Sorry about the previous posting. Resubmitting
without HTML.
The only reference to this call is in
fips_rand.c and as I said it is in all lower case. The third parameter
appears to be the key size which can be 16, 24 or 32.
Has anyone successfully compiled stunnel
against openssl fips 1.2???
-----------------------------------------------------------------
DAVID BLAINE, GCIA , CISSP
GDLS-C Lead Information Risk Manager (LIRM)
CSC
This is a PRIVATE message. If you are not the intended recipient, please
delete without copying and kindly advise us by e-mail of the mistake in
delivery.
NOTE: Regardless of content, this e-mail shall not operate to bind CSC
to any order or other contract unless pursuant to explicit written agreement
or government initiative expressly permitting the use of e-mail for such
purpose.
removed the call entirely? that may not have been
what you wanted to do. sounds like you may have been using the .h
files from the wrong version?
On Mon, Mar 9, 2009 at 12:54 PM, David W Blaine <dblaine2@csc.com>
wrote:
Hi all,
When I compile against OpenSSL 0.9.8j
+ OpenSSL-FIPS-1.2 module on Centos 4.7, I get an error in client.c:
client.o(.text+0x1dd): In function `init_ssl':
/tmp/stunnel-4.27/src/client.c:333:
undefined reference to `FIPS_set_prng_key'
collect2: ld returned 1 exit status
make[1]: *** [stunnel] Error 1
make[1]: Leaving directory `/tmp/stunnel-4.27/src'
make: *** [all-recursive] Error 1
It seems this call is related to a bug
in OpenSSL-FIPS-1.1.1 module according to the comments.
Checking the references in the includes
for both OpenSSL 0.9.8j and OpenSSL-FIPS-1.2, I found that the call should
be "fips_set_prng_key" with 3 arguments (the above requires only
2).
So based on the comments, I removed
it and I was able to successfully compile and install. Not sure if that
is the right thing to do???