Jump to content

LibreSSL: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
m Tamersaadeh moved page LibReSSL to LibreSSL over redirect: They have renamed the library again to LibreSSL from LibReSSL. Source: http://www.libressl.org/
started with the initial renaming of the page from LibReSSL to LibreSSL
Line 1: Line 1:
{{Use dmy dates|date=April 2014}}
{{Use dmy dates|date=April 2014}}
{{Infobox software
{{Infobox software
| name = LibReSSL
| name = LibreSSL
| logo = LibReSSL_logo_as_of_2014-06-24.png
| logo = LibReSSL_logo_as_of_2014-06-24.png
| logo_size = 250px
| logo_size = 250px
| alt = The word LibReSSL, written in black on a white background, using the font Comic Sans
| alt = The word LibreSSL, written in black on a white background, using the font Comic Sans
| screenshot =
| screenshot =
| caption =
| caption =
Line 18: Line 18:
}}
}}


'''LibReSSL''' is an [[open-source]] implementation of the [[Secure Sockets Layer]] (SSL) and [[Transport Layer Security]] (TLS) protocols. It was [[fork (software)|forked]] from the [[OpenSSL]] [[cryptographic]] [[software library]] in April 2014 as a response by [[OpenBSD]] developers to the [[Heartbleed]] [[security vulnerability]] in OpenSSL,<ref name=origins>{{cite web |url=http://www.tedunangst.com/flak/post/origins-of-libressl |title=Origins of libressl |first=Ted |last=Unangst |work=flak |date=22 April 2014 |accessdate=24 April 2014}}</ref><ref>{{cite web |url=http://www.eweek.com/security/after-heartbleed-openssl-is-forked-into-libressl.html |title=After Heartbleed, OpenSSL Is Forked Into LibreSSL|first=Sean Michael |last=Kemer |work=[[eWeek]] |date=22 April 2014 |accessdate=24 April 2014}}</ref><ref>{{cite web|title=Not Just a Cleanup Any More: LibreSSL Project Announced|url=http://it.slashdot.org/story/14/04/22/1240247/not-just-a-cleanup-any-more-libressl-project-announced|publisher=[[Slashdot]]|accessdate=24 April 2014|date=April 22, 2014}}</ref><ref>{{cite web|first=Bob|last=Beck|title=LibreSSL: The first 30 days, and what the Future Holds Slides|accessdate=17 May 2014|date=17 May 2014|url=http://www.openbsd.org/papers/bsdcan14-libressl/mgp00003.html}}</ref><ref>{{cite web | url=http://it.slashdot.org/story/14/05/17/2250242/30-day-status-update-on-libressl | title=30-Day Status Update On LibreSSL | last=M | first=Constantine | editor=Soulskill | date= 17 May 2014 | publisher=[[Slashdot]] }}</ref> with the aim of [[refactor]]ing the OpenSSL code so as to provide a more secure implementation.<ref name="zdnet_fork">{{cite web |url=http://www.zdnet.com/openbsd-forks-prunes-fixes-openssl-7000028613/ |title= OpenBSD forks, prunes, fixes OpenSSL |first=Larry |last=Seltzer |work=Zero Day |publisher=[[ZDNet]] |date=21 April 2014 |accessdate=21 April 2014}}</ref>
'''LibreSSL''' is an [[open-source]] implementation of the [[Secure Sockets Layer]] (SSL) and [[Transport Layer Security]] (TLS) protocols. It was [[fork (software)|forked]] from the [[OpenSSL]] [[cryptographic]] [[software library]] in April 2014 as a response by [[OpenBSD]] developers to the [[Heartbleed]] [[security vulnerability]] in OpenSSL,<ref name=origins>{{cite web |url=http://www.tedunangst.com/flak/post/origins-of-libressl |title=Origins of libressl |first=Ted |last=Unangst |work=flak |date=22 April 2014 |accessdate=24 April 2014}}</ref><ref>{{cite web |url=http://www.eweek.com/security/after-heartbleed-openssl-is-forked-into-libressl.html |title=After Heartbleed, OpenSSL Is Forked Into LibreSSL|first=Sean Michael |last=Kemer |work=[[eWeek]] |date=22 April 2014 |accessdate=24 April 2014}}</ref><ref>{{cite web|title=Not Just a Cleanup Any More: LibreSSL Project Announced|url=http://it.slashdot.org/story/14/04/22/1240247/not-just-a-cleanup-any-more-libressl-project-announced|publisher=[[Slashdot]]|accessdate=24 April 2014|date=April 22, 2014}}</ref><ref>{{cite web|first=Bob|last=Beck|title=LibreSSL: The first 30 days, and what the Future Holds Slides|accessdate=17 May 2014|date=17 May 2014|url=http://www.openbsd.org/papers/bsdcan14-libressl/mgp00003.html}}</ref><ref>{{cite web | url=http://it.slashdot.org/story/14/05/17/2250242/30-day-status-update-on-libressl | title=30-Day Status Update On LibreSSL | last=M | first=Constantine | editor=Soulskill | date= 17 May 2014 | publisher=[[Slashdot]] }}</ref> with the aim of [[refactor]]ing the OpenSSL code so as to provide a more secure implementation.<ref name="zdnet_fork">{{cite web |url=http://www.zdnet.com/openbsd-forks-prunes-fixes-openssl-7000028613/ |title= OpenBSD forks, prunes, fixes OpenSSL |first=Larry |last=Seltzer |work=Zero Day |publisher=[[ZDNet]] |date=21 April 2014 |accessdate=21 April 2014}}</ref>


LibReSSL was forked from the OpenSSL library starting with the 1.0.1g branch and will follow the security guidelines used elsewhere in the OpenBSD project.<ref name="fork">{{cite web |url=http://www.undeadly.org/cgi?action=article&sid=20140415093252 |title=OpenBSD has started a massive strip-down and cleanup of OpenSSL |first=Peter |last=Hessler |work=[[OpenBSD Journal]] |date=15 April 2014 |accessdate=24 April 2014}}</ref>
LibreSSL was forked from the OpenSSL library starting with the 1.0.1g branch and will follow the security guidelines used elsewhere in the OpenBSD project.<ref name="fork">{{cite web |url=http://www.undeadly.org/cgi?action=article&sid=20140415093252 |title=OpenBSD has started a massive strip-down and cleanup of OpenSSL |first=Peter |last=Hessler |work=[[OpenBSD Journal]] |date=15 April 2014 |accessdate=24 April 2014}}</ref>


== History ==
== History ==
After the Heartbleed bug in OpenSSL, the OpenBSD team audited the code afresh, and quickly realised they would need to maintain a fork themselves.<ref name=origins/> The libressl.org domain was registered on April 11; the project announced the name on April 22.
After the Heartbleed bug in OpenSSL, the OpenBSD team audited the code afresh, and quickly realised they would need to maintain a fork themselves.<ref name=origins/> The libressl.org domain was registered on April 11; the project announced the name on April 22.


In the first week of code pruning, more than 90,000 lines of C code were removed.<ref name="zdnet_fork" /><ref name=brodkin20140422>{{cite web |url=http://arstechnica.com/information-technology/2014/04/openssl-code-beyond-repair-claims-creator-of-libressl-fork/ |title=OpenSSL code beyond repair, claims creator of "LibreSSL" fork |first=Jon |last=Brodkin |work=[[Ars Technica]] |date=22 April 2014 |accessdate=24 April 2014}}</ref> Older or unused code has been removed, and support for some older or now-rare operating systems removed. LibReSSL is initially being developed as an intended replacement for OpenSSL in OpenBSD 5.6, and it is then expected to be ported back to other platforms once a stripped-down version of the library is stable.<ref name=pcpro>{{cite web |url=http://www.pcpro.co.uk/news/security/388309/heartbleed-libressl-scrubs-irresponsible-openssl-code |title=Heartbleed: LibreSSL scrubs "irresponsible" OpenSSL code |first=Jane |last=McCallion |work=[[PC Pro]] |date=22 April 2014 |accessdate=23 April 2014}}</ref><ref name="will-be-portable">{{cite web |url=http://www.phoronix.com/scan.php?page=news_item&px=MTY4NTc |title=OpenBSD Affirms That LibreSSL Will Be Portable |first=Michael |last=Larabel |work=[[Phoronix]] |date=9 May 2014 |accessdate=30 May 2014}}</ref> {{As of|2014|04}}, the project was seeking a "stable commitment" of external funding.<ref name=brodkin20140422/>
In the first week of code pruning, more than 90,000 lines of C code were removed.<ref name="zdnet_fork" /><ref name=brodkin20140422>{{cite web |url=http://arstechnica.com/information-technology/2014/04/openssl-code-beyond-repair-claims-creator-of-libressl-fork/ |title=OpenSSL code beyond repair, claims creator of "LibreSSL" fork |first=Jon |last=Brodkin |work=[[Ars Technica]] |date=22 April 2014 |accessdate=24 April 2014}}</ref> Older or unused code has been removed, and support for some older or now-rare operating systems removed. LibreSSL is initially being developed as an intended replacement for OpenSSL in OpenBSD 5.6, and it is then expected to be ported back to other platforms once a stripped-down version of the library is stable.<ref name=pcpro>{{cite web |url=http://www.pcpro.co.uk/news/security/388309/heartbleed-libressl-scrubs-irresponsible-openssl-code |title=Heartbleed: LibreSSL scrubs "irresponsible" OpenSSL code |first=Jane |last=McCallion |work=[[PC Pro]] |date=22 April 2014 |accessdate=23 April 2014}}</ref><ref name="will-be-portable">{{cite web |url=http://www.phoronix.com/scan.php?page=news_item&px=MTY4NTc |title=OpenBSD Affirms That LibreSSL Will Be Portable |first=Michael |last=Larabel |work=[[Phoronix]] |date=9 May 2014 |accessdate=30 May 2014}}</ref> {{As of|2014|04}}, the project was seeking a "stable commitment" of external funding.<ref name=brodkin20140422/>


On June 5, 2014, several OpenSSL bugs became public. While several projects were notified in advance,<ref>{{cite web|url=http://seclists.org/oss-sec/2014/q2/466 |title=oss-sec: Re: OpenSSL seven security fixes |publisher=Seclists.org |date= |accessdate=2014-06-09}}</ref> LibReSSL was not; [[Theo de Raadt]] accused the OpenSSL developers of intentionally withholding this information from OpenBSD and LibReSSL.<ref>{{cite web|url=http://marc.info/?l=openbsd-misc&m=140199662922801&w=2 |title='Re: new OpenSSL flaws' - MARC |publisher=Marc.info |date=2014-06-05 |accessdate=2014-06-09}}</ref>
On June 5, 2014, several OpenSSL bugs became public. While several projects were notified in advance,<ref>{{cite web|url=http://seclists.org/oss-sec/2014/q2/466 |title=oss-sec: Re: OpenSSL seven security fixes |publisher=Seclists.org |date= |accessdate=2014-06-09}}</ref> LibreSSL was not; [[Theo de Raadt]] accused the OpenSSL developers of intentionally withholding this information from OpenBSD and LibreSSL.<ref>{{cite web|url=http://marc.info/?l=openbsd-misc&m=140199662922801&w=2 |title='Re: new OpenSSL flaws' - MARC |publisher=Marc.info |date=2014-06-05 |accessdate=2014-06-09}}</ref>


On June 20, 2014, Google created another fork of OpenSSL called [[BoringSSL]], and promised to exchange fixes with LibReSSL.<ref name="imperialviolet">{{cite web|url=https://www.imperialviolet.org/2014/06/20/boringssl.html|title=BoringSSL (20 Jun 2014)|last=Langley|first=Adam|date=20 June 2014|website=ImperialViolet|accessdate=2014-06-21}}</ref><ref>{{cite web|url=http://arstechnica.com/security/2014/06/google-unveils-independent-fork-of-openssl-called-boringssl/|title=Google unveils independent “fork” of OpenSSL called “BoringSSL”|last=Goodin|first=Dan|date=20 June 2014|accessdate=21 June 2014|work=[[Ars Technica]]}}</ref> Google has already relicensed some of its contributions under the ISC license, as it was requested by the LibreSSL developers.<ref name="imperialviolet"/><ref>{{cite web|url=https://secure.freshbsd.org/commit/openbsd/ef62f9c8a51b8fb8ce21e1486986f8f3dc7f50a3|title=OpenBSD — lib/libssl/src/crypto/evp evp_aead.c e_chacha20poly1305.c|last=Sing|first=Joel|date= 21 June 2014|accessdate=21 June 2014}}</ref> On June 21, Theo de Raadt welcomed BoringSSL and outlined the plans for LibReSSL-portable.<ref>{{cite mailing list|url=https://marc.info/?l=openbsd-tech&m=140332790726752&w=2|title=Boringssl and such|date=21 June 2014|last=Raadt|first=Theo de}}</ref> Starting on 8 July, code porting for [[OS X]] and [[Solaris]] began,<ref>{{cite web|url=https://secure.freshbsd.org/commit/openbsd/bb95c69c5dea2b7ae53fb1036904c27c038bd2b0|title=OpenBSD - lib/libcrypto/crypto getentropy_osx.c getentropy_solaris.c|date=8 July 2014|last=Beck|first=Bob}}</ref> while initial porting to [[Linux]] began on 20 June.<ref>{{cite web|url=https://secure.freshbsd.org/commit/openbsd/1d7eab2186ba0e70b976372401977c2c784ef30a|title=OpenBSD — lib/libcrypto/crypto getentropy_linux.c|date=20 June 2014|last=Beck|first=Bob}}</ref>
On June 20, 2014, Google created another fork of OpenSSL called [[BoringSSL]], and promised to exchange fixes with LibreSSL.<ref name="imperialviolet">{{cite web|url=https://www.imperialviolet.org/2014/06/20/boringssl.html|title=BoringSSL (20 Jun 2014)|last=Langley|first=Adam|date=20 June 2014|website=ImperialViolet|accessdate=2014-06-21}}</ref><ref>{{cite web|url=http://arstechnica.com/security/2014/06/google-unveils-independent-fork-of-openssl-called-boringssl/|title=Google unveils independent “fork” of OpenSSL called “BoringSSL”|last=Goodin|first=Dan|date=20 June 2014|accessdate=21 June 2014|work=[[Ars Technica]]}}</ref> Google has already relicensed some of its contributions under the ISC license, as it was requested by the LibreSSL developers.<ref name="imperialviolet"/><ref>{{cite web|url=https://secure.freshbsd.org/commit/openbsd/ef62f9c8a51b8fb8ce21e1486986f8f3dc7f50a3|title=OpenBSD — lib/libssl/src/crypto/evp evp_aead.c e_chacha20poly1305.c|last=Sing|first=Joel|date= 21 June 2014|accessdate=21 June 2014}}</ref> On June 21, Theo de Raadt welcomed BoringSSL and outlined the plans for LibreSSL-portable.<ref>{{cite mailing list|url=https://marc.info/?l=openbsd-tech&m=140332790726752&w=2|title=Boringssl and such|date=21 June 2014|last=Raadt|first=Theo de}}</ref> Starting on 8 July, code porting for [[OS X]] and [[Solaris]] began,<ref>{{cite web|url=https://secure.freshbsd.org/commit/openbsd/bb95c69c5dea2b7ae53fb1036904c27c038bd2b0|title=OpenBSD - lib/libcrypto/crypto getentropy_osx.c getentropy_solaris.c|date=8 July 2014|last=Beck|first=Bob}}</ref> while initial porting to [[Linux]] began on 20 June.<ref>{{cite web|url=https://secure.freshbsd.org/commit/openbsd/1d7eab2186ba0e70b976372401977c2c784ef30a|title=OpenBSD — lib/libcrypto/crypto getentropy_linux.c|date=20 June 2014|last=Beck|first=Bob}}</ref>


On July 11, 2014, a portable version of LibReSSL was released as version 2.0.0.<ref>{{cite web|url=http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/|title=Index of /pub/OpenBSD/LibreSSL|date=11 July 2014|accessdate=11 July 2014}}</ref><ref>{{cite web|url=http://marc.info/?l=openbsd-tech&m=140510291304119&w=2|title=First release of LibreSSL portable is available|publisher=Marc.info|date=11 July 2014|accessdate=11 July 2014|last=Beck|first=Bob}}</ref>
On July 11, 2014, a portable version of LibreSSL was released as version 2.0.0.<ref>{{cite web|url=http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/|title=Index of /pub/OpenBSD/LibreSSL|date=11 July 2014|accessdate=11 July 2014}}</ref><ref>{{cite web|url=http://marc.info/?l=openbsd-tech&m=140510291304119&w=2|title=First release of LibreSSL portable is available|publisher=Marc.info|date=11 July 2014|accessdate=11 July 2014|last=Beck|first=Bob}}</ref>


== Changes ==
== Changes ==
Line 43: Line 43:
In order to maintain good programming practice, a number of compiler options and flags designed for safety have been enabled by default to help in spotting potential issues so they can be fixed earlier (-Wall, -Werror, -Wextra, -Wuninitialized). There have also been code readability updates which help future contributors in verifying program correctness ([[Kernel Normal Form|KNF]], white-space, line-wrapping, etc.). Modification or removal of unneeded method wrappers and macros also help with code readability and auditing (Error and [[I/O abstraction]] library references).
In order to maintain good programming practice, a number of compiler options and flags designed for safety have been enabled by default to help in spotting potential issues so they can be fixed earlier (-Wall, -Werror, -Wextra, -Wuninitialized). There have also been code readability updates which help future contributors in verifying program correctness ([[Kernel Normal Form|KNF]], white-space, line-wrapping, etc.). Modification or removal of unneeded method wrappers and macros also help with code readability and auditing (Error and [[I/O abstraction]] library references).


Changes were made to ensure that LibReSSL will be [[Year 2038 problem|year 2038 compatible]] along with maintaining portability for other similar platforms. In addition, <code>explicit_bzero</code> and <code>bn_clear</code> calls were added to prevent the compiler from optimizing them out and prevent attackers from reading previously allocated memory.
Changes were made to ensure that LibreSSL will be [[Year 2038 problem|year 2038 compatible]] along with maintaining portability for other similar platforms. In addition, <code>explicit_bzero</code> and <code>bn_clear</code> calls were added to prevent the compiler from optimizing them out and prevent attackers from reading previously allocated memory.


=== Cryptographic ===
=== Cryptographic ===
Line 49: Line 49:


=== Code removal ===
=== Code removal ===
One of the initial features removed from LibReSSL in response to [[Heartbleed]] was the heartbeat functionality itself.<ref name="libsslhb">{{cite web|url=http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/ssl/d1_both.c.diff?r1=1.6;r2=1.7;f=h|title=OpenBSD LibreSSL CVS OPENSSL_NO_HEARTBEAT}}</ref> In addition, there has been removal of unneeded operating systems and hardware architectures ([[Classic Mac OS]], [[NetWare]], [[OS/2]], [[VMS (operating system)|VMS]], [[Microsoft Windows|Windows]], etc.), [[C preprocessor|preprocessor macros]] that have been deemed unnecessary or insecure, and older demo/documentation files for [[Assembly language|Assembly]], [[C (programming language)|C]], and [[Perl]].
One of the initial features removed from LibreSSL in response to [[Heartbleed]] was the heartbeat functionality itself.<ref name="libsslhb">{{cite web|url=http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/ssl/d1_both.c.diff?r1=1.6;r2=1.7;f=h|title=OpenBSD LibreSSL CVS OPENSSL_NO_HEARTBEAT}}</ref> In addition, there has been removal of unneeded operating systems and hardware architectures ([[Classic Mac OS]], [[NetWare]], [[OS/2]], [[VMS (operating system)|VMS]], [[Microsoft Windows|Windows]], etc.), [[C preprocessor|preprocessor macros]] that have been deemed unnecessary or insecure, and older demo/documentation files for [[Assembly language|Assembly]], [[C (programming language)|C]], and [[Perl]].


The [[Dual_EC_DRBG]] algorithm, which is suspected of having a [[backdoor (computing)|back door]],<ref name="NYT9513">{{cite news|first=Nicole |last=Perlroth |title=Government Announces Steps to Restore Confidence on Encryption Standards|url=http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/|accessdate=9 May 2014|newspaper=The New York Times|date=September 10, 2013}}</ref> was cut along with support for the [[FIPS 140-2]] standard that required it. Unused protocols and insecure algorithms have also been removed, including [[MD2 (cryptography)|MD2]], [[SSL v2]], [[Kerberos (protocol)|Kerberos]], [[Password Authenticated Key Exchange by Juggling|J-PAKE]], and [[Secure Remote Password protocol|SRP]].
The [[Dual_EC_DRBG]] algorithm, which is suspected of having a [[backdoor (computing)|back door]],<ref name="NYT9513">{{cite news|first=Nicole |last=Perlroth |title=Government Announces Steps to Restore Confidence on Encryption Standards|url=http://bits.blogs.nytimes.com/2013/09/10/government-announces-steps-to-restore-confidence-on-encryption-standards/|accessdate=9 May 2014|newspaper=The New York Times|date=September 10, 2013}}</ref> was cut along with support for the [[FIPS 140-2]] standard that required it. Unused protocols and insecure algorithms have also been removed, including [[MD2 (cryptography)|MD2]], [[SSL v2]], [[Kerberos (protocol)|Kerberos]], [[Password Authenticated Key Exchange by Juggling|J-PAKE]], and [[Secure Remote Password protocol|SRP]].


=== Bug backlog ===
=== Bug backlog ===
One of the complaints of OpenSSL was the number of open bugs reported in the bug tracker that had gone unfixed for years. Older bugs are now being fixed in LibReSSL.<ref name="commit log">{{cite web|url=http://marc.info/?l=openbsd-cvs&m=139715677231774&w=2|title= OpenBSD LibreSSL CVS Buffer Release (#2167 bugfix) Commit|date=10 April 2014|accessdate=1 May 2014}}</ref>
One of the complaints of OpenSSL was the number of open bugs reported in the bug tracker that had gone unfixed for years. Older bugs are now being fixed in LibreSSL.<ref name="commit log">{{cite web|url=http://marc.info/?l=openbsd-cvs&m=139715677231774&w=2|title= OpenBSD LibreSSL CVS Buffer Release (#2167 bugfix) Commit|date=10 April 2014|accessdate=1 May 2014}}</ref>


== See also ==
== See also ==

Revision as of 22:15, 11 July 2014

LibreSSL
Developer(s)The OpenBSD Project
Stable release
2.0.0 / July 11, 2014 (2014-07-11)
Preview release3.9.0 (9 March 2024; 9 months ago (2024-03-09)[1][2]) [±]
Repository
Written inC, assembly
Operating systemOpenBSD
TypeSecurity library
LicenseApache License 1.0, 4-clause BSD License, ISC License, and some are public domain
Websitehttp://www.libressl.org

LibreSSL is an open-source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. It was forked from the OpenSSL cryptographic software library in April 2014 as a response by OpenBSD developers to the Heartbleed security vulnerability in OpenSSL,[3][4][5][6][7] with the aim of refactoring the OpenSSL code so as to provide a more secure implementation.[8]

LibreSSL was forked from the OpenSSL library starting with the 1.0.1g branch and will follow the security guidelines used elsewhere in the OpenBSD project.[9]

History

After the Heartbleed bug in OpenSSL, the OpenBSD team audited the code afresh, and quickly realised they would need to maintain a fork themselves.[3] The libressl.org domain was registered on April 11; the project announced the name on April 22.

In the first week of code pruning, more than 90,000 lines of C code were removed.[8][10] Older or unused code has been removed, and support for some older or now-rare operating systems removed. LibreSSL is initially being developed as an intended replacement for OpenSSL in OpenBSD 5.6, and it is then expected to be ported back to other platforms once a stripped-down version of the library is stable.[11][12] As of April 2014, the project was seeking a "stable commitment" of external funding.[10]

On June 5, 2014, several OpenSSL bugs became public. While several projects were notified in advance,[13] LibreSSL was not; Theo de Raadt accused the OpenSSL developers of intentionally withholding this information from OpenBSD and LibreSSL.[14]

On June 20, 2014, Google created another fork of OpenSSL called BoringSSL, and promised to exchange fixes with LibreSSL.[15][16] Google has already relicensed some of its contributions under the ISC license, as it was requested by the LibreSSL developers.[15][17] On June 21, Theo de Raadt welcomed BoringSSL and outlined the plans for LibreSSL-portable.[18] Starting on 8 July, code porting for OS X and Solaris began,[19] while initial porting to Linux began on 20 June.[20]

On July 11, 2014, a portable version of LibreSSL was released as version 2.0.0.[21][22]

Changes

In more detail, some of the more notable and important changes thus far include replacement of custom memory calls to ones in a standard library (for example, strlcpy, calloc, asprintf, reallocarray, etc.).[23][24] This process may help later on to catch buffer overflow errors with more advanced memory analysis tools or by simply observing program crashes (via ASLR, use of the NX bit, stack canaries, etc.).

Fixes for potential double free scenarios have also been cited in the CVS commit logs (including explicit assignments of NULL pointer values).[25] There have been extra sanity checks also cited in the commit logs related to ensuring length arguments, unsigned-to-signed variable assignments, pointer values, and method returns.

Proactive measures

In order to maintain good programming practice, a number of compiler options and flags designed for safety have been enabled by default to help in spotting potential issues so they can be fixed earlier (-Wall, -Werror, -Wextra, -Wuninitialized). There have also been code readability updates which help future contributors in verifying program correctness (KNF, white-space, line-wrapping, etc.). Modification or removal of unneeded method wrappers and macros also help with code readability and auditing (Error and I/O abstraction library references).

Changes were made to ensure that LibreSSL will be year 2038 compatible along with maintaining portability for other similar platforms. In addition, explicit_bzero and bn_clear calls were added to prevent the compiler from optimizing them out and prevent attackers from reading previously allocated memory.

Cryptographic

There were changes to help ensure proper seeding of random number generator-based methods via replacements of insecure seeding practices (taking advantage of features offered by the kernel itself natively).[26][27] In terms of notable additions made, OpenBSD has added support for newer and more reputable algorithms (ChaCha stream cipher and Poly1305 message authentication code) along with a safer set of elliptic curves (brainpool curves from RFC5639,[28] up to 512 bits in strength).

Code removal

One of the initial features removed from LibreSSL in response to Heartbleed was the heartbeat functionality itself.[29] In addition, there has been removal of unneeded operating systems and hardware architectures (Classic Mac OS, NetWare, OS/2, VMS, Windows, etc.), preprocessor macros that have been deemed unnecessary or insecure, and older demo/documentation files for Assembly, C, and Perl.

The Dual_EC_DRBG algorithm, which is suspected of having a back door,[30] was cut along with support for the FIPS 140-2 standard that required it. Unused protocols and insecure algorithms have also been removed, including MD2, SSL v2, Kerberos, J-PAKE, and SRP.

Bug backlog

One of the complaints of OpenSSL was the number of open bugs reported in the bug tracker that had gone unfixed for years. Older bugs are now being fixed in LibreSSL.[31]

See also

References

  1. ^ "LibreSSL". Retrieved 14 March 2024.
  2. ^ "LibreSSL Releases". Retrieved 14 March 2024.
  3. ^ a b Unangst, Ted (22 April 2014). "Origins of libressl". flak. Retrieved 24 April 2014.
  4. ^ Kemer, Sean Michael (22 April 2014). "After Heartbleed, OpenSSL Is Forked Into LibreSSL". eWeek. Retrieved 24 April 2014.
  5. ^ "Not Just a Cleanup Any More: LibreSSL Project Announced". Slashdot. 22 April 2014. Retrieved 24 April 2014.
  6. ^ Beck, Bob (17 May 2014). "LibreSSL: The first 30 days, and what the Future Holds Slides". Retrieved 17 May 2014.
  7. ^ M, Constantine (17 May 2014). Soulskill (ed.). "30-Day Status Update On LibreSSL". Slashdot.
  8. ^ a b Seltzer, Larry (21 April 2014). "OpenBSD forks, prunes, fixes OpenSSL". Zero Day. ZDNet. Retrieved 21 April 2014.
  9. ^ Hessler, Peter (15 April 2014). "OpenBSD has started a massive strip-down and cleanup of OpenSSL". OpenBSD Journal. Retrieved 24 April 2014.
  10. ^ a b Brodkin, Jon (22 April 2014). "OpenSSL code beyond repair, claims creator of "LibreSSL" fork". Ars Technica. Retrieved 24 April 2014.
  11. ^ McCallion, Jane (22 April 2014). "Heartbleed: LibreSSL scrubs "irresponsible" OpenSSL code". PC Pro. Retrieved 23 April 2014.
  12. ^ Larabel, Michael (9 May 2014). "OpenBSD Affirms That LibreSSL Will Be Portable". Phoronix. Retrieved 30 May 2014.
  13. ^ "oss-sec: Re: OpenSSL seven security fixes". Seclists.org. Retrieved 9 June 2014.
  14. ^ "'Re: new OpenSSL flaws' - MARC". Marc.info. 5 June 2014. Retrieved 9 June 2014.
  15. ^ a b Langley, Adam (20 June 2014). "BoringSSL (20 Jun 2014)". ImperialViolet. Retrieved 21 June 2014.
  16. ^ Goodin, Dan (20 June 2014). "Google unveils independent "fork" of OpenSSL called "BoringSSL"". Ars Technica. Retrieved 21 June 2014.
  17. ^ Sing, Joel (21 June 2014). "OpenBSD — lib/libssl/src/crypto/evp evp_aead.c e_chacha20poly1305.c". Retrieved 21 June 2014.
  18. ^ Raadt, Theo de (21 June 2014). "Boringssl and such" (Mailing list).
  19. ^ Beck, Bob (8 July 2014). "OpenBSD - lib/libcrypto/crypto getentropy_osx.c getentropy_solaris.c".
  20. ^ Beck, Bob (20 June 2014). "OpenBSD — lib/libcrypto/crypto getentropy_linux.c".
  21. ^ "Index of /pub/OpenBSD/LibreSSL". 11 July 2014. Retrieved 11 July 2014.
  22. ^ Beck, Bob (11 July 2014). "First release of LibreSSL portable is available". Marc.info. Retrieved 11 July 2014.
  23. ^ Orr, William (23 April 2014). "A quick recap over the last week". OpenSSL Valhalla Rampage. Retrieved 30 April 2014.[self-published source?]
  24. ^ "OpenBSD LibreSSL CVS Calloc Commits".
  25. ^ "OpenBSD LibreSSL CVS Double Free Commits".
  26. ^ "OpenBSD LibreSSL CVS Insecure Seeding".
  27. ^ "OpenBSD LibreSSL CVS Kernel Seeding".
  28. ^ http://tools.ietf.org/html/rfc5639
  29. ^ "OpenBSD LibreSSL CVS OPENSSL_NO_HEARTBEAT".
  30. ^ Perlroth, Nicole (10 September 2013). "Government Announces Steps to Restore Confidence on Encryption Standards". The New York Times. Retrieved 9 May 2014.
  31. ^ "OpenBSD LibreSSL CVS Buffer Release (#2167 bugfix) Commit". 10 April 2014. Retrieved 1 May 2014.
Retrieved from "https://en.wikipedia.org/w/index.php?title=LibreSSL&oldid=616582341"