Hi David,
Yes, I did link with fips_premain.c. I specified the compile and link options for the fipslink.pl script, and included fips_remain.o as an object. The problem was that static globals in the gcc-compiled code were not initialized. For example, I believe there was "static int fips_mode; ". It is assumed to be initialized as zero. However, when setting fips mode to one in my app, it would often have been set to another value. I created my own debug build of FIPS to see what was going on. I printed out the value of fips_mode when FIPS_mode_set() was invoked. It could take on a range of initial values. Sometimes it would be zero, sometimes something else. It could be whatever was at that address. Other static variables in fips.c suffered the same fate. I went on to test my own app with a .o compiled with gcc, and the rest compiled with VC7. I got the same behavior with statics defined in my .o. Steve Henson suggested that I try a later version of gcc. I had tried this with gcc 3.2.3 and both VC7 and VC8. Steve suggested I try compiling fipscannistrer.o with gcc 3.4.2 or later. I have not had a chance to try this yet. Thanks -David _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: Friday, February 23, 2007 2:39 PM To: openssl-users@openssl.org Subject: RE: FIPS compilation with VC6 There is a perl wrapper for the link command that you can use when linking with other utilities. I tried using this with VC7 and VC8. I was successful linking, and things ran fine in non-FIPS mode. When I tried enabling FIPS, I found problems with global statics in the FIPS module not being initialized properly. I have not found a resolution for that. -David Did you compile/link in fips_premain.c? DS
