We are running on SLES 10 SP2. Some of our processes need to enable and disable FIPS multiple times within its execution. The following code worked on openssl-fips-1.1.1 but appears to be broken in 1.1.2:
// this works int rc = FIPS_mode_set( 1 ); // and this works rc = FIPS_mode_set( 0 ); // but if I try to re-enable, this will fail rc = FIPS_mode_set( 1 ); I think I narrowed it down to a recent change in fips_rand.c. If I copy the 1.1.1 version of fips_rand.c to the 1.1.2 source directory and rebuild, the issue goes away. Let me know if I can offer any more information. Thanks in advance. brad
|
We are running on SLES 10 SP2. Some of our processes
need to enable and disable FIPS multiple times within its execution. The
following code worked on openssl-fips-1.1.1 but appears to be broken in 1.1.2: //
this works int
rc = FIPS_mode_set( 1 ); //
and this works rc
= FIPS_mode_set( 0 ); //
but if I try to re-enable, this will fail rc =
FIPS_mode_set( 1 ); I think I narrowed it down to a recent change in fips_rand.c.
If I copy the 1.1.1 version of fips_rand.c to the 1.1.2 source directory and
rebuild, the issue goes away. Let me know if I can offer any more information.
Thanks in advance. brad |
