Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL
On Sun, Jul 13, 2014 at 08:17:51AM +0200, Matthias Urlichs wrote:
> Thomas Goirand:
> > Well, I don't agree with this view. If LibreSSL pretends to be a
> > replacement for OpenSSL, then they should care about being ABI
> > compatible, so we can easily switch from one implementation to the
> > other.
> That depends. If the ABI in question includes calls or constants which are
> the security equivalent of gets() or scanf("%s") or …, then no.
> > As Kurt wrote, GNUTLS becomes a better alternative then.
> Does gnutls have an openssl shim which actually works as a generic
> replacement? I dimly recall a couple of not-so-nice incompatibilities …
> > Therefore, I'd very much prefer if we used OpenSSL *or* LibreSSL, but not
> > have the choice between the 2, otherwise, that's a recipe for disaster.
> Well …
> > Please don't upload LibreSSL to Sid *ever*, unless we collectively
> > decide that we are switching away from OpenSSL (and for which a
> > discussion would have to start).
> … while IMHO it's possible to safely mix openssl and libressl if we prepare
> for that (i.e. make sure that _everything_ in libressl is only exported
> with properly versioned symbols)
Contrary to what you seem to believe, this only really works if *both*
libraries have versioned symbols. Otherwise, you can end up with
libraries linked against the unversioned one using symbols from the
versioned one at run time when both are loaded in the same address