On Thu, Mar 06, 2014, abhispra wrote: > > 1> When fipsld is trying to load the shared object being created, why are > the debug messages printed passed to gcc. How do i overcome this?
The way native builds embed the signature is to link twice. The first time loads the DSO which should just print out the signature and exit. The second time embeds the signature. If for some reason the DSO load prints out anything else during the first link then it will confuse the second link. > 2> If 1 is not feasible, then how do i manually go about embedding the > cannister with the hash into my shared object. > Try setting FIPS_SIG to the incore script path. Altetnatively you can use a custom fipsld script: you don't have to use the supplied version and anything functionally equivalent is acceptable. For example you could modify the part that reads the signature from standard output to ignore the debugging messages. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
