SGI: Development

OpenSSL - Page 2

You guys are really brave messing with this pile. Good luck.
Axatax_ wrote: You guys are really brave messing with this pile. Good luck.


Not messing with it too much since the OpenSSL team tries to support ALL the platforms. Just seeing if it still builds and works correctly. The libreSSL stuff is a bit harder, since the team tossed all the compatibility stuff in favor of making the code manageable and more 'secure' - with portability as an afterthought. For a short while there I had it building (and partially running) on IRIX and AIX, but they quickly moved to requiring getentrophy and/or arc4random, which are lacking on IRIX and AIX ( http://www.openbsd.org/build/mirrors/openntpd-portable.html.head ).
"Apollo was astonished, Dionysus thought me mad."
libreSSL -- libre of everything we don't like so there
smit happens.

:Fuel: bigred , 900MHz R16K, 4GB RAM, V12 DCD, 6.5.30
:Indy: indy , 150MHz R4400SC, 256MB RAM, XL24, 6.5.10
:Indigo2IMP: purplehaze , R10000, Solid IMPACT
probably posted from Image bruce , Quad 2.5GHz PowerPC 970MP, 16GB RAM, Mac OS X 10.4.11
plus IBM POWER6 p520 * Apple Network Server 500 * HP C8000 * BeBox * Solbourne S3000 * Commodore 128 * many more...
vishnu wrote:
foetz wrote:
vishnu wrote: One thing's for sure, the LibreSSL guys didn't think too highly of the state of the OpenSSL code when they forked it.

they should've kept the build system tho. libressl comes with a bunch of crap such as hardcoded, gcc specific cflags and such

Well that's retarded. But apparently not as retarded as the OpenSSL codebase:

http://www.openbsd.org/papers/bsdcan14-libressl/mgp00001.html

Even if only a tiny fraction of what he's saying is accurate, wow wwwww .. . :shock: :roll:

http://www.openbsd.org/papers/bsdcan14- ... 00011.html
http://www.openbsd.org/papers/bsdcan14- ... 00012.html
Well, I can understand not re-implementing libc?

The drop-in replacement part, though...not supporting everything the original supports, just "what people will probably use"? This sounds tolerable for me given I probably won't ever need any of the things they've removed but I still don't like the idea of intentionally not supporting things and then saying "drop-in replacement".
Nuke wrote:
vishnu wrote:
foetz wrote:
vishnu wrote: One thing's for sure, the LibreSSL guys didn't think too highly of the state of the OpenSSL code when they forked it.

they should've kept the build system tho. libressl comes with a bunch of crap such as hardcoded, gcc specific cflags and such

Well that's retarded. But apparently not as retarded as the OpenSSL codebase:

http://www.openbsd.org/papers/bsdcan14-libressl/mgp00001.html

Even if only a tiny fraction of what he's saying is accurate, wow wwwww .. . :shock: :roll:

http://www.openbsd.org/papers/bsdcan14- ... 00011.html
http://www.openbsd.org/papers/bsdcan14- ... 00012.html
Well, I can understand not re-implementing libc?

The drop-in replacement part, though...not supporting everything the original supports, just "what people will probably use"? This sounds tolerable for me given I probably won't ever need any of the things they've removed but I still don't like the idea of intentionally not supporting things and then saying "drop-in replacement".

It is far from a drop in replacement when they only support a couple of platforms. I can build OpenSSL on many platforms that are still alive but not common, say OpenVMS, that I doubt libreSSL will ever support. And then you have things like IRIX and AIX that don't work because the OpenBSD team never implemented arc4random and such, instead saying complain to SGI and IBM that the OS doesn't do things the way the OpenBSD team feels they should be done.
"Apollo was astonished, Dionysus thought me mad."