Ah, I figured out what happened. The following patch should help:
cvs diff: Diffing fips/dh
Index: fips/dh/fips_dh_check.c
===================================================================
RCS file: /e/openssl/cvs/openssl/fips/dh/Attic/fips_dh_check.c,v
retrieving revision 1.1.2.1
diff -u -r1.1.2.1 fips_dh_check.c
--- fips/dh/fips_dh_check.c 19 Jun 2004 13:16:47 -0000 1.1.2.1
+++ fips/dh/fips_dh_check.c 28 Jun 2004 20:31:55 -0000
@@ -58,8 +58,11 @@
#include <stdio.h>
#include <openssl/bn.h>
+#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
+#ifdef OPENSSL_FIPS
+
/* Check that p is a safe prime and
* if g is 2, 3 or 5, check that is is a suitable generator
* where
@@ -117,3 +120,6 @@
if (q != NULL) BN_free(q);
return(ok);
}
+
+#endif
+#endif
Index: fips/dh/fips_dh_gen.c
===================================================================
RCS file: /e/openssl/cvs/openssl/fips/dh/Attic/fips_dh_gen.c,v
retrieving revision 1.1.2.1
diff -u -r1.1.2.1 fips_dh_gen.c
--- fips/dh/fips_dh_gen.c 19 Jun 2004 13:16:48 -0000 1.1.2.1
+++ fips/dh/fips_dh_gen.c 28 Jun 2004 20:31:55 -0000
@@ -60,9 +60,14 @@
#include <string.h>
#include <openssl/err.h>
#include <openssl/bn.h>
+#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
+#endif
#include <openssl/fips.h>
+#ifndef OPENSSL_NO_DH
+#ifdef OPENSSL_FIPS
+
/* We generate DH parameters as follows
* find a prime q which is prime_len/2 bits long.
* p=(2*q)+1 or (p-1)/2 = q
@@ -89,8 +94,6 @@
* order-q subgroup.
*/
-#ifdef OPENSSL_FIPS
-
DH *DH_generate_parameters(int prime_len, int generator,
void (*callback)(int,int,void *), void *cb_arg)
{
@@ -180,3 +183,4 @@
}
#endif
+#endif
Index: fips/dh/fips_dh_key.c
===================================================================
RCS file: /e/openssl/cvs/openssl/fips/dh/Attic/fips_dh_key.c,v
retrieving revision 1.1.2.1
diff -u -r1.1.2.1 fips_dh_key.c
--- fips/dh/fips_dh_key.c 19 Jun 2004 13:16:48 -0000 1.1.2.1
+++ fips/dh/fips_dh_key.c 28 Jun 2004 20:31:56 -0000
@@ -59,9 +59,14 @@
#include <stdio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
+#ifndef OPENSSL_NO_RAND
#include <openssl/rand.h>
+#endif
+#ifndef OPENSSL_NO_DH
#include <openssl/dh.h>
+#ifdef OPENSSL_FIPS
+
static int generate_key(DH *dh);
static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh);
static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
@@ -220,3 +225,6 @@
BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p);
return(1);
}
+
+#endif
+#endif
-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.
--
Richard Levitte \ Tunnlandsv�gen 52 \ [EMAIL PROTECTED]
[EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-708-26 53 44
\ SWEDEN \
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
