LibreSSL version 3.9.2 released https://www.undeadly.org/cgi?action=article;sid=20240512115958 #openbsd #libressl #tls #ssl #security #cryptograpby #crypto
I've submitted a PR to update MacPorts' Got to the -portable 0.99 here:
https://github.com/macports/macports-ports/pull/23847
Good news: It is passing the GitHub Actions CI!
Annoying news: if you, like me, are using LibreSSL, then you should remove the following line from the Portfile:
port:libretls
I'm pretty sure there is a smarter way to do this, but I was floundering quite a bit with failed attempts for got-portable0.98.2 and you can read those in the comment I added to the Portfile which has the Trac ticket in which I was attempting to sort that stuff out.
For the time being, I figured I would rather submit a PR which is more likely to get merged since it is happy with MacPorts' other CI checks, than continue to rack my brains for a "perfect" solution.
#MacPorts #Got #GameOfTrees #OpenSource #VersionControl #Git #TLS #LibreSSL #OpenSSL #LibreTLS #MaintainerFeelinLikeAMoron
Well, I wanted to test #FreeBSD #PowerShell for my usecase (which I *guess* I have, still not entirely sure), but ... I thought now that the port works, let's first rebase #ports (on main).
BAAAD idea. Not only did some change force my #poudriere to rebuild more or less *everything*, I also had fallout to fix from new #LibreSSL incompatibilities and some strange build error with #llvm-17.
Right now STILL waiting for the build of #chromium to finish.
Ok, testing PowerShell: tomorrow. 🙄
Goal: Get some #letsencrypt certificate obtained with #uacme deployed on some #Windows box
Step 1: Ok, this probably works best with #Powershell (which I don't really like ...)
Step 2: There's no #FreeBSD port ... but hey, there's now a FreeBSD port of #dotnet, let's try to "just" build Powershell using that.
Step 3: Hell why does it fail to build. Oh, System.Security.Cryptography.Native doesn't play well with #LibreSSL
Patch and retry, I guess I'll take some sleep now first. Bah!
(there's some irony in running into OpenSSL/LibreSSL issues when trying to deploy TLS certificates ...)
@TomAoki @peteorrall @hl @xdydx I'm surprised ... I didn't expect this to come up in the "enterprise" realm, "just" using kerberized #NFSv4 instead should be pretty fine there and it's probably more the #soho environment that will profit most from some up-to-date #smb client in #FreeBSD 😎 ... but would certainly be very nice to get that!
Also interesting they finally want to move to #MIT #krb5 in base. I'll probably continue to build it from ports, so I can use #LibreSSL instead of #OpenSSL, but still nice, as I found you're e.g. forced to use base #kerberos with the NFS client.
@TomAoki @peteorrall @hl @xdydx I'm surprised ... I didn't expect this to come up in the "enterprise" realm, "just" using kerberized #NFSv4 instead should be pretty fine there and it's probably more the #soho environment that will profit most from some up-to-date #smb client in #FreeBSD 😎 ... but would certainly be very nice to get that!
Also interesting they finally want to move to #MIT #krb5 in base. I'll probably continue to build it from ports, so I can use #LibreSSL instead of #OpenSSL, but still nice, as I found you're e.g. forced to use base #kerberos with the NFS client.
