dladdr() in fips.c and --enable-hmac-binary-check and --enable-static
Werner Koch
wk at gnupg.org
Wed Apr 6 15:59:39 CEST 2016
On Fri, 18 Mar 2016 02:09, burts at us.ibm.com said:
> One of our team members decided that he needed to create a program binary
> using static libraries, and he also decided to use the
> --enable-hmac-binary-check option. This combination of configure options
> will not work, because it exposes the dladdr() function call, and the
That option works only with glibc and shared objects - it was required
by a FIPS validated systems. It is not portable. I will add a source
comment to configure.ac to explain this.
> Can you eliminate the use of dladdr(), or come up with something that is
> less likely to trip up a novice? Perhaps it is ridiculous for him to be
Do not use features which are not described in README or in the manual
;-)
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gcrypt-devel
mailing list