> > Rolling this into the default build on Windows (along with > the /SafeSEH, > > /NXCOMPAT, and /DYNAMICBASE flags) would probably be a good idea. > > You mentioned *fips*. /dynamicbase won't work in that context. A.
True, it conflicts with the in-core fingerprint mechanism. We're actually doing a "private label" FIPS binary certification with file-based fingerprints, in part because of that conflict. We lose the flexibility of a source-code level certification, but preserve the ability to use /dynamicbase. John ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
