Author Topic: [Request for Testing] OPNsense LibreSSL flavour (Read 88054 times)

franco · « **Reply #30 on:** March 30, 2015, 05:59:27 pm »

All packages for 15.1.8.3-LibreSSL are up.

weust · « **Reply #31 on:** March 30, 2015, 07:29:39 pm »

Thanks!

franco · « **Reply #32 on:** April 10, 2015, 09:25:41 pm »

15.1.9_LibreSSL updates and images are up: https://pkg.opnsense.org/snapshots/

Disclaimer: still experimental; yadda, yadda; please also read the 15.1.9 announcement... https://forum.opnsense.org/index.php?topic=306.0

Have fun. Report back.

weust · « **Reply #33 on:** April 11, 2015, 12:24:03 am »

As I said on IRC, update through console went without a problem.

mitsos · « **Reply #34 on:** April 12, 2015, 02:11:44 am »

Been testing the past couple of libressl versions and I can't find anything to be broken. What's the actual holdup for shifting over to it? Any programs that depend on openssl and need patches to work?

franco · « **Reply #35 on:** April 12, 2015, 09:12:32 am »

Demetris,

The FreeBSD ports tree still isn't ready by default (Python 2.7 is missing LibreSSL build support). I have some patches to push upstream as well, and Bernard and others are doing a lot more work behind the scenes. See:

http://www.bsdnow.tv/episodes/2015_03_25-ssl_in_the_wild (the interview bits with Bernard Spil)

There is the question of hardware acceleration which isn't in LibreSSL as far as I heard, but I need to check back with LibreSSL devs to be sure or hear their plans.

What we are most likely going to do is release both versions officially in the future as soon as we have automated build infrastructure up and running (building 2 versions in parallel was tricky, building 4 is impossible from this laptop). Donations and help are welcome in that regard. This will most likely materialise for 15.7.

In any case, LibreSSL builds are becoming more frequent with images and timely updates and we want to keep this up.

chol · « **Reply #36 on:** May 25, 2015, 10:13:48 pm »

My install of 15.1.9-LibreSSL went seamlessly and the console upgrade to latest 15.1.11.1 went through without any hassle. [amd64, SSD, 3NIC em(4), ath(4)]

So far all seems to run proper.

franco · « **Reply #37 on:** June 17, 2015, 03:38:33 pm »

Maybe one last bump for this thread.

It looks like upgrading from as far back as 15.1.9 works seamlessly, but the snapshots are getting pretty old. Since all of this ran smoothly up until now, there will be official 15.7 images based on LibreSSL. You guys deserve it. <3

For completeness (and because pkgng isn't quite ready yet to move from OpenSSL to LibreSSL as more testing has revealed) here's how to acquire a fresh and current LibreSSL install:

1. Go to the snapshots and install on the target system: https://pkg.opnsense.org/snapshots/15.1.9_LibreSSL/

2. On the console trigger Option 12 to bring your system up to speed.

3. Enjoy.

Author Topic: [Request for Testing] OPNsense LibreSSL flavour (Read 88054 times)

franco

Re: [Request for Testing] 15.1.6.1 with LibreSSL

weust

Re: [Request for Testing] 15.1.6.1 with LibreSSL

franco

Re: [Request for Testing] OPNsense LibreSSL flavour

weust

Re: [Request for Testing] OPNsense LibreSSL flavour

mitsos

Re: [Request for Testing] OPNsense LibreSSL flavour

franco

Re: [Request for Testing] OPNsense LibreSSL flavour

chol

Re: [Request for Testing] OPNsense LibreSSL flavour

franco

Re: [Request for Testing] OPNsense LibreSSL flavour