generic-library/libreSSL
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
79 Commits 8 Branches 48 Tags 1.3 MiB
C 36.2%
CMake 18.6%
Makefile 17.8%
Shell 16%
M4 7.5%
Other 3.8%
a5c82283e0
Go to file
Brent Cook a5c82283e0 remove per-OS arc4random_buf overrides 
If an OS provides an arc4random_buf implementation in its C library,
prefer it over an in-library version. This allows OS-specific
implementations to become more robust over time. It also prevents
possible link-time confusion as to which arc4random_buf implementation
is in use by an application when linked with LibreSSL.

The built-in unit tests will identify some common issues, such as fork
safety and PID wrap handling. Other elements, such as seeding
mechanisms, should be audited by the vendor or user for correctness.

ok deraadt@ beck@
2014-07-24 21:36:38 -05:00
apps use correct link order for app and tests 2014-07-21 19:53:52 -05:00
crypto test for and use system explicit_bzero if it exists 2014-07-21 19:54:07 -05:00
include build openbsd memmem implementation for explicit_bzero test 2014-07-21 20:29:49 -05:00
man more manpage links 2014-07-11 05:02:17 -05:00
ssl initial top-level import of subdirectories 2014-07-10 06:22:54 -05:00
tests clarify license and origin for pidwraptest 2014-07-23 20:10:17 -05:00
.gitignore build openbsd memmem implementation for explicit_bzero test 2014-07-21 20:29:49 -05:00
AUTHORS initial top-level import 2014-07-10 06:07:09 -05:00
autogen.sh initial top-level import 2014-07-10 06:07:09 -05:00
configure.ac.tpl remove per-OS arc4random_buf overrides 2014-07-24 21:36:38 -05:00
libcrypto.pc.in add platform libraries to libcompat's LIBADD list 2014-07-12 03:34:08 -05:00
libressl.pub Add the public signing key so it can be fetched from github 2014-07-14 20:50:52 -06:00
libssl.pc.in add platform libraries to libcompat's LIBADD list 2014-07-12 03:34:08 -05:00
Makefile.am add platform libraries to libcompat's LIBADD list 2014-07-12 03:34:08 -05:00
Makefile.am.common put CPP defines in CPPFLAGS 2014-07-11 03:56:57 -05:00
NEWS initial top-level import 2014-07-10 06:07:09 -05:00
openssl.pc.in add platform libraries to libcompat's LIBADD list 2014-07-12 03:34:08 -05:00
README add calloc to the list (integer overflow..) 2014-07-21 21:07:26 -06:00
update.sh build openbsd memmem implementation for explicit_bzero test 2014-07-21 20:29:49 -05:00
VERSION bump version 2014-07-21 20:36:14 -05:00

README 

This package is the official portable version of LibreSSL
(http://www.libressl.org).

LibreSSL is a fork of OpenSSL developed by the OpenBSD project
(http://www.openbsd.org). LibreSSL is developed on OpenBSD. This
package then adds portability shims for other operating systems. 

Official release tarballs are available at your friendly neighborhood
OpenBSD mirror in directory LibreSSL, e.g.:
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/
although it is suggested you use a mirror. 

Development is done in the upstream OpenBSD codebase.  A github clone
of the official repositories is kept at:
https://github.com/libressl-portable
We update this repository from the OpenBSD respositories
semi-frequently, so changes may not show up in GitHub immediately. 
The GitHub repository should be used for informational purposes
only.

./configure && make check && make install

See crypto/compat for the bulk of the local compatibility code. 

It will likely build on any reasonably modern version of Linux, Solaris,
or OSX with a sane compiler and C library.

Note: Our policy is generally to use your system provided intrinsics.
If your system provides security sensitive functions (such as
arc4random(), issetugid(), calloc(), getentropy(), and others) we will
assume they are implemented correctly and securely. If they are
not please contact your OS provider.