Dr. Stephen Henson wrote:
On Thu, Oct 02, 2008, Thomas J. Hruska wrote:
Thomas J. Hruska wrote:
Needless to say, given the lack of response and further web searching
reveals issues with older VC++ linkers core dumping(?) against the latest
MinGW and I've already put forth 30+ hours (not counting the preparation
time of several months!), two CD-Rs, and who knows how much money into an
attempted production of a default OpenSSL FIPS 140-2 compliant binary build
for Windows (complete with fancy installer), I'm going to simply hold off
until 1.2.0 becomes available and then try again at that time. Mixing
together binaries from two totally different compilers is not only a bad
idea, it is a horrifically terrible idea. The fact that this supposedly
works at all for some people is a miracle.
The 1.1.2 module (which I only became involved with towards the end) was
designed round a Unix build system.
For the 1.1.2 module it was a choice of mixing compilers or not having any
Windows build at all. It was decided that was better than nothing.
What version of gcc do you have with MSYS? There are issues with some versions
of gcc.
$ gcc --version
gcc.exe (GCC) 3.4.5 (mingw-vista special r3)
Copyright (C) 2004 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is
NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
Not that it really matters...
Supposedly, from what I've read, 1.2.0 doesn't require mixing compilers.
That should significantly clean things up. Assuming, of course, "not
mixing compilers" allows the use of VC++. If I have to use MinGW, I will
be very annoyed. I'm also hoping I can compile against 0.9.8x instead of
0.9.7m.
The 1.2 module (which I was involved with from the start) has Windows as a
standard platform. It can be built using VC++ only.
Steve.
Excellent. I'll just wait for the 1.2 module then. I know that it
could be a long wait of many months since FIPS validation takes a while.
BTW, during the FIPS creation process that I used (a set of steps that I
plan on using for all releases), I noticed that the 'MD5', 'SHA1', and
'PGP sign' links next to the source code download links at:
https://www.openssl.org/source/
Are broken (not really 'broken' per se, but blank). I had to go out to
the FTP site to get the signatures.
--
Thomas Hruska
Shining Light Productions
Home of BMP2AVI, Nuclear Vision, ProtoNova, and Win32 OpenSSL.
http://www.slproweb.com/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
