security/bearssl - The NetBSD Packages Collection

Implementation of the SSL/TLS protocol (RFC 5246)

BearSSL is an implementation of the SSL/TLS protocol (RFC 5246)
written in C. It aims at offering the following features:

* Be correct and secure. In particular, insecure protocol versions
  and choices of algorithms are not supported, by design;
  cryptographic algorithm implementations are constant-time by
  default.

* Be small, both in RAM and code footprint. For instance, a minimal
  server implementation may fit in about 20 kilobytes of compiled
  code and 25 kilobytes of RAM.

* Be highly portable. BearSSL targets not only "big" operating
  systems like Linux and Windows, but also small embedded systems
  and even special contexts like bootstrap code.

* Be feature-rich and extensible. SSL/TLS has many defined cipher
  suites and extensions; BearSSL should implement most of them,
  and allow extra algorithm implementations to be added afterwards,
  possibly from third parties.

bearssl is considered alpha-quality software, which means that it
runs but it probably has bugs, some of which being certainly
exploitable vulnerabilities.

Build dependencies

pkgtools/mktools pkgtools/cwrappers

Runtime dependencies

(none)

Binary packages

OSArchitectureVersion
NetBSD 10.0aarch64bearssl-0.6nb1.tgz
NetBSD 10.0aarch64bearssl-0.6nb1.tgz
NetBSD 10.0aarch64bearssl-0.6nb1.tgz
NetBSD 10.0aarch64ebbearssl-0.6nb1.tgz
NetBSD 10.0aarch64ebbearssl-0.6nb1.tgz
NetBSD 10.0alphabearssl-0.6nb1.tgz
NetBSD 10.0alphabearssl-0.6nb1.tgz
NetBSD 10.0earmv4bearssl-0.6nb1.tgz
NetBSD 10.0earmv4bearssl-0.6nb1.tgz
NetBSD 10.0earmv6hfbearssl-0.6nb1.tgz
NetBSD 10.0earmv6hfbearssl-0.6nb1.tgz
NetBSD 10.0earmv6hfbearssl-0.6nb1.tgz
NetBSD 10.0earmv7hfbearssl-0.6nb1.tgz
NetBSD 10.0earmv7hfbearssl-0.6nb1.tgz
NetBSD 10.0earmv7hfbearssl-0.6nb1.tgz
NetBSD 10.0i386bearssl-0.6nb1.tgz
NetBSD 10.0i386bearssl-0.6nb1.tgz
NetBSD 10.0i386bearssl-0.6nb1.tgz
NetBSD 10.0i386bearssl-0.6nb1.tgz
NetBSD 10.0m68kbearssl-0.6nb1.tgz
NetBSD 10.0mips64ebbearssl-0.6nb1.tgz
NetBSD 10.0mips64ebbearssl-0.6nb1.tgz
NetBSD 10.0powerpcbearssl-0.6nb1.tgz
NetBSD 10.0powerpcbearssl-0.6nb1.tgz
NetBSD 10.0powerpcbearssl-0.6nb1.tgz
NetBSD 10.0sh3elbearssl-0.6nb1.tgz
NetBSD 10.0sh3elbearssl-0.6nb1.tgz
NetBSD 10.0sparc64bearssl-0.6nb1.tgz
NetBSD 10.0sparc64bearssl-0.6nb1.tgz
NetBSD 10.0sparcbearssl-0.6nb1.tgz
NetBSD 10.0sparcbearssl-0.6nb1.tgz
NetBSD 10.0vaxbearssl-0.6nb1.tgz
NetBSD 10.0vaxbearssl-0.6nb1.tgz
NetBSD 10.0vaxbearssl-0.6nb1.tgz
NetBSD 10.0x86_64bearssl-0.6nb1.tgz
NetBSD 10.0x86_64bearssl-0.6nb1.tgz
NetBSD 10.0x86_64bearssl-0.6nb1.tgz
NetBSD 10.0x86_64bearssl-0.6nb1.tgz
NetBSD 9.0aarch64bearssl-0.6nb1.tgz
NetBSD 9.0aarch64bearssl-0.6nb1.tgz
NetBSD 9.0aarch64bearssl-0.6nb1.tgz
NetBSD 9.0alphabearssl-0.6nb1.tgz
NetBSD 9.0alphabearssl-0.6nb1.tgz
NetBSD 9.0earmv4bearssl-0.6nb1.tgz
NetBSD 9.0earmv4bearssl-0.6nb1.tgz
NetBSD 9.0earmv6hfbearssl-0.6nb1.tgz
NetBSD 9.0earmv6hfbearssl-0.6nb1.tgz
NetBSD 9.0earmv6hfbearssl-0.6nb1.tgz
NetBSD 9.0earmv7hfbearssl-0.6nb1.tgz
NetBSD 9.0earmv7hfbearssl-0.6nb1.tgz
NetBSD 9.0earmv7hfbearssl-0.6nb1.tgz
NetBSD 9.0i386bearssl-0.6nb1.tgz
NetBSD 9.0i386bearssl-0.6nb1.tgz
NetBSD 9.0i386bearssl-0.6nb1.tgz
NetBSD 9.0i386bearssl-0.6nb1.tgz
NetBSD 9.0m68kbearssl-0.6nb1.tgz
NetBSD 9.0m68kbearssl-0.6nb1.tgz
NetBSD 9.0powerpcbearssl-0.6nb1.tgz
NetBSD 9.0powerpcbearssl-0.6nb1.tgz
NetBSD 9.0powerpcbearssl-0.6nb1.tgz
NetBSD 9.0sparc64bearssl-0.6nb1.tgz
NetBSD 9.0x86_64bearssl-0.6nb1.tgz
NetBSD 9.0x86_64bearssl-0.6nb1.tgz
NetBSD 9.0x86_64bearssl-0.6nb1.tgz
NetBSD 9.0x86_64bearssl-0.6nb1.tgz
NetBSD 9.3x86_64bearssl-0.6nb1.tgz
NetBSD 9.3x86_64bearssl-0.6nb1.tgz

Binary packages can be installed with the high-level tool pkgin (which can be installed with pkg_add) or pkg_add(1) (installed by default). The NetBSD packages collection is also designed to permit easy installation from source.

Available build options

(none)

Known vulnerabilities

The pkg_admin audit command locates any installed package which has been mentioned in security advisories as having vulnerabilities.

Please note the vulnerabilities database might not be fully accurate, and not every bug is exploitable with every configuration.


Problem reports, updates or suggestions for this package should be reported with send-pr.