On Thu, 2009-08-27 at 13:39 +0200, Mark Phalan wrote: ... > > A consequence of delivering two libcryptos is that one will have the > FIPS_* symbols and the other will not. This makes building applications > which support the FIPS mode problematic if they are to run with both > libcrypto versions. They could be patched to use dlsym() but it would be > nice to avoid such hackery. > Is there any reason the regular non-FIPS Capable OpenSSL couldn't > contain the FIPS_* symbols (which would always fail when called) ?
I didn't see any comment about the viability of the above. Does this sound reasonable to the OpenSSL team? Would patches be accepted if offered? Thanks, -M ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org