On Sun, Mar 04 2018, Steffan Karger <stef...@karger.me> wrote: > Hi, > > On 04-03-18 10:08, Gert Doering wrote: >> On Thu, Mar 01, 2018 at 12:11:23AM +0100, Steffan Karger wrote: >>> As discussed in the community meeting of 13-12-2017, we should warn our >>> users that LibreSSL is not officially supported. We expect that it >>> currently works, but it might suddenly break or we might decide to no >>> longer build against LibreSSL in the future. >> >> Generally speaking, I agree. >> >> Should we also add a warning (+ sleep 60 to be extra-annoying?) to >> configure if LibreSSL is detected? > > I considered that (modulo the sleep 60) and wrote the code to do the > configure check, but then thought that a not-suppressible warning in the > logs would be sufficient. I still think it is, but don't mind re-adding > it to configure.ac if you prefer that.
As an OpenBSD developer and the maintainer of our OpenVPN port, I certainly care about building and using OpenVPN with LibreSSL. I have already provided patches in the past, and yesterday I pushed compat glue in LibreSSL so that openvpn-2.4.5 can build on OpenBSD (-current). So I'm wondering what would be needed to consider LibreSSL "supported". I hear that there are concerns over LibreSSL not being API-compatible with OpenSSL. As you may have noticed, LibreSSL recently introduced lots of OpenSSL-1.1+ interfaces. While there is no plan to support the full OpenSSL-1.1 API (tons of functions were added, not all of them seem useful...), the intent is to provide what the ecosystem actually needs. I can probably serve as a bridge between the two projects here. If you see other points where I - or anyone else - can help, please share. :) -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel