README(7)           Miscellaneous Information Manual          README(7)

NAME
       LibreTLS — libtls for OpenSSL

DESCRIPTION
       LibreTLS  is a port of libtls from LibreSSL to OpenSSL.  libtls:
       https://man.openbsd.org/tls_init.3  is  “a  new   TLS   library,
       designed to make it easier to write foolproof applications”.

       libtls provides an excellent new API, but LibreSSL can be diffi‐
       cult  to install on systems which already use OpenSSL.  LibreTLS
       aims to make the libtls API more easily and widely available.

   Releases
       LibreTLS       is       based       on        LibreSSL-portable:
       https://www.libressl.org/releases.html  sources.   LibreTLS  re‐
       leases track LibreSSL releases, starting with version 3.2.0.  If
       patches must be released between LibreSSL releases,  the  letter
       ‘p’  followed  by  an  increasing  digit starting from 1 will be
       added to the version number.

       LibreTLS     release     tarballs     are     available     from
       https://causal.agency/libretls/.

   Compatibility
       The  libtls  provided  by  LibreTLS  is  ABI-compatible with the
       libtls provided by the corresponding LibreSSL release.

       The behaviour of LibreTLS and LibreSSL differs in how  the  root
       certificates  are  loaded by default.  LibreSSL uses a hardcoded
       path to a CA bundle file, while LibreTLS uses the default CA lo‐
       cations of OpenSSL, which may include a CA  directory.   To  re‐
       store  the behaviour of LibreSSL, call tls_config_set_ca_file(3)
       with the  path  returned  by  tls_default_ca_cert_file(3).   All
       other behaviour should be identical.

       LibreTLS  targets  the  OpenSSL  1.1.1  series.  Due to a bug in
       OpenSSL, only versions 1.1.1b  and  newer  are  known  to  work.
       LibreTLS is compatible with OpenSSL 3.0.0 but hasn't been ported
       away from deprecated APIs.

   Platform Support
       LibreTLS should work on the same platforms as LibreSSL-portable:
       https://www.libressl.org/releases.html,  though  it has not been
       thoroughly tested on platforms other than Linux, FreeBSD and ma‐
       cOS.

   License
       libtls consists of all new code developed as part of OpenBSD un‐
       der           OpenBSD's            preferred            license:
       https://www.openbsd.org/policy.html of ISC.  Some compat sources
       are under the 3-clause BSD license or the MIT license.

       LibreTLS  is not encumbered by the dual-licensing of OpenSSL un‐
       der both the OpenSSL license and the  original  SSLeay  license,
       which  are  incompatible  with  the  GNU General Public License.
       When OpenSSL 3.0 is released under the Apache 2.0 license, soft‐
       ware under the GPLv3 will be able to link against  LibreTLS  and
       OpenSSL without additional permissions.

INSTALLING
       To install from a release tarball, run the following:

             ./configure
             make all
             make install

       To  install  from a git checkout, autoconf, automake and libtool
       are required.  Run the  following  before  continuing  with  the
       steps above:

             autoreconf -fi

AUTHORS
       LibreTLS is maintained by June McEnroe <june@causal.agency>.

       LibreSSL     is    developed    by    The    OpenBSD    project:
       https://www.openbsd.org.

Causal Agency              February 27, 2022                  README(7)
