I got tor build with libressl. it works. Is this a good idea?
TY
Hey,
On 02/20/15 23:01, Tyrano Sauro wrote:
I got tor build with libressl. it works. Is this a good idea?
yes it is. libressl is a cleaned up version of openssl. The OpenBSD guys removed all that useless crap from the library and fixed a lot of bugs. Running Tor with libressl is a performence and a security improvement.
Greetings Leo
On 20/02/15 23:01, Tyrano Sauro wrote:
I got tor build with libressl. it works. Is this a good idea?
TY
Could you write some more details about how you got this to work? For example, did you link in libressl during the build, did you have to change anything, or did you just drop-in libressl.so (or whatever) to a pre-built tor and have everything work?
X
Hey,
On 02/21/15 13:45, Ximin Luo wrote:
Could you write some more details about how you got this to work? For example, did you link in libressl during the build, did you have to change anything, or did you just drop-in libressl.so (or whatever) to a pre-built tor and have everything work?
it's actually quit easy. If you use OpenBSD for example there is already libressl installed. They have keept the same old API from OpenSSL so you could build applications the same way as you did with OpenSSL.
They have also added a more modern API called libtls: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/tls_accept_socke...
Greetings Leo
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
VoidLinux also runs with LibreSSL as it's default libssl provider, and it's xbps build template shows it's a pretty seamless process.
https://github.com/voidlinux/void-packages/blob/master/srcpkgs/tor/template
Leo Unglaub:
Hey,
On 02/21/15 13:45, Ximin Luo wrote:
Could you write some more details about how you got this to work? For example, did you link in libressl during the build, did you have to change anything, or did you just drop-in libressl.so (or whatever) to a pre-built tor and have everything work?
it's actually quit easy. If you use OpenBSD for example there is already libressl installed. They have keept the same old API from OpenSSL so you could build applications the same way as you did with OpenSSL.
They have also added a more modern API called libtls: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/tls_accept_socke...
Greetings Leo
Do the configure:
--with-openssl-dir=$HOME/libressl \ --enable-static-openssl \
ty
From: Ximin Luo infinity0@torproject.org To: tor-dev@lists.torproject.org Sent: Saturday, 21 February 2015 7:45 AM Subject: Re: [tor-dev] tor and libressl
On 20/02/15 23:01, Tyrano Sauro wrote:
I got tor build with libressl. it works. Is this a good idea?
TY
Could you write some more details about how you got this to work? For example, did you link in libressl during the build, did you have to change anything, or did you just drop-in libressl.so (or whatever) to a pre-built tor and have everything work?
X
-
cacahuatl -
Leo Unglaub -
Tyrano Sauro -
Ximin Luo