[stunnel-users] Compiling with ./configure --enable-fips option
Lewis, Joseph E Sr Mr CTR USA USA
joe.lewissr at us.army.mil
Tue Feb 1 20:59:14 CET 2011
Thanks Michal for your response.
We got it figured out. First we had to set the environment variables:
$> export CFLAGS="-DSYSV -D_AIX -D_AIX53 -D_ALL_SOURCE -O2 –DOPENSSL_FIPS"
$> export CC="gcc"
Then we ran the configure command with the following options:
$> ./configure --prefix=<install_dir> --enable-fips
Then environment variable allows stunnel to compile correctly; we then followed that up with the make and the make install command and everything completed just fine.
----- Original Message -----
From: Michal Trojnara <Michal.Trojnara at mirt.net>
Date: Sunday, January 30, 2011 13:09
Subject: Re: [stunnel-users] Compiling with ./configure --enable-fips option
To: stunnel-users at stunnel.org
> Lewis, Joseph E Sr Mr CTR USA USA wrote:
> > When I use the –enable-fips option, the configure runs just fine
> > the make fails with :
> > In file included from common.h:374,
> > from file.c:38:
> > /usr/include/openssl/fips.h:69:2: error: #error FIPS is disabled.
> > make: 1254-004 The error code from the last command is 1.
> > IBM support assures me that FIPS is enabled.
> > stunnel 4.32 on powerpc-ibm-aix22.214.171.124 with OpenSSL 0.9.8k-fips
> > Mar 2009
> Yes, it looks like FIPS is indeed enabled in your OpenSSL library.
> the other hand it looks like FIPS support is *not* enabled in your
> OpenSSL headers.
> The corresponding code in fips.h is:
> #include <
> #ifndef OPENSSL_FIPS
> #error FIPS is disabled.
> See the output of stunnel ./configure script and look for SSL
> configuration. You'll find the directory that stunnel gets its
> OpenSSL headers and libraries from. Maybe you have more than one
> instance of OpenSSL installed, and stunnel finds not the one with FIPS
> The best solution would be to use header files configured with FIPS
> Alternatively you could manually add:
> #define OPENSSL_FIPS
> to your opensslconf.h.
> stunnel-users mailing list
> stunnel-users at stunnel.org
More information about the stunnel-users