cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: libcurl: Versions - Which Version to Use with FIPS-Compatibleopenssl 9.7 Branch?

From: Welling, Conrad Gerhart <CONRAD.GERHART.WELLING_at_saic.com>
Date: Wed, 21 Mar 2007 11:22:21 -0700

Yes, thanks, and, to this point, I'm modifying the libcurl source in order to incorporate the FIPS mode as an option to curl_easy_setopt()function as in "curl_easy_setopt(curl, OPENSSL_FIPS, 1)".

-----Original Message-----
From: curl-library-bounces_at_cool.haxx.se
[mailto:curl-library-bounces_at_cool.haxx.se]On Behalf Of Rob Crittenden
Sent: Monday, March 19, 2007 4:06 PM
To: libcurl development
Subject: Re: libcurl: Versions - Which Version to Use with
FIPS-Compatibleopenssl 9.7 Branch?

Daniel Stenberg wrote:
> On Fri, 2 Mar 2007, Welling, Conrad Gerhart wrote:
>
>> I'm building a Windows 2000/XP application and I intend to make use of
>> the curl library, having recently discovered its benefits. I intend
>> to utilize the curl library HTTPS capability with a FIPS-compatible
>> OpenSSL build, which I understand (see below) must be based upon an
>> openssl 9.7.x branch. Am I correct in assuming that the current
>> version of the SSL-enabled curl library was built to be linked with an
>> openssl 9.8 branch?
>
> No, libcurl is released as source code and you can most probably build
> it with both 0.9.7 and 0.9.8 just fine.
>
>> If so, which version and package of the curl library should I use to
>> link with an openssl 9.7.x branch?
>
> Get the latest source and build your own and link it with whatever
> version you please!
>

It is important to note that depending on what you are doing your
application does not automatically inherit the FIPS validation.

See this post for some more details:
http://www.nnseek.com/e/mailing.unix.opensshdev/openssh_use_of_openssl_in_fips_mode_39130493t.html

rob
Received on 2007-03-21