curl / Mailing Lists / curl-users / Single Mail


Re: LibreSSL support

From: Jan Stary <>
Date: Mon, 17 Sep 2018 15:11:21 +0200

On Sep 13 13:46:55, wrote:
> On Thu, 13 Sep 2018, Jan Stary wrote:
> > what is state of curl's LibreSSL support? The comparison page
> > does not even mention
> > LibreSSL.
> Check again. It says:
> [1] = Mostly the same feature set is also provided by LibreSSL and BoringSSL

Sorry, I missed that.

The statement is a bit misleading though, right?
For instance, LibreSSL deliberately dropped SSLv2 and SSLv3.

> > For instance, the MacPort of curl
> > uses a
> > patch (mostly dancing with LIBRESSL_VERSION_NUMBER and OPENSSL_VERSION)
> > to make curl compile on MacOS.
> Curious. We have a travis job that makes sure that *every single merge* we
> do also build and test fine with libressl. On mac even.

Yes. The current git builds without problems on 10.13.6,
using /usr/lib/libssl.dylib, which is LibreSSL's libssl.35.dylib.

The reason the MacPort needs the patch is probably that MacPorts
uses the old LibreSSL 2.5.5, when a patch like this was still needed.

> Nobody has presented any patch to us to improve our libressl support. I have
> not seen that patch before. It looks like it corrects the libressl version
> number, not actually fixing a build problem?

Does curl make decisions in the code
based on the SSL implementation version?
Or does this merely display the version?

> > Similarly for OpenBSD,
> >
> I must be blind. I see no libressl patch there?


Received on 2018-09-17