
Happy Bob's Libtls tutorial - petee
https://github.com/bob-beck/libtls/blob/master/TUTORIAL.md
======
tux1968
Was a good tutorial and pretty easy to work though. But it seems LibreSSL
really hasn't taken hold on Linux and so supporting infrastructure isn't in
place. Being able to use this simple API is really enticing, but I'm not sure
it's quite worth swimming against the prevailing currents.

As an aside, while searching around I found this recent in depth talk "State
of LibreSSL and OpenSSL in FreeBSD":

[https://www.youtube.com/watch?v=W0qxHckVA9Y](https://www.youtube.com/watch?v=W0qxHckVA9Y)

~~~
sigjuice
What is the missing Linux infrastructure? The distributions provide no
LibreSSL packages and therefore there are no applications able to use libtls?
Or is there more to it?

~~~
tux1968
Yeah, mostly its that there are no packages, and that it doesn't seem likely
to change. So any fine tuning for things like making sure keys and
certificates are stored & managed per the distribution conventions, protected
by selinux et. al, and all the other housekeeping things, are all left up to
the application rather than getting the benefits of full distro integration.

Edit: Actually since on Linux you still need OpenSSL or a replacement to
handle the actual certificates and keys anyway, maybe my concern in that area
is misplaced.

------
ausjke
libtls looks awesome, going to do the exercises to learn more. thanks for the
posting.

------
bmn__
Where do I get strlcpy.c (referenced from ex0/server.c)?

~~~
tux1968
If you're on Linux and compiling libtls from source[0], that repo will build
an implementation of it at [1]. If your distro supplies a libbsd, you could
also link to it instead of compiling a strlcpy for yourself.

[0] [https://github.com/libressl-
portable/portable](https://github.com/libressl-portable/portable)

[1] libtls-standalone/compat/strlcpy.c

~~~
toctoctoctou
It's actually been added into the tutorial - if you pull it's there.

