On Mon, Feb 27, 2012, gatewood_gr...@mcafee.com wrote: > Even without linking the canister (not using fipsld), if I use the FIPS > includes, RAND_status() fails. According to nm, the RAND_status is > still redirected to FIPS_rand_status. > >
Ah you're including the FIPS module header files if that happens. The function RAND_status() should stay as RAND_status() when building against the FIPS capapable OpenSSL. Try specifying the path to the FIPS capable OpenSSL header install location first so they are used in preference to the module header files. In fact you can delete everything apart from fips.h and fips_rand.h from the module install of header files. Also use the FIPSDIR environment variable instead of specifying any options fo ./config for the module, you can also use that instead of the --with-fips* options when you build the FIPS capable OpenSSL. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
