[openssl-dev] [openssl.org #3730] openssl 1.0.2 compile failure with OPENSSL_FIPS
Duane Bronson via RT
rt at openssl.org
Fri Mar 6 15:02:37 UTC 2015
Openssl guys,
It looks like an accidental * slipped into *pcurveslen in ssl/t1_lib.c. This patch fixes it and also a warning, but I still get an installed but unpackaged error that could be my fault. Still investigating.
bash-4.1# cat openssl-1.0.2-pcurveslen.patch
diff -up openssl-1.0.2/ssl/t1_lib.c.fips openssl-1.0.2/ssl/t1_lib.c
--- openssl-1.0.2/ssl/t1_lib.c.fips 2015-03-05 16:26:48.786265443 -0500
+++ openssl-1.0.2/ssl/t1_lib.c 2015-03-05 16:29:35.419166733 -0500
@@ -119,6 +119,9 @@
#include <openssl/ocsp.h>
#include <openssl/rand.h>
#include "ssl_locl.h"
+#ifndef OPENSSL_NO_KRB5
+# include <ssl/kssl_lcl.h>
+#endif
const char tls1_version_str[] = "TLSv1" OPENSSL_VERSION_PTEXT;
@@ -470,7 +473,7 @@ static int tls1_get_curvelist(SSL *s, in
# ifdef OPENSSL_FIPS
if (FIPS_mode()) {
*pcurves = fips_curves_default;
- *pcurveslen = sizeof(fips_curves_default);
+ pcurveslen = sizeof(fips_curves_default);
} else
# endif
{
Duane
Duane Bronson
Member of Technical Staff
Cascade Business Unit
Riverbed Technology<http://www.riverbed.com/>
125 CambridgePark Drive
Cambridge, MA 02140
Mobile: 617.515.2909
More information about the openssl-dev
mailing list