On Thu, Mar 10, 2011, Paul Suhler wrote: > Hi, developers. > > I've found some problems in fips.c when either of the above symbols is > defined. For example, dsa.h and ecdsa.h are unconditionally included, > but they contain #error statements triggered by the symbols. Moreover, > symbols from these files are used unconditionally. > > I infer that the FIPS-compliant build does not define these symbols. Is > there interest in cleaning this up? If not, then I'll just continue to > make local changes for my port. >
Is this a reference to CVS HEAD? If so that is currently under development and since it has not been put through testing is not "compliant". The actual build process will be very tightly controlled and so using such options as no-dsa, no-ecdsa etc will violate the security policy unless a platform sponsor wants those specific options included as a separate "platform". Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
