LibreSSL
| Original author(s) | The OpenSSL Project |
|---|---|
| Developer(s) | The OpenBSD Project |
| Initial release | 2.0.0 / 11 July 2014 |
| Stable release | 3.9.1[2]
/ 27 March 2024 |
| Preview release | 3.9.0 (9 March 2024[3][4]) [±] |
| Repository | |
| Written in | library |
| License | Apache-1.0, BSD-4-Clause, ISC, public domain |
| Website | www |
LibreSSL is an
History
After the
LibreSSL was initially developed as an intended replacement for OpenSSL in OpenBSD 5.6, and was ported to other platforms once a stripped-down version of the library was stable.[15] As of April 2014[update], the project was seeking a "stable commitment" of external funding.[13] On 17 May 2014, Bob Beck presented "LibreSSL: The First 30 Days, and What The Future Holds" during the 2014 BSDCan conference, in which he described the progress made in the first month.[16] On 5 June 2014, several OpenSSL bugs became public. While several projects were notified in advance,[17] LibreSSL was not; Theo de Raadt accused the OpenSSL developers of intentionally withholding this information from OpenBSD and LibreSSL.[18]
On 20 June 2014,
As of 2021, OpenBSD uses LibreSSL as the primary SSL library. Alpine Linux supported LibreSSL as its primary TLS library for three years, until release 3.9.0 in January 2019. Gentoo supported LibreSSL until February 2021.[25] Python 3.10 drops LibreSSL support[26] after being supported since Python 3.4.3 (2015).[27]
Adoption
LibreSSL is the default provider of TLS for:
- Dragonfly BSD[28]
- OpenBSD[14]
- Hyperbola GNU/Linux-libre[29]
- OpenSSH on Windows
LibreSSL is the default provider of TLS for these now-discontinued systems:
LibreSSL is a selectable provider of TLS for:
- FreeBSD packages[33]
- Gentoo packages[34] (support dropped as of February 2021[35][36][37])
- OPNsense packages [38] (will be dropped after 22.7[39])
- macOS
Changes
Changes include replacement of custom memory calls to ones in a
Fixes for potential
Proactive measures
In order to maintain good programming practice, a number of compiler options and flags designed for safety have been enabled by default to help in spotting potential issues so they can be fixed earlier (-Wall, -Werror, -Wextra, -Wuninitialized). There have also been
Changes were made to ensure that LibreSSL will be
explicit_bzero and bn_clear calls were added to prevent the compiler from optimizing them out and prevent attackers from reading previously allocated memory.
Cryptographic
There were changes to help ensure proper
Added features
The initial release of LibreSSL added a number of features: the ChaCha and Poly1305 algorithm, the Brainpool and ANSSI elliptic curves, and the AES-GCM and ChaCha20-Poly1305 AEAD modes.
Later versions added the following:[45]
- 2.1.0: Automatic ephemeral EC keys.[46]
- 2.1.2: Built-in arc4random implementation on macOS and FreeBSD.[47]
- 2.1.2: Reworked GOST cipher suite support.
- 2.1.3: ALPN support.[48]
- 2.1.3: Support for SHA-256 and Camelliacipher suites.
- 2.1.4: TLS_FALLBACK_SCSV server-side support.[49]
- 2.1.4: certhash as a replacement of the c_rehash script.
- 2.1.4: X509_STORE_load_mem API for loading certificates from memory (enhance chroot support).
- 2.1.4: Experimental binaries.
- 2.1.5: Minor update mainly for improving Windows support, first working 32- and 64-bit binaries.[50]
- 2.1.6: libtls declared stable and enabled by default.[51]
- 2.2.0:
- 2.2.1: Addition of EC_curve_nid2nist and EC_curve_nist2nid[53] from OpenSSL, initial Windows XP/2003 support.
- 2.2.2: Defines LIBRESSL_VERSION_NUMBER,[54] added TLS_*methods as a replacement for the SSLv23_*method calls, cmake build support.
Old insecure features
The initial release of LibreSSL disabled a number of features by default.
Later versions disabled more features:
- 2.1.1: Following the discovery of the SSL 3.0 protocol, LibreSSL now disables the use of SSL 3.0 by default.[55]
- 2.1.3: GOST R 34.10-94 signature authentication.[45][48]
- 2.2.1: Removal of Dynamic Engine and MDC-2DES support[53]
- 2.2.2: Removal of SSL 3.0 from the openssl binary, removal of Internet Explorer 6 workarounds, RSAX engine.[54]
- 2.3.0: Complete removal of SSL 3.0, SHA-0 and DTLS1_BAD_VER.
Code removal
The initial release of LibreSSL has removed a number of features that were deemed insecure, unnecessary or deprecated as part of OpenBSD 5.6.
- In response to Heartbleed, the heartbeat functionality[56] was one of the first features to be removed.
- Support for obsolete platforms (16-bit Windows) were removed.
- Support for some older platforms (OpenVMS) was removed.
- Support for platforms that do not exist, such as amd64.[57]
- Support for old compilers.
- The non-freelibraries.
- The OpenSSL ChaCha20-based implementation of arc4random).
- Preprocessor macros that have been deemed unnecessary or insecure or had already been deprecated in OpenSSL for a long time (e.g. des_old.h).
- Older unneeded files for assembly language, C, and Perl (e.g. EGD).
- MD2, SEEDfunctionality.
- SSL 3.0, SHA-0, DTLS1_BAD_VER
The Dual EC DRBG algorithm, which is suspected of having a back door,[58] was cut along with support for the FIPS 140-2 standard that required[citation needed] it. Unused protocols and insecure algorithms have also been removed, including the support for FIPS 140-2,[59] MD4/MD5[45] J-PAKE,[14] and SRP.[60]
Bug backlog
One of the complaints of OpenSSL was the number of open bugs reported in the bug tracker that had gone unfixed for years. Older bugs are now being fixed in LibreSSL.[61]
See also
Free Software portal
References
- ^ Cook, Brent (2 May 2017). "LibreSSL, almost Two Years Later". InfoSec Southwest. YouTube. Retrieved 15 September 2018.
- ^ Brent Cook (28 March 2024). "LibreSSL 3.8.4 and 3.9.1 released". Retrieved 28 March 2024.
- ^ "LibreSSL". Retrieved 14 March 2024.
- ^ "LibreSSL Releases". Retrieved 14 March 2024.
- ^ "LibreSSL Releases".
- ^ a b Unangst, Ted (22 April 2014). "Origins of libressl". flak. Retrieved 24 April 2014.
- ^ Kerner, Sean Michael (22 April 2014). "After Heartbleed, OpenSSL Is Forked Into LibreSSL". eWeek. Retrieved 24 April 2014.
- ^ "Not Just a Cleanup Any More: LibreSSL Project Announced". Slashdot. 22 April 2014. Retrieved 24 April 2014.
- ^ M, Constantine (17 May 2014). Soulskill (ed.). "30-Day Status Update On LibreSSL". Slashdot.
- ^ "LibreSSL".
- ^ ZDNet. Retrieved 21 April 2014.
- ^ Hessler, Peter (15 April 2014). "OpenBSD has started a massive strip-down and cleanup of OpenSSL". OpenBSD Journal. Retrieved 24 April 2014.
- ^ a b Brodkin, Jon (22 April 2014). "OpenSSL code beyond repair, claims creator of "LibreSSL" fork". Ars Technica. Retrieved 24 April 2014.
- ^ a b c d Jacoutot, Antoine (1 November 2014). "OpenBSD 5.6 Released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ McCallion, Jane (22 April 2014). "Heartbleed: LibreSSL scrubs "irresponsible" OpenSSL code". PC Pro. Archived from the original on 26 June 2014. Retrieved 23 April 2014.
- ^ Beck, Bob (17 May 2014). "LibreSSL: The first 30 days, and what the Future Holds Slides". Retrieved 17 May 2014.
- ^ "Re: OpenSSL seven security fixes". oss-sec (Mailing list). 5 June 2014. Retrieved 9 June 2014.
- ^ de Raadt, Theo (5 June 2014). "Re: new OpenSSL flaws". openbsd-misc (Mailing list). Retrieved 9 June 2014.
- ^ a b Langley, Adam (20 June 2014). "BoringSSL (20 Jun 2014)". Imperialviolet.org. Retrieved 21 June 2014.
- ^ Goodin, Dan (20 June 2014). "Google unveils independent "fork" of OpenSSL called "BoringSSL"". Ars Technica. Retrieved 21 June 2014.
- ^ Sing, Joel (21 June 2014). "OpenBSD — lib/libssl/src/crypto/evp evp_aead.c e_chacha20poly1305.c". Archived from the original on 22 June 2014. Retrieved 21 June 2014.
- ^ de Raadt, Theo (21 June 2014). "Boringssl and such". openbsd-tech (Mailing list). Retrieved 28 October 2015.
- ^ Beck, Bob (8 July 2014). "OpenBSD - lib/libcrypto/crypto getentropy_osx.c getentropy_solaris.c". Archived from the original on 22 July 2014. Retrieved 8 July 2014.
- ^ Beck, Bob (20 June 2014). "OpenBSD — lib/libcrypto/crypto getentropy_linux.c". Archived from the original on 9 July 2014.
- ^ "LibreSSL languishes on Linux [LWN.net]". lwn.net. Retrieved 6 January 2021.
- ^ "PEP 644 -- Require OpenSSL 1.1.1 or newer".
- ^ "Changelog — Python 3.4.10 documentation".
- ^ Marino, John. "[Beta] Switch base to use private LibreSSL libraries". Retrieved 9 November 2018.
- ^ "Milky Way v0.3 release". Hyperbola Project. 23 September 2019. Retrieved 23 September 2019.
- ^ Raue, Stephan. "OpenELEC Mediacenter - [Beta] OpenELEC 6.0 Beta 2 released". Openelec.tv. Archived from the original on 26 November 2015. Retrieved 20 August 2015.
- ^ "PC-BSD Evolves into TrueOS". Archived from the original on 16 September 2016. Retrieved 16 September 2016.
- ^ VonFange, Mark. "PC-BSD 10.1.2: an Interview with Kris Moore". Official PC-BSD Blog. Retrieved 15 October 2015.
- ^ "Add DEFAULT_VERSIONS=ssl=XXX". Svnweb.freebsd.org.
- ^ "Project:LibreSSL - Gentoo". Wiki.gentoo.org.
- ^ Górny, Michał (5 January 2021). "LibreSSL support discontinued". www.gentoo.org. Retrieved 30 March 2021.
- ^ Górny, Michał (31 December 2020). "Bug 762847 - dev-libs/libressl: Removal". bugs.gentoo.org. Retrieved 30 March 2021.
- ^ Górny, Michał (28 December 2020). "[gentoo-dev] [RFC] Discontinuing LibreSSL support?". archives.gentoo.org. Retrieved 30 March 2021.
- ^ "OPNsense version 15.7 Released". OPNsense. Retrieved 15 October 2015.
- ^ "OPNsense version 22.7 Released". OPNsense. Retrieved 5 August 2022.
- ^ Orr, William (23 April 2014). "A quick recap over the last week". OpenSSL Valhalla Rampage. Retrieved 30 April 2014.
- ^ "OpenBSD LibreSSL CVS Calloc Commits". Secure.freshbsd.org.
- ^ "OpenBSD LibreSSL CVS Double Free Commits". Secure.freshbsd.org.
- ^ "OpenBSD LibreSSL CVS insecure seeding". Secure.freshbsd.org.
- ^ "OpenBSD LibreSSL CVS Kernel Seeding". Secure.freshbsd.org. Archived from the original on 16 September 2014.
- ^ a b c "LibreSSL-portable ChangeLog". LibreSSL. 15 October 2021.
- ^ Beck, Bob (12 October 2014). "LibreSSL 2.1.0 released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ Beck, Bob (9 December 2014). "LibreSSL 2.1.2 released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ a b Cook, Brent (22 January 2015). "LibreSSL 2.1.3 released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ Cook, Brent (4 March 2015). "LibreSSL 2.1.4 released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ Cook, Brent (17 March 2015). "LibreSSL 2.1.5 released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ Cook, Brent (19 March 2015). "LibreSSL 2.1.6 released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ Cook, Brent (11 June 2015). "LibreSSL 2.1.7 and 2.2.0 released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ a b Cook, Brent (9 July 2015). "LibreSSL 2.2.1 released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ a b Cook, Brent (6 August 2015). "LibreSSL 2.2.2 released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ Beck, Bob (16 October 2014). "LibreSSL 2.1.1 released". openbsd-tech (Mailing list).
- ^ "OpenBSD LibreSSL CVS OPENSSL_NO_HEARTBEATS".
- ^ Miod Vallat. "Remove support for big-endian i386 and amd64". openbsd-cvs (Mailing list).
- ^ Perlroth, Nicole (10 September 2013). "Government Announces Steps to Restore Confidence on Encryption Standards". The New York Times. Retrieved 9 May 2014.
- ^ "The future (or lack thereof) of LibreSSL's FIPS Object Module".
- ^ Beck, Bob (3 August 2014). "LibreSSL 2.0.4 released". openbsd-announce (Mailing list). Retrieved 28 October 2015.
- ^ Vallat, Miod (10 November 2014). "Re: CVS: cvs.openbsd.org: src". openbsd-cvs (Mailing list). Retrieved 28 October 2015.
External links
| Email clients | |
|---|---|
OTR | |
| SSH | |
| TLS & SSL | |
| VPN | |
| ZRTP | |
| P2P |
|
| DRA |
|
(Comparison)
operating system
- Tails
- Qubes
- Freenet
- Tresorit
- Wuala
- NordLocker
