[Cryptography-dev] LibreSSL support?

Paul Kehrer paul.l.kehrer at gmail.com
Wed Dec 14 23:15:39 EST 2016 

Since I accidentally replied to this off list replying one more time to
capture the entire conversation for others.

-Paul

On December 14, 2016 at 10:14:34 PM, Frank Siebenlist (
frank.siebenlist at gmail.com) wrote:

Hi Paul - no problem replying back to the list - didn’t noice it either -
thanks again for reply - feels a little tricky with all those libs that
have the same name, different code bases, and different so version# - guess
ldconfig will chose the one first found in the paths - regards, Frank.

"From a security perspective, if you're connected, you're screwed." -
Daniel J. Bernstein

> On Dec 14, 2016, at 5:41 PM, Paul Kehrer <paul.l.kehrer at gmail.com> wrote:
>
> Oops, I realize I replied to you off-list! Do you mind if I reply back to
list after this so everyone can see the replies?
>
> Anyway, if the libressl shared objects have a different soversion than
the openssl shared objects (I don't know, but I sure hope so), then you'll
just need to set CFLAGS and LDFLAGS during compile and make sure the
libraries are in your ldconfig.
>
> -Paul
>
> On December 14, 2016 at 2:55:57 PM, Frank Siebenlist (
frank.siebenlist at gmail.com) wrote:
>
>> Thanks for the quick reply - good to know that option is available!
>>
>> Any guidelines how to configure pyca/cryptography to use LibreSSL when
>> OpenSSL is the default install?
>> How do you point to the lib you want?
>>
>> - Frank.
>>
>> On Wed, Dec 14, 2016 at 12:16 PM, Paul Kehrer <paul.l.kehrer at gmail.com>
wrote:
>> > We test against LibreSSL 2.4.x right now and it is supported (although
it
>> > doesn't appear that we document that). There's currently an issue with
2.5.x
>> > but that's a development release and the issue is on their side.
>> >
>> > -Paul
>> >
>> > On December 14, 2016 at 11:37:51 AM, Frank Siebenlist
>> > (frank.siebenlist at gmail.com) wrote:
>> >
>> > It's not mentioned in the manual, but I can see people discussing
>> > LibreSSL related patches and such...
>> >
>> > Could you please comment on pyca/cryptography's support for LibreSSL
>> > as a backend?
>> >
>> > Thanks, Frank.
>> > _______________________________________________
>> > Cryptography-dev mailing list
>> > Cryptography-dev at python.org
>> > https://mail.python.org/mailman/listinfo/cryptography-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20161214/93e71cc6/attachment.html>

More information about the Cryptography-dev mailing list