Re: TLS 1.3

[Chris via Unbound-users]

Hmmm.... Im getting some compile errors. Im not a pro at this, so maybe 
im doing something dumb..

FreeBSD 11.2 OpenSSL 1.1.1  Unbound 1.8.0   All fresh install
Openssl > ./config  make install   >> No errors

./configure --with-ssl=/usr/local/openssl-1.1.1 --without-pthreads 
--without-solaris-threads

make

./validator/val_secalgo.c:299:8: error: incomplete definition of type 
'struct DSA_SIG_st'
        dsasig->r = R;
        ~~~~~~^
/usr/local/openssl-1.1.1/include/openssl/dsa.h:65:16: note: forward 
declaration of 'struct DSA_SIG_st'
typedef struct DSA_SIG_st DSA_SIG;
               ^
./validator/val_secalgo.c:300:8: error: incomplete definition of type 
'struct DSA_SIG_st'
        dsasig->s = S;
        ~~~~~~^
/usr/local/openssl-1.1.1/include/openssl/dsa.h:65:16: note: forward 
declaration of 'struct DSA_SIG_st'
typedef struct DSA_SIG_st DSA_SIG;
               ^
./validator/val_secalgo.c:443:19: warning: implicit declaration of 
function 'EVP_dss1' is invalid in C99 [-Wimplicit-function-declaration]
                        *digest_type = EVP_dss1();
                                       ^
./validator/val_secalgo.c:443:17: warning: incompatible integer to 
pointer conversion assigning to 'const EVP_MD *' (aka 'const struct 
evp_md_st *') from 'int' [-Wint-conversion]
                        *digest_type = EVP_dss1();
                                     ^ ~~~~~~~~~~
./validator/val_secalgo.c:665:34: error: invalid application of 'sizeof' 
to an incomplete type 'EVP_MD_CTX' (aka 'struct evp_md_ctx_st')
        ctx = (EVP_MD_CTX*)malloc(sizeof(*ctx));
                                        ^~~~~~
/usr/local/openssl-1.1.1/include/openssl/ossl_typ.h:92:16: note: forward 
declaration of 'struct evp_md_ctx_st'
typedef struct evp_md_ctx_st EVP_MD_CTX;
               ^
./validator/val_secalgo.c:681:3: warning: implicit declaration of 
function 'EVP_MD_CTX_cleanup' is invalid in C99 
[-Wimplicit-function-declaration]
                EVP_MD_CTX_cleanup(ctx);
                ^
./validator/val_secalgo.c:695:3: warning: implicit declaration of 
function 'EVP_MD_CTX_cleanup' is invalid in C99 
[-Wimplicit-function-declaration]
                EVP_MD_CTX_cleanup(ctx);
                ^
./validator/val_secalgo.c:726:2: warning: implicit declaration of 
function 'EVP_MD_CTX_cleanup' is invalid in C99 
[-Wimplicit-function-declaration]
        EVP_MD_CTX_cleanup(ctx);

On 9/19/2018 2:05 AM, Chris wrote:
Awesome ! Thank you for a quick response.

 Now I need Cloudflare to support TLS 1.3 RFC Final on its 1.1.1.1 
service :)

https://community.cloudflare.com/t/tls-1-3-1-1-1-1/34571

On 9/19/2018 1:41 AM, Jaap Akkerhuis wrote:

On Sep 19, 2018, at 10:09, Chris via Unbound-users 
<unbound-users@nlnetlabs.nl> wrote:

Does Unbound 1.8.0 support compiling with OpenSSL 1.1.1 to gain TLS 
1.3 support ?
It does on FreeBSD (tested with poudriere).

    jaap