Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test against the LibreSSL fork of OpenSSL? #928

Closed
public opened this issue Apr 16, 2014 · 7 comments
Closed

Test against the LibreSSL fork of OpenSSL? #928

public opened this issue Apr 16, 2014 · 7 comments
Labels
administrative testing

Comments

@public
Copy link
Member

public commented Apr 16, 2014

http://www.libressl.org/

http://opensslrampage.org/
@Ayrx
Copy link
Contributor

Ayrx commented Apr 16, 2014

Probably a little bit premature to be even thinking about it given that the fork only happened a few days ago and no indication on how compatible it will be with the upstream OpenSSL imo.

@public
Copy link
Member Author

public commented Apr 16, 2014

Waiting until it's at least in an actual OpenBSD elease makes sense. I was
mostly opening this as a placeholder :-)

@public public changed the title Test against OpenBSDs fork of OpenSSL? Test against the LibreSSL fork of OpenSSL? Apr 22, 2014
@koobs
Copy link
Contributor

koobs commented Dec 20, 2014

Adding end user reported build failure of py-cryptography on FreeBSD, with LibreSSL from ports, in case it helps get the ball rolling

http://dpaste.com/23R20GY.txt

@alex
Copy link
Member

alex commented Dec 20, 2014

So, first thing I spot is that all the TLS compression stuff is removed.

On Sat Dec 20 2014 at 3:43:17 AM Kubilay Kocak [email protected]
wrote:

Adding end user reported build failure of py-cryptography on FreeBSD, with
LibreSSL from ports, in case it helps get the ball rolling

http://dpaste.com/23R20GY.txt


Reply to this email directly or view it on GitHub
#928 (comment).

@reaperhulk
Copy link
Member

With the assistance of @Sp1l we've gotten libre building and running tests. To support this properly I think we're ultimately going to need to fork the openssl backend. This has advantages (we can remove a huge amount of feature detection for old versions of OpenSSL) and disadvantages (there will be significant code duplication). The two major changes are:

@Sp1l
Copy link
Contributor

Sp1l commented Jan 17, 2015

Just submitted https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196827 to FreeBSD ports.
2. Removes EGD (Perl Entropy Gathering Daemon) support. This hasn't been needed on FreeBSD since FreeBSD 4.2
3. Disable compression conditionally using OPENSSL_NO_COMP
4. Check features, not version for x509_vfy
Seems to be working fine for me! Thanks to https://github.com/gentoo/libressl/tree/master/dev-python/cryptography

uqs pushed a commit to freebsd/freebsd-ports that referenced this issue Jan 18, 2015
security/py-cryptography: Update to 0.7.2, Fix LibreSSL
e8e27f7 
- Update to 0.7.2
- Update BUILD_DEPENDS and TEST_DEPENDS
- Patch upstream sources to fix LibreSSL:

  * Remove EGD (Perl Entropy Gathering Daemon) support. This hasn't
    been needed on FreeBSD since FreeBSD 4.2
  * Disable compression conditionally using OPENSSL_NO_COMP
  * Check features, not version for x509_vfy

[1] pyca/cryptography#928

PR:		196827
Submitted by:	Bernard Spil <spil.oss gmail com>


git-svn-id: svn+ssh://svn.freebsd.org/ports/head@377287 35697150-7ecd-e111-bb59-0022644237b5
koobs added a commit to freebsd/freebsd-ports that referenced this issue Jan 18, 2015
@koobs
security/py-cryptography: Update to 0.7.2, Fix LibreSSL
9e1fd42 
- Update to 0.7.2
- Update BUILD_DEPENDS and TEST_DEPENDS
- Patch upstream sources to fix LibreSSL:

  * Remove EGD (Perl Entropy Gathering Daemon) support. This hasn't
    been needed on FreeBSD since FreeBSD 4.2
  * Disable compression conditionally using OPENSSL_NO_COMP
  * Check features, not version for x509_vfy

[1] pyca/cryptography#928

PR:		196827
Submitted by:	Bernard Spil <spil.oss gmail com>
@Sp1l Sp1l mentioned this issue Jan 20, 2015
Closed
@reaperhulk
Copy link
Member

We do this now.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
administrative testing
Milestone
No milestone
Development

No branches or pull requests
6 participants
@alex @public @reaperhulk @koobs @Ayrx @Sp1l