[stunnel-users] Stunnel 4.26 compile issue against openssl 0.9.8j + openssl-fips-1.2
David W Blaine
dblaine2 at csc.com
Tue Mar 10 11:58:38 CET 2009
Hi list,
Sorry about the previous posting. Resubmitting without HTML.
The only reference to this call is in fips_rand.c and as I said it is in
all lower case. The third parameter appears to be the key size which can
be 16, 24 or 32.
Has anyone successfully compiled stunnel against openssl fips 1.2???
-----------------------------------------------------------------
DAVID BLAINE, GCIA , CISSP
GDLS-C Lead Information Risk Manager (LIRM)
CSC
6000 E. 17 Mile Rd. Sterling Heights MI 48313
GIS | o: 586.825.7650 | c: 810.217.8041 | f: 586.825.8606 |
dblaine2 at csc.com | www.csc.com
This is a PRIVATE message. If you are not the intended recipient, please
delete without copying and kindly advise us by e-mail of the mistake in
delivery.
NOTE: Regardless of content, this e-mail shall not operate to bind CSC to
any order or other contract unless pursuant to explicit written agreement
or government initiative expressly permitting the use of e-mail for such
purpose.
"C.J. Adams-Collier" <cjac at colliertech.org>
03/09/2009 06:28 PM
To
David W Blaine/GIS/CSC at CSC
cc
stunnel-users at mirt.net
Subject
Re: [stunnel-users] Stunnel 4.26 compile issue against openssl 0.9.8j +
openssl-fips-1.2
removed the call entirely? that may not have been what you wanted to do.
sounds like you may have been using the .h files from the wrong version?
On Mon, Mar 9, 2009 at 12:54 PM, David W Blaine <dblaine2 at csc.com> wrote:
Hi all,
When I compile against OpenSSL 0.9.8j + OpenSSL-FIPS-1.2 module on Centos
4.7, I get an error in client.c:
client.o(.text+0x1dd): In function `init_ssl':
/tmp/stunnel-4.27/src/client.c:333: undefined reference to
`FIPS_set_prng_key'
collect2: ld returned 1 exit status
make[1]: *** [stunnel] Error 1
make[1]: Leaving directory `/tmp/stunnel-4.27/src'
make: *** [all-recursive] Error 1
It seems this call is related to a bug in OpenSSL-FIPS-1.1.1 module
according to the comments.
Checking the references in the includes for both OpenSSL 0.9.8j and
OpenSSL-FIPS-1.2, I found that the call should be "fips_set_prng_key" with
3 arguments (the above requires only 2).
So based on the comments, I removed it and I was able to successfully
compile and install. Not sure if that is the right thing to do???
Dave
_______________________________________________
stunnel-users mailing list
stunnel-users at mirt.net
http://stunnel.mirt.net/mailman/listinfo/stunnel-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20090310/83a908de/attachment.html>
More information about the stunnel-users
mailing list