1.8.1 + Openssl-1.1.1

Chris1 · October 14, 2018, 4:07am

FreeBSD 12 Alpha 9 has Openssl 1.1.1 as default. BUT. I cant really test it because pkg is broken and various other things are broken in this alpha. Unbound when installed during FreeBSD install appears to be running but does not function doing rDNS after install without further config.

Just a quick note that you still cant compile Unbound 1.8.1 with openssl 1.1.1 on FreeBSD 11.2 p4

FreeBSD 11.2 p4

./configure --without-pthreads --without-solaris-threads --with-ssl=/usr/local/openssl-1.1.1/

make

./validator/val_secalgo.c:329:8: error: incomplete definition of type 'struct DSA_SIG_st'
dsasig->r = R;
~~~~~~^
/usr/local/openssl-1.1.1//include/openssl/dsa.h:65:16: note: forward declaration of 'struct DSA_SIG_st'
typedef struct DSA_SIG_st DSA_SIG;
^
./validator/val_secalgo.c:330:8: error: incomplete definition of type 'struct DSA_SIG_st'
dsasig->s = S;
~~~~~~^
/usr/local/openssl-1.1.1//include/openssl/dsa.h:65:16: note: forward declaration of 'struct DSA_SIG_st'
typedef struct DSA_SIG_st DSA_SIG;
^
./validator/val_secalgo.c:473:19: warning: implicit declaration of function 'EVP_dss1' is invalid in C99 [-Wimplicit-function-declaration]
*digest_type = EVP_dss1();
^
./validator/val_secalgo.c:473:17: warning: incompatible integer to pointer conversion assigning to 'const EVP_MD *' (aka 'const struct evp_md_st *') from 'int'
[-Wint-conversion]
*digest_type = EVP_dss1();
^ ~~~~~~~~~~
./validator/val_secalgo.c:695:34: error: invalid application of 'sizeof' to an incomplete type 'EVP_MD_CTX' (aka 'struct evp_md_ctx_st')
ctx = (EVP_MD_CTX*)malloc(sizeof(*ctx));
^~~~~~
/usr/local/openssl-1.1.1//include/openssl/ossl_typ.h:92:16: note: forward declaration of 'struct evp_md_ctx_st'
typedef struct evp_md_ctx_st EVP_MD_CTX;
^
./validator/val_secalgo.c:711:3: warning: implicit declaration of function 'EVP_MD_CTX_cleanup' is invalid in C99 [-Wimplicit-function-declaration]
EVP_MD_CTX_cleanup(ctx);
^
./validator/val_secalgo.c:725:3: warning: implicit declaration of function 'EVP_MD_CTX_cleanup' is invalid in C99 [-Wimplicit-function-declaration]
EVP_MD_CTX_cleanup(ctx);
^
./validator/val_secalgo.c:756:2: warning: implicit declaration of function 'EVP_MD_CTX_cleanup' is invalid in C99 [-Wimplicit-function-declaration]
EVP_MD_CTX_cleanup(ctx);
^
5 warnings and 3 errors generated.
*** Error code 1

Jaap · October 14, 2018, 5:54am

Chris via Unbound-users writes:

> FreeBSD 12 Alpha 9 has Openssl 1.1.1 as default. BUT. I cant really
> test it because pkg is broken and various other things are broken in
> this alpha. Unbound when installed during FreeBSD install appears to be
> running but does not function doing rDNS after install without further
> config.
>
> Just a quick note that you still cant compile Unbound 1.8.1 with openssl
> 1.1.1 on FreeBSD 11.2 p4

Since the release of openssl 1.1.1 compilation of unbound has been
routinely tested with that on 11.2 STABLE using the "security/openssl111"
port. Only varey recently the default changed for the upcoming
release Whenever the dust settes on that I;ll adjust the port
accordingly.

Regards,

jaap

Jaap · October 14, 2018, 8:11am

Jaap Akkerhuis via Unbound-users writes:

> Chris via Unbound-users writes:
>
> > FreeBSD 12 Alpha 9 has Openssl 1.1.1 as default. BUT. I cant really
> > test it because pkg is broken and various other things are broken in
> > this alpha. Unbound when installed during FreeBSD install appears to be
> > running but does not function doing rDNS after install without further
> > config.
> >
> > Just a quick note that you still cant compile Unbound 1.8.1 with openssl
> > 1.1.1 on FreeBSD 11.2 p4
>
> Since the release of openssl 1.1.1 compilation of unbound has been
> routinely tested with that on 11.2 STABLE using the "security/openssl111"
> port.

I just tried to build it in a fresh ALPHA9 jail. Unbound (and 19
other depedencies including pkg) builds fine.

jaap