3466: ./conftest: No such file or directory
configure:3468: $? = 127
configure:3475: error: in /home/austin/libressl-2.0.0': configure:3477: error: cannot run C compiled programs. If you meant to cross compile, use--host'.
See `config.log' for more details

changing configure to use both _DEFAULT_SOURCE and _BSD_SOURCE works. See https://perkamon.alioth.debian.org/online/man7/feature_test_macros.7.php

I'll attach a patch.

Hi,

http://marc.info/?l=openbsd-tech&m=140561060124770&w=2

• Use fprintf and exit instead of err() in the core library (only used
  once). Perhaps the regression tests too.

As ML message above,
there are some source code using err(), errx() and warnx()
and those include <err.h>.

./apps/openssl.c
./tests/arc4randomforktest.c
./tests/pkcs7test.c
./tests/asn1test.c
./tests/base64test.c
./tests/mont.c
./tests/utf8test.c
./tests/chachatest.c
./tests/gcm128test.c

And I noticed that this commit replace errx() but still include <err.h>.
http://freshbsd.org/commit/openbsd/ab6a603f81f63bf70b9746a0750685968d2856ca?diff=lib%2Flibssl%2Fsrc%2Fapps%2Fopenssl.c

I think #include <err.h> should be removed.

Thanks.

Hi,
here is my thoughts while look around repository.

1. place of OS-specific source files
   arc4random_(arch).h and getentropy_(arch).c
   under repository 'openbsd' src/lib/libcrypto/crypto/
   should be placed under repository 'portable' crypto/compat/
   like issetugid_(arch).c
   I feel it is better that OS-specific files keep in 'portable' repository only.
2. bsd-asprintf.c
   crypto/compat/bsd-asprinf.c isn't needed anymore,
   asprintf.c is there instead.

Thanks.

Sorry if this a total noob question:

It compiled just beautifully on OSX Mounatin Lion, When I run the "version"command on the resulting "openssl" it does give the answer (LibreSSL 2.1) but also gives a warning:

"WARNING: can't open config file: /etc/ssl/openssl.cnf"

Not sure what that means, how serious it is and how to correct it. I am basically trying to use LibreSSL as a embedded solution within an Applescript application instead of using OpenSSL static library so I can issue shell commands and not use the built in OpenSSL which has been deprecated by Apple.

Even with OPENSSL_NO_DYNENGINE it is still possible to trigger dynamic engine loading code:

../apps/openssl engine -engine padlock
3073939132:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:../../portable/crypto/engine/eng_dyn.c:454:
3073939132:error:2606A074:engine routines:ENGINE_by_id:no such engine:../../portable/crypto/engine/eng_list.c:414:id=-engine
3073939132:error:260B6084:engine routines:DYNAMIC_LOAD:dso not found:../../portable/crypto/engine/eng_dyn.c:454:
3073939132:error:2606A074:engine routines:ENGINE_by_id:no such engine:../../portable/crypto/engine/eng_list.c:414:id=padlock

LibreSSL is compiled with OPENSSL_NO_ASM and does not enable assembly optimized versions of ciphers/digests/etc.

Hi,

memmem() is used in ./tests/explicit_bzero.c.
memmem() seems GNU extension.
I think this should be replaced by strstr() or something like that.

Thanks.

Thanks for putting the effort into providing portable libressl sources.

Are there any plans to support building libtls (as in tls.h, tls_init and friends), too?

Thanks again :)
Stephan

Hi.

ASN1_generate_nconf.3 is missing (empty file) from LibreSSL 2.0.5 (2.0.4 and earlier are fine).

As far as I can tell nothing changed upstream (OpenBSD) and I am able to locally
pod2man the file at http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/doc/crypto/ASN1_generate_nconf.pod.

--mancha

I took the effort to make a start on adapting the OpenSSL patch for TLS_FALLBACK_SCSV to LibreSSL. The original patch was taken from:
http://marc.info/?l=openssl-dev&m=141333049205629&q=p6

The adapted patch is currently available at:
https://github.com/johansglock/poudriere.d/blob/master/local-patches/libressl-fallback-scsv.patch

This patch is based on the tarball of the 2.1.0 release. I have this patch running on my private server and seems to functioning in some basic testing. If other people would be willing to test some more that would be great.

Any feedback on potential issues or style to get this included would be great.

Update:
Just fixed a stupid bug which I overlooked. Including my test results now. OpenSSL 1.0.1j connecting to LibreSSL host:
[SUCCESS] openssl s_client -tls1 -connect myhost.nl:443
[SUCCESS] openssl s_client -tls1_1 -connect myhost.nl:443
[SUCCESS] openssl s_client -tls1_2 -connect myhost.nl:443
[SUCCESS] openssl s_client -fallback_scsv -connect myhost.nl:443
[SUCCESS] openssl s_client -fallback_scsv -tls1_2 -connect myhost.nl:443
[FAIL] openssl s_client -fallback_scsv -tls1_1 -connect myhost.nl:443
[FAIL] openssl s_client -fallback_scsv -tls1 -connect myhost.nl:443

LibreSSL connecting to Google:
[SUCCESS] openssl s_client -fallback_scsv -tls1_2 -connect google.com:443
[FAIL] openssl s_client -fallback_scsv -tls1 -connect google.com:443
[SUCCESS] openssl s_client -fallback_scsv -connect google.com:443

These results are all as expected.

[crypto/asn1/n_pkey.c:226]: (error) Memory leak: zz
[crypto/des/enc_read.c:121]: (error) Memory leak: tmpbuf
[crypto/des/enc_read.c:145]: (error) Memory leak: net
[crypto/des/enc_read.c:145]: (error) Memory leak: unnet
[crypto/des/enc_read.c:145]: (error) Memory leak: tmpbuf
[crypto/des/ofb64ede.c:86]: (error) Uninitialized variable: d
[crypto/des/ofb64ede.c:87]: (error) Uninitialized variable: d
[crypto/des/ofb64ede.c:103]: (error) Uninitialized variable: d
[crypto/des/ofb64enc.c:84]: (error) Uninitialized variable: d
[crypto/des/ofb64enc.c:85]: (error) Uninitialized variable: d
[crypto/des/ofb64enc.c:96]: (error) Uninitialized variable: d
[crypto/err/err.c:719]: (error) Memory leak: es
[crypto/err/err.c:733]: (error) Memory leak: es
[crypto/err/err.c:857]: (error) Memory leak: es
[crypto/err/err.c:1078]: (error) Memory leak: es
[crypto/err/err.c:1132]: (error) Memory leak: es
[crypto/err/err.c:1153]: (error) Memory leak: es
[crypto/x509/x509_trs.c:202]: (error) Memory leak: trtmp
[openbsd/src/lib/libc/stdlib/malloc.c:1826]: (error) Dereferencing 'pool' after it is deallocated / released
[openbsd/src/lib/libssl/src/crypto/asn1/n_pkey.c:226]: (error) Memory leak: zz
[openbsd/src/lib/libssl/src/crypto/des/enc_read.c:121]: (error) Memory leak: tmpbuf
[openbsd/src/lib/libssl/src/crypto/des/enc_read.c:145]: (error) Memory leak: net
[openbsd/src/lib/libssl/src/crypto/des/enc_read.c:145]: (error) Memory leak: unnet
[openbsd/src/lib/libssl/src/crypto/des/enc_read.c:145]: (error) Memory leak: tmpbuf
[openbsd/src/lib/libssl/src/crypto/des/ofb64ede.c:86]: (error) Uninitialized variable: d
[openbsd/src/lib/libssl/src/crypto/des/ofb64ede.c:87]: (error) Uninitialized variable: d
[openbsd/src/lib/libssl/src/crypto/des/ofb64ede.c:103]: (error) Uninitialized variable: d
[openbsd/src/lib/libssl/src/crypto/des/ofb64enc.c:84]: (error) Uninitialized variable: d
[openbsd/src/lib/libssl/src/crypto/des/ofb64enc.c:85]: (error) Uninitialized variable: d
[openbsd/src/lib/libssl/src/crypto/des/ofb64enc.c:96]: (error) Uninitialized variable: d
[openbsd/src/lib/libssl/src/crypto/err/err.c:719]: (error) Memory leak: es
[openbsd/src/lib/libssl/src/crypto/err/err.c:733]: (error) Memory leak: es
[openbsd/src/lib/libssl/src/crypto/err/err.c:857]: (error) Memory leak: es
[openbsd/src/lib/libssl/src/crypto/err/err.c:1078]: (error) Memory leak: es
[openbsd/src/lib/libssl/src/crypto/err/err.c:1132]: (error) Memory leak: es
[openbsd/src/lib/libssl/src/crypto/err/err.c:1153]: (error) Memory leak: es
[openbsd/src/lib/libssl/src/crypto/x509/x509_trs.c:202]: (error) Memory leak: trtmp
[openbsd/src/regress/lib/libc/cephes/epow.c:166]: (error) Uninitialized variable: signx
[openbsd/src/regress/lib/libc/locale/check_isw/check_isw.c:72]: (error) printf format string requires 1 parameter but only 0 are given.
[openbsd/src/regress/lib/libc/popen/popen.c:97]: (error) Memory leak: buffer
[openbsd/src/regress/lib/libc/sleep/sleep_test.c:57]: (error) Pointer to local array variable returned.
[openbsd/src/regress/lib/libc/sprintf/sprintf_test.c:94]: (error) snprintf format string requires 21 parameters but only 15 are given.
[openbsd/src/regress/lib/libc/time/strptime/main.c:64]: (error) Memory leak: title
[openbsd/src/regress/lib/libcrypto/aeswrap/aes_wrap.c:74]: (error) Memory leak: otmp
[openbsd/src/regress/lib/libcrypto/aeswrap/aes_wrap.c:74]: (error) Memory leak: ptmp
[tests/aes_wrap.c:74]: (error) Memory leak: otmp
[tests/aes_wrap.c:74]: (error) Memory leak: ptmp

Due to missing HAVE_GETAUXVAL check in crypto/compat/getentropy_linux.c
compilation fails with old libc implementations:

  CCLD   openssl
../crypto/.libs/libcrypto.so: undefined reference to `getauxval'
collect2: error: ld returned 1 exit status
make[1]: *** [openssl] Error 1

If you could tag the releases that go into your tar balls I would very much appreciate it.

Fetching & building directly from your repository, using git sub-modules, would greatly simplify work in my project.

Hi,

For the release tracking on http://freshcode.club/projects/libressl I've been using the Changelog directly from GitHub.
But I've just been tipped that this isn't representative of the official releases :/
(2.1.5 is just a prerelease according to /releases, and appeared too early.)

Now the LibreSSL Changelog is obviously/dutily kept updated for current development progress, not just for releases. Which is why it's less suitable for automatic release polling.

So, is there an alternative resource for release announcements perhaps? (Not the mailing list; something discoverable/parseable of course).

Thanks!

noticed while building against an old bionic lib that linux/sysctl.h was not present either

/tmp/ccLdfLLF.s:356: Error: selected processor does not support ARM mode `rev r9,r9'
/tmp/ccLdfLLF.s:392: Error: selected processor does not support ARM mode `rev r3,ip'
/tmp/ccLdfLLF.s:452: Error: selected processor does not support ARM mode `rev r3,r9'
make[1]: *** [modes/libcrypto_la-ctr128.lo] Error 1

it's caused by this command:

gcc -std=gnu99 "-DPACKAGE_NAME=\"libressl\"" "-DPACKAGE_TARNAME=\"libressl\"" "-DPACKAGE_VERSION=\"2.1.1\"" "-DPACKAGE_STRING=\"libressl 2.1.1\"" "-DPACKAGE_BUGREPORT=\"\"" "-DPACKAGE_URL=\"\"" "-DPACKAGE=\"libressl\"" "-DVERSION=\"2.1.1\"" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 "-DLT_OBJDIR=\".libs/\"" -DNO_REALLOCARRAY=1 -DNO_TIMINGSAFE_BCMP=1 -DNO_TIMINGSAFE_MEMCMP=1 -DNO_ARC4RANDOM_BUF=1 -DNO_GETENTROPY=1 -DNO_STRTONUM=1 -DNO_EXPLICIT_BZERO=1 -DHAVE_VA_COPY=1 -DHAVE_GETAUXVAL=1 -DHAVE_ERR_H=1 -I. -I../include -DHAVE_CRYPTODEV -DLIBRESSL_INTERNAL -I../crypto/asn1 -I../crypto/evp -I../crypto/modes -D_GNU_SOURCE -std=gnu99 -g -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE -Wno-pointer-sign  -DOPENSSL_NO_HW_PADLOCK -fdata-sections -ffunction-sections -Os -g0 -fno-unwind-tables -fno-asynchronous-unwind-tables -Wa,--noexecstack -ftree-dce -Wall -std=gnu99 -g -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE -Wno-pointer-sign -MT modes/libcrypto_la-ctr128.lo -MD -MP -MF modes/.deps/libcrypto_la-ctr128.Tpo -c modes/ctr128.c  -fPIC -DPIC -o modes/.libs/libcrypto_la-ctr128.o

the code in question is

@ 210 "modes/ctr128.c" 1
        ctr32 = GETU32(ivec+12);

which expands to

 ctr32 = ({ u32 ret; asm ("rev %0,%1" : "=r"(ret) : "r"((u32)(*(const u32 *)(ivec+12)))); ret; });
   ctr32 = 0;

via crypto/modes/modes_lcl.h BSWAP8 and BSWAP4 macros

# elif (defined(__arm__) || defined(__arm)) && !defined(__STRICT_ALIGNMENT)
#  define BSWAP8(x) ({  u32 lo=(u64)(x)>>32,hi=(x);     \
                        asm ("rev %0,%0; rev %1,%1"     \
                        : "+r"(hi),"+r"(lo));           \
                        (u64)hi<<32|lo;                 })
#  define BSWAP4(x) ({  u32 ret;                        \
                        asm ("rev %0,%1"                \
                        : "=r"(ret) : "r"((u32)(x)));   \
                        ret;                            })

i was told that the rev instructions is only supported by some new arm cpus, thus the error trying to use it on not-latest-arm-cpu

I am trying to build with uClibc C library libressl v2.0.2 however I ran into 2 issues:

• uClibc defines GLIBC, so to test that the C library is really glibc it needs to be:

 #if defined(__GLIBC__) && !defined(__UCLIBC__)

• getauxval() is used in getentropy_linux.c without HAVE_GETAUXVAL check

It would be nice to have uClibc support

The current HTTP client in the OCSP code is very simple, and breaks if there is an HTTP proxy. It might be useful to fix it, or to use a more robust HTTP client library (if it is available) to implement the 'openssl ocsp' command.