Chapter 8 - openssl

T_B T_B at
Mon Feb 14 18:40:45 PST 2005

After applying the latest patches (glibc-2.3.4-arc4random-1.patch) openssl
objects during the make.  If the arc4random references that this patch adds
to /usr/include/stdlib.h are commented out all is fine.  Perhaps some fixup
is required to openssl to allow it to build with arc4random.

Also the same problem occurs with openssh.

I also noticed that if you remove the static libs ( rm -f
/usr/lib/{libcrypto.a,libssl.a} ) as is suggested, then subsequently openssh
will not build.  Perhaps there is some tweak required to openssh that
removes its dependence on openssl's static libraries.

One last question - what is the rational for removing fips in the line (
sed -i 's%SHLIBDIRS= fips crypto ssl%SHLIBDIRS= crypto ssl%g' Makefile  ) ?
openssl still has its fips approval pending, but in general I would prefer
crypto that is in process to fips certification over not.

Other than that, complete build of latest appears to be running fine.  I
will report any observed operation issues if and when they appear.


More information about the hlfs-dev mailing list