I really wish FreeBSD replaced OpenSSL in base with LibreSSL. I heard something about it once, but the wiki seems kind of dead on the subject lately. Maybe the core devs are waiting for the work to make crypto in base private (not exported so ports cant build against it) first?
At least I can build most ports with LibreSSL these days.
Until it’s a private lib it’s not feasible. Consider that FreeBSD ships a mostly frozen base system supported for 5 years. Libressl doesn’t have a long term release branch that fits with this release process.
But if it’s a private lib in base nobody has to care if it and affected binaries get updated…
Why can’t we all just use LibreSSL already?
I really wish FreeBSD replaced OpenSSL in base with LibreSSL. I heard something about it once, but the wiki seems kind of dead on the subject lately. Maybe the core devs are waiting for the work to make crypto in base private (not exported so ports cant build against it) first?
At least I can build most ports with LibreSSL these days.
HardenedBSD just added Barnerd Spil to the team today to start working on that.
That’s great news!
Until it’s a private lib it’s not feasible. Consider that FreeBSD ships a mostly frozen base system supported for 5 years. Libressl doesn’t have a long term release branch that fits with this release process.
But if it’s a private lib in base nobody has to care if it and affected binaries get updated…
Agreed; I tried swapping OpenSSL with LibreSSL on CRUX and had quite a few problems later.
I actually bumped into a little Linux distro called Viod Linux (http://www.voidlinux.eu/) that ships with it.