libbsd and gnulib are pretty much just functions copy-pasted out of their original locations into conveniently organized repositories. There's not much to speak of concerning implementation quality.
Now that the glibc leadership changes have taken place, hopefully we can see functions like arc4random, explicit_bzero, timingsafe_bcmp, reallocarray and the other stuff actually appear in glibc where they belong, so no glue will be required.
They are pretty damn useful when you're trying to do secure programming.
The page at 'https://blog.hboeck.de/archives/851-LibreSSL-on-Gentoo.html'
was loaded over HTTPS, but displayed insecure content from
'http://vg07.met.vgwort.de/na/4f1f65b6b6e4419c97ea81e7d27cc0a0':
this content should also be loaded over HTTPS.
Only tangential to the article, but only now (via the link to the apache patch) did I realise it was libReSSL. Makes the name so much more interesting!
18 comments
[ 2.4 ms ] story [ 57.9 ms ] threadThey are pretty damn useful when you're trying to do secure programming.
(Of course, arc4random should use ChaCha20.)
RC4 is about to get another public result against it, btw.
I need to look into this in detail at some point, but for now it should be readable.
http://www.freshports.org/security/libressl
And there is work underway to make it an option for things that use OpenSSL currently.