search for: fipscheck_verify

Does anyone knows why in some OpenSSH patches for FIPS we have something like: SSLeay_add_all_algorithms(); if (FIPS_mode() && !FIPSCHECK_verify(NULL, NULL)) { fprintf(stderr, "FIPS integrity verification test failed.\n"); exit(3); } This block of code is always in main() soon after starting service/client. Why are they checking FIPS_mode() if the FIPS_mode_set() wasn't even...

...-all Preprocessor flags: Linker flags: -pie -z relro -z now -fstack-protector-all -static Libraries: -lcrypto -ldl -lutil -lz -lresolv When I then execute make, I get this after a while: /usr/lib/gcc/armv5tel-redhat-linux-gnueabi/4.6.1/../../../libcrypto.a(fips.o): In function `FIPSCHECK_verify': (.text+0x20): warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking groupaccess.o: In function `ga_init': /builddir/build/BUILD/openssh-5.6p1/groupaccess.c:66: warning: Using 'getgrouplist'...