January 27, 2021 9:47 AM, "Lauri Tirkkonen" <la...@hacktheplanet.fi> wrote:
> On Wed, Jan 27 2021 09:36:31 +0100, Eric Faurot wrote: > >> There has been a plan for some time now to make smtpd use libtls >> instead of openssl. Recent changes in libtls allow to move forward >> with this. Here is a diff to start the switch. I've tried to keep >> it as small as possible, sticking to the necessary changes. There is >> still a lot of code that can be removed but that will be done in a >> second time. > > I'm all for this, and sorry for screaming from the gallery, but I want to ask > - > is there a plan relating to libtls for portable OpenSMTPD? As it stands, > OpenSSL-based systems are largely unable to use libtls (which in itself is a > shame) - how would this change make it to portable? > TL;DR: In January 2020, I adapted OpenSMTPD to libtls for the first time and did it both for OpenBSD and portable. Since many systems didn't have LibreSSL available, this resulted in libtls being brought to the openbsd-compat layer and adapted to build with OpenSSL. The plan is to use libtls from LibreSSL if detected, otherwise take the openbsd-compat version if OpenSSL is detected. More (outdated) details here: https://poolp.org/posts/2020-01-22/january-2020-opensmtpd-work-libasr-and-libtls/ As a side note: The work eric@ did on the libtls conversion was based on my diff but diverged and I will have to adapt my work from last year to make it work again. I'll take care of making it work again once his work is committed. As of today, there's no one but me working on the portable release so it would be nice if people interested in a portable release would step up to help.
