On Fri, Dec 19, 2008 at 03:22:17PM -0800, Kyle Hamilton wrote:
> The distribution will ALWAYS look for the FIPS files in
> /usr/local/ssl/fips-1.0/lib/, since that is where they are put when
> you follow the commands given in the Security Policy precisely (as you
> must, if you want the validation to 'stick').
Can you elaborate on this point? We use AFS, software is never installed
in /usr/local. Rather there is a structured namespace for versioned
releases of software for a variety of system architectures. OpenSSL
libraries live in paths along the lines of:
/afs/rdonly/sec/PROJ/openssl/0.9.8i/.exec/x86_64.linux.2.6.glibc.2.3/lib
and multiple versions of OpenSSL are installed at the same time, each in
their own release tree. Is it really not possible to build the fips code
to reside in non-default locations?
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
