OpenBSD Journal

Fri, 18 Apr 2014 15:28:55 GMT
After the news of heartbleed broke early last week, the OpenBSD team dove in and started axing it up into shape. Leading this effort are Ted Unangst (tedu@) and Miod Vallat (miod@), who are head-to-head on a pure commit count basis with both having around 50 commits in this part of the tree in the week since Ted's first commit in this area. They are followed closely by Joel Sing (jsing@) who is systematically going through every nook and cranny and applying some basic KNF. Next in line are Theo de Raadt (deraadt@) and Bob Beck (beck@) who've been both doing a lot of cleanup, ripping out weird layers of abstraction for standard system or library calls. Then Jonathan Grey (jsg@) and Reyk Flter (reyk@) come next, followed by a group of late starters. Also, an honorable mention for Christian Weisgerber (naddy@), who has been fixing issues in ports related to this work. All combined, there've been over 250 commits cleaning up OpenSSL. In one week. Some of these are simple or small changes, while other commits carry more weight. Of course, occasionally mistakes get made but these are also quickly fixed again, but the general direction is clear: move the tree forward towards a better, more readable, less buggy crypto library.
Thu, 17 Apr 2014 17:52:43 GMT
As is their wont, a number of developers have congregated for another hackathon, this time in sunny Morocco. You can, of course, follow the commits on source-changes, but the war cries that lead us down the road to Valhalla are being collected for your inspiration and amusement at OpenSSL Valhalla Rampage. As always, it is your donations that make it possible for our berserkers to greet the Valkyries!
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } The denizens of lobste.rs (and no doubt you, eagle-eyed reader!) have made note of the ongoing rototilling of the OpenSSL code in OpenBSD, and Joshua Stein (jcs@) has chimed in with a quick breakdown of the action thus far: Changes so far to OpenSSL 1.0.1g since the 11th include: Splitting up libcrypto and libssl build directories Fixing a use-after-free bug Removal of ancient MacOS, Netware, OS/2, VMS and Windows build junk Removal of “bugs” directory, benchmarks, INSTALL files, and shared library goo for lame platforms Removal of most (all?) backend engines, some of which didn’t even have appropriate licensing Ripping out some windows-specific cruft Removal of various wrappers for things like sockets, snprintf, opendir, etc. to actually expose real return values KNF of most C files Removal of weak entropy additions Removal of all heartbeat functionality which resulted in Heartbleed To clarify, not all of the cryptographic engines were removed; the padlock and aesni engines are still in place. As always, it's heartening to see a concentrated effort on such a critical software component.
Thu, 10 Apr 2014 19:38:08 GMT
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Bob Beck (beck@) writes in to tell us that the OpenBSD Foundation 2014 fundrasing campaign has reached its goals: The OpenBSD Foundation is happy to report that the $150,000 goal of the 2014 fundraising campaign has been reached. We wish to thank our contributors large and small. We will continue our fundraising efforts both in the current year and next year. Read more...