Compatibility with OpenSSL:
LibreSSL is API compatible with OpenSSL 1.0.1, but does not yet include all new APIs from OpenSSL 1.0.2 and later. LibreSSL also includes APIs not yet present in OpenSSL. The current common API subset is OpenSSL 1.0.1.
LibreSSL is not ABI compatible with any release of OpenSSL, or necessarily earlier releases of LibreSSL. You will need to relink your programs to LibreSSL in order to use it, just as in moving between major versions of OpenSSL. LibreSSL's installed library version numbers are incremented to account for ABI and API changes.
Compatibility with other operating systems:
While primarily developed on and taking advantage of APIs available on OpenBSD, the LibreSSL portable project attempts to provide working alternatives for other operating systems, and assists with improving OS-native implementations where possible.
At the time of this writing, LibreSSL is know to build and work on:
- Linux (kernel 3.17 or later recommended)
- FreeBSD (tested with 9.2 and later)
- NetBSD (7.0 or later recommended)
- HP-UX (11i)
- Solaris (11 and later preferred)
- Mac OS X (tested with 10.8 and later)
- AIX (5.3 and later)
LibreSSL also supports the following Windows environments:
- Microsoft Windows (Vista or higher, x86 and x64)
- Wine (32-bit and 64-bit)
- Builds with Mingw-w64, Cygwin, and Visual Studio
The LibreSSL portable build framework is also mirrored in Github.
Severe vulnerabilities or bugs requiring coordination with OpenSSL can be sent to the core team at firstname.lastname@example.org.
Prerequisites when building from a Git checkout
If you have checked this source using Git, or have downloaded a source tarball from Github, follow these initial steps to prepare the source tree for building. Note: Your build will fail if you do not follow these instructions! If you cannot follow these instructions (e.g. Windows system using CMake) or cannot meet these prerequistes, please download an official release distribution from https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/ instead. Using official releases is strongly advised if you are not a developer.
- Ensure you have the following packages installed: automake, autoconf, git, libtool, perl
- Run './autogen.sh' to prepare the source tree for building or run './dist.sh' to prepare a tarball.
Steps that apply to all builds
Once you have a source tree, either by downloaded using git and having run the autogen.sh script above, or by downloading a release distribution from an OpenBSD mirror, run these commands to build and install the package on most systems:
./configure # see ./configure --help for configuration options make check # runs builtin unit tests make install # set DESTDIR= to install to an alternate location
If you wish to use the CMake build system, use these commands:
mkdir build cd build cmake .. make make test
For faster builds, you can use Ninja as well:
mkdir build-ninja cd build-ninja cmake -G"Ninja" .. ninja ninja test
OS specific build information:
Set the UNIX_STD environment variable to '2003' before running 'configure' in order to build with the HP C/aC++ compiler. See the "standards(5)" man page for more details.
export UNIX_STD=2003 ./configure make
Windows - Mingw-w64
LibreSSL builds against relatively recent versions of Mingw-w64, not to be confused with the original mingw.org project. Mingw-w64 3.2 or later should work. See README.windows for more information
Windows - Visual Studio
LibreSSL builds using the CMake target "Visual Studio 12 2013" and newer. To generate a Visual Studio project, install CMake, enter the LibreSSL source directory and run:
mkdir build-vs2013 cd build-vs2013 cmake -G"Visual Studio 12 2013" ..
Replace "Visual Studion 12 2013" with whatever version of Visual Studio you have installed. This will generate a LibreSSL.sln file that you can incorporate into other projects or build by itself.
Cmake - Additional Options
|LIBRESSL_SKIP_INSTALL||OFF||allows skipping install() rules. Can be specified from command line using
|LIBRESSL_APPS||ON||allows skipping application builds. Apps are required to run tests|
|LIBRESSL_TESTS||ON||allows skipping of tests. Tests are only available in static builds|
|BUILD_SHARED_LIBS||OFF||CMake option for building shared libraries.|
|ENABLE_ASM||ON||builds assembly optimized rules.|
|ENABLE_EXTRATESTS||OFF||Enable extra tests that may be unreliable on some platforms|
|ENABLE_NC||OFF||Enable installing TLS-enabled nc(1)|
|OPENSSLDIR||Blank||Set the default openssl directory. Can be specified from command line using