Contributed by grey on from the Development branches of Transport Layer Series of tubes dept.
The complete release notes may be viewed here:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.0-relnotes.txt
There is a lot there which would be best to read in its entirety rather than attempting to summarize here. However, for the sake of emphatic repetition and encouragement from the community at large, this quote seems salient and worth sharing:
This is a development release for the 3.5.x branch, and we appreciate additional testing and feedback before the final release coming soon with OpenBSD 7.1.
(Comments are closed)
By grey (grey) on
The PR can be viewed here:
https://github.com/macports/macports-ports/pull/14166
Though, at the time of this writing is has not been merged despite no immediate conflicts being observable.
However, anecdotally, I did encounter a couple of issues with other MacPorts once using LibreSSL 3.5.0. Namely: libevent and kerberos5 seem to have issues with building and installing. Thankfully, the OpenSSH though it defaults to a variant which uses kerberos5, can be installed without that variant with no issues. Meanwhile, the only MacPort I personally have on my test system which uses libevent as a dependency at this time, is tmux, and it seems to install and function OK despite the error with installing libevent after LibreSSL 3.5.0 is installed as well.
I realize this isn't specifically OpenBSD nor LibreSSL related, but for those who want additional insights into porting OpenBSD and LibreSSL related code to other projects, the MacPorts Trac where I document such issues in a bit more depth is viewable here:
https://trac.macports.org/ticket/64747
You can also take my diff and apply it yourselves if you don't want to wait on MacPorts to merge my PR (albeit, typically their hesitation seems to be for reasons related to things unrelated to the diffs themselves, such as how the commit was merged or branched or maybe some excruciatingly pedantic commentary on my commit messages and such which reads more like pointless tone policing or bike shedding to me. However, MacPorts is not my project after all, so I do my best to comply, even if it means PRs are not merged for months after my initial tests and submissions)
Of course, if you are worried about any of that, none of those MacPorts default to LibreSSL currently, which seems a shame. However, if you use the libressl MacPort (as contrasted with the MacPort: libressl-devel) that has at least been updated to version 3.4.2 since December of last year due to some modest effort on my part and no build nor install issues arise with libevent, nor the default kerberos5 variant of OpenSSH in such instances.
Of course, if you are using OpenBSD, none of these are issues whatsoever and you can expect the latest and greatest code by default.
Comments
By grey (grey) on