Jump to content
Mumble forums



Recommended Posts

I recently noticed that the OpenBSD guys have made a fork of OpenSSL. (In case you don't know, they made OpenSSH which is used by many big businesses (Apple for instance)...which apparently haven't donated http://www.openssh.com/ )

Anyways, they are known for making their stuff ridiculously secure against attacks, and have made many security changes in their SSL fork which is available - http://www.libressl.org/

Wikipedia has some nice info about it too - https://en.wikipedia.org/wiki/LibreSSL

One reason this makes me excited to see that they have made a fork of OpenSSL is because apparently the famous HeartBleed exploit could have been fairly easily prevented using their compiler methods - http://article.gmane.org/gmane.os.openbsd.misc/211963

By the way, thanks for making Mumble! :D (regardless of whether you implement LibreSSL)

Link to comment
Share on other sites

  • 4 weeks later...
  • Administrators

We wouldn't mind shipping LibreSSL, but there are some technical problems in doing it.

Right now, on Windows, we build all our dependencies from scratch using the same compiler (Visual C++ 2013 Update 4). All our dependencies are built as static libraries and linked into mumble_app.dll. Having a single DLL with all of our dependencies in it makes a lot of things easier, especially code signing, since we have full control of the names of the files we ship.

LibreSSL doesn't current build with MSVC, but only builds with GCC/MinGW on Windows. So to get it properly integrated into our build, we'd have to do some porting work. And we'd like to use the same TLS library on all platforms we ship binaries for before we make the switch.

Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now

  • Create New...