LibreSSL

Mumble about Mumble

LibreSSL

Postby Isaac » Sun Jun 14, 2015 2:18 am

I recently noticed that the OpenBSD guys have made a fork of OpenSSL. (In case you don't know, they made OpenSSH which is used by many big businesses (Apple for instance)...which apparently haven't donated http://www.openssh.com/ )

Anyways, they are known for making their stuff ridiculously secure against attacks, and have made many security changes in their SSL fork which is available - http://www.libressl.org/

Wikipedia has some nice info about it too - https://en.wikipedia.org/wiki/LibreSSL

One reason this makes me excited to see that they have made a fork of OpenSSL is because apparently the famous HeartBleed exploit could have been fairly easily prevented using their compiler methods - http://article.gmane.org/gmane.os.openbsd.misc/211963

By the way, thanks for making Mumble! :D (regardless of whether you implement LibreSSL)
Isaac
 
Posts: 2
Joined: Fri Dec 05, 2014 11:44 pm

Re: LibreSSL

Postby mkrautz » Sun Jul 12, 2015 9:30 am

We wouldn't mind shipping LibreSSL, but there are some technical problems in doing it.

Right now, on Windows, we build all our dependencies from scratch using the same compiler (Visual C++ 2013 Update 4). All our dependencies are built as static libraries and linked into mumble_app.dll. Having a single DLL with all of our dependencies in it makes a lot of things easier, especially code signing, since we have full control of the names of the files we ship.

LibreSSL doesn't current build with MSVC, but only builds with GCC/MinGW on Windows. So to get it properly integrated into our build, we'd have to do some porting work. And we'd like to use the same TLS library on all platforms we ship binaries for before we make the switch.
mkrautz
Team member
Team member
 
Posts: 200
Joined: Wed Sep 23, 2009 4:57 pm


Return to General

Who is online

Users browsing this forum: No registered users and 1 guest

cron