This Time Self-Hosted
dark mode light mode Search

LibreSSL is taking a beating, and that’s good

When I read about LibreSSL coming from the OpenBSD developers, my first impression was that it was a stunt. I did not change my impression of it drastically still. While I know at least one quite good OpenBSD developer, my impression of the whole set is still the same: we have different concepts of security, and their idea of “cruft” is completely out there for me. But this is a topic for some other time.

So seeing the amount of scrutiny from other who are, like me, skeptical of the OpenBSD people left on their own is a good news. It keeps them honest, as they say. But it also means that things that wouldn’t be otherwise understood by people not used to Linux don’t get shoved under the rug.

This is not idle musings: I still remember (but can’t find now) an article in which Theo boasted not ever having used Linux. And yet kept insisting that his operating system was clearly superior. I was honestly afraid that the way the fork-not-a-fork project was going to be handled was the same, I’m positively happy to be proven wrong up to now.

I actually have been thrilled to see that finally there is movement to replace the straight access to /dev/random and /dev/urandom: Ted’s patch to implement a getrandom() system call that can be made compatible with OpenBSD’s own getentropy() in user space. And even more I’m happy to see that at least one of the OpenBSD/LibreSSL developers pitching in to help shape the interface.

Dropping out the egd support made me puzzled for a moment, but then I realized that there is no point in using egd to feed the randomness to the process, you just need to feed entropy to the kernel, and let the process get it normally. I have had, unfortunately, quite a bit of experience with entropy-generating daemons, and I wonder if this might be the right time to suggest getting a new multi-source daemon out.

So a I going to just blindly trust the OpenBSD people because “they have a good track record”? No. And to anybody that suggest that you can take over lines and lines of code from someone else’s crypto-related project, remove a bunch of code that you think is useless, and have an immediate result, my request is to please stop working with software altogether.

Security Holes
Copyright © Randall Munroe.

I’m not saying that they would do it on purpose, or that they wouldn’t be trying to do the darndest to make LibreSSL a good replacement for OpenSSL. What I’m saying is that I don’t like the way, and the motives, the project was started from. And I think that a reality check, like the one they already got, was due and a good news.

On my side, once the library gets a bit more mileage I’ll be happy to run the tinderbox against it. For now, I’m re-gaining access to Excelsior after a bad kernel update, and I’ll just go and search with elfgrep for which binaries do use the egd functionalities and need to be patched, I’ll post it on Twitter/G+ once I have it. I know it’s not much, but this is what I can do.

Comments 4
  1. So I promised a list of users of `RAND_egd()` and here it is:…I’ll probably write a separate post on one thing that I have noticed from that list related to a topic I’m quite passionate about, so stay tuned.

  2. That’s an interesting post, but don’t you think libressl has little sense in the wake of “boringssl” or however the google developers end up calling this project? I saw an earlier post of addopting libressl to Gentoo on the Planet, but for the reasons you’d named here I don’t see much sense in it other than research/excercise.

  3. @PatrykR: Google SSL?? Yeah, because trusting a bunch of advertising conglomerate data kraken iHipsters is /SUCH/ a good idea…Have you seen how they fucked up XHTML into the epic failure of a self-contradiction that is the based-on-a-true-spaghetti-code-“living standard” HTML5 (“Without space!!!111one(lim (x→0) ((sin x)/x))[TM]”)?No way in hell am I letting anything Google on my box. I could as well just ask the NSA for something to install, and get sex advice from the church, because by then nothing matters anymore anyway.

  4. LibreSSL probably motivated OpenSSL devs to take a look at their patch dumping ground (comicly called a bug tracker) and actually clean up some old patches that where still valid, contributed documentation etc, even made it to being accepted .So well done OpenSSL for picking up the ball.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.