Thank you for your response. Ultimately, I ended up using libcrypto.so instead of libcrypto.a which worked for me without the need for fipsld when linking my shared library with libcrypto.
Thanks again. Paul ----- Original Message ----- From: "Dr. Stephen Henson" <st...@openssl.org> To: openssl-users@openssl.org Sent: Monday, November 9, 2009 12:29:42 PM GMT -07:00 US/Canada Mountain Subject: Re: Linking and execution problems with a FIPS-capable OpenSSL distribution On Mon, Nov 09, 2009, Daugherty wrote: > Another mistake I made was specifying FIPSLD_CC=gcc instead of FIPSLD_CC=g++. > > Now, when I link, I get the following error: > > /usr/local/src/openssl-fips-1.2/fips/fipsld -Wl,-O3 -D_REENTRANT > -DACE_HAS_AIO_CALLS -D_GNU_SOURCE > -I/home/linuxbuild/ntsdev/3rdParty/ACE_wrappers$ > /usr/local/src/openssl-fips-1.2/fips/../fips/fips_premain.c:71: error: > initializer-string for array of chars is too long > > I have seen another posting referencing the gcc/g++ differences related to > this error. I believe it had to do with not being able to fix the error > since the source file changes would invalidate the FIPS modules. > > Is there any work around besides compiling with gcc instead of g++? > The fipsld script is not part of the actual validation, you can use any equivalent technique to embed the signature in the files. So you can modify fipsld so it compiles fips_premain.c with gcc if you wish. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
