Happy to see you guys working on this. Is there a way to specify that donations should go to the LibreSSL effort rather than to the OpenBSD foundation as a whole?
Common request, but no. First and foremost, the accounting overhead is annoying. If I spend two days at a hackathon working on smp, do I have to charge the hotel to a different account? Can I pretend the libressl work I did for free this week is exchangeable for paid work during a hackathon? It very quickly becomes a mess.
I think you get a pretty decent return on investment even if your dollars support openbsd features you don't use. All of us working on libressl are working in it because we work on openbsd, and we work on openbsd because others have made it a viable platform for us. Basically you may not care about openbsd desktops, but I do, and I'm only working on libressl because of that. Paying me market rates for this work would get a lot less done.
Particular example: libressl exists in part because of previous work done on exploit mitigation. Without that, there'd be no libressl.
Or, to put it another way, if you were to donate to me, I'd probably turn around and forward that money to openbsd foundation anyway.
All that said, you can mention that your donation is for libressl. That doesn't guarantee anything, but I'm sure there are unofficial tallies.
That is a weird request to me. Telling that it should go to the LibreSSL effort is very much like telling OpenBSD developers what they should work on. The way I understood it, most OpenBSD developers are not for hire, not in a manner like this anyhow. These people work on the things they want to work on, and they share the result of their work as a gift to the world. Donations are a gift in return, and the funding enables them to hack more (i.e. hackathons, hardware for developers who need it, infra, etc.) and to share the result with the rest of us (servers & infra).
Can you imagine someone saying "I want to give you this gift but only if you focus on thing X (which I care about) and not on things Y and Z (which you care about)"?
Keep in mind that the BSDs strive to be a complete, integrated operating system. While some devs focus on small parts of the tree, many or most work on the larger whole. Improvements to specific parts are a part of improvements to the whole. Working on LibreSSL is a byproduct or part of working on OpenBSD.
Can you buy a faster server and more bandwidth to serve this one subdirectory in your project? But don't spend that money on anything else?
EDIT: Having said that, developers are and have been funded to work on specific things.. IIRC the kms work was sponsored, and gilles works on smtpd as a part of his job. But I think it would be kind of rude to disregard the effort the core OpenBSD devs have spent on LibreSSL and only donate if you can give that money to one or two paid developers. Look at it this way: Theo works on many many parts of the system. So does Miod. And so does Bob. As do many other developers who commit changes to LibreSSL. They're in it for OpenBSD. Can you tell them to forget OpenBSD and do LibreSSL for you?
EDIT: Or how about this? Sorry guys, this hackathon we're allowed to touch libssl only. Why? Because some people "donated" for us to work on LibreSSL and LibreSSL only. I don't think it can go like that. It becames work for money. Work on specific things people pay you to work on. Work for people who are voluntarily working on OpenBSD. I doubt many OpenBSD developers would attend such a hackathon.
It's simple: I have no current use for OpenBSD but I would use LibreSSL and I know a ton of other people in exactly the same boat. So I'd like my contributions to go where they make the most effect for me.
I kind of understand what you want but right now you have to acknowledge the reality that LibreSSL is a part of OpenBSD, its core developers are core OpenBSD developers, its source resides in the OpenBSD source tree, you get it from the servers that serve you OpenBSD. One is a part of the other. You can't really point at a fraction of the electricity bill and say that is for libssl. Likewise you can't say that a developer's laptop must only be used for working on libssl. And you can't say $5 (or whatever you donated) worth of an OpenBSD developer's time must go towards libssl and not something else. You may find that with no OpenBSD, there would be no security-minded OpenBSD developers to work on /usr/src/lib/libssl.
If you want to deny the project its money and only contribute to a part of it, the only way I can see that happening right now is that you hire a developer to work on the part you want.
Also, don't forget that developing software on OpenBSD is likely to make that software better (there are features that make OpenBSD a good development platform; and the fact that code is tested on many different hardware platforms helps). So while you might not be using OpenBSD, chances are the system is affecting you positively nevertheless. I'd also encourage you to look at how many other projects use code from OpenBSD. Do you use Android per chance?
The point is that as far as the OpenBSD project is concerned, LibreSSL isn't a thing on its own. It's just another component of OpenBSD. It's not even supposed to be portable across operating systems - making it so will likely be a separate project, essentially a fork, as it is with OpenSSH.
Can you imagine someone saying "I want to give you this gift but only if you focus on thing X (which I care about) and not on things Y and Z (which you care about)"?
Yes. One the one side you have a group called 'employers'. On the other side you have a group called 'contractors'. Contractors are free to work on whatever they feel like, but if they also want money, they should probably do some work for employers from time to time.
It's hardly rude to say "I value this, here is some money to help this along". If the devs see that plenty of people are giving money to 'this', then if they don't work on it, that channel will dry up. Donations aren't a gift like a christmas present, which you get to use on whatever you want. Donations are an enabling device usually intended for a particular cause. They don't mean you get to dictate the actions of the staff, but at the same time, the staff shouldn't be taking donations for work they don't care to do.
