Bug 13124 - stunnel in mga4 fails with newer openssl using FIPS
Summary: stunnel in mga4 fails with newer openssl using FIPS
Status: RESOLVED DUPLICATE of bug 11000
Alias: None
Product: Mageia
Classification: Unclassified
Component: RPM Packages (show other bugs)
Version: 4
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: Mageia Bug Squad
QA Contact:
URL: https://bugs.mageia.org/show_bug.cgi?...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-31 13:06 CEST by claire robinson
Modified: 2014-04-23 16:45 CEST (History)
0 users

See Also:
Source RPM: stunnel
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description claire robinson 2014-03-31 13:06:14 CEST 
See also bug 12943 where the issue was discovered.

In mga3 fips is not used and stunnel works but in mga4 fips is used and causes stunnel to fail.

eg.

# stunnel
stunnel 4.56 on i586-mageia-linux-gnu platform
Compiled/running with OpenSSL 1.0.1e 11 Feb 2013
Threading:FORK Sockets:POLL,IPv6 SSL:ENGINE,OCSP,FIPS Auth:LIBWRAP
Reading configuration from file /etc/stunnel/stunnel.conf
FIPS_mode_set: F06D065: error:0F06D065:common libcrypto routines:FIPS_mode_set:fips mode not supported
Line 61: "[pop3s]": Failed to initialize SSL
str_stats: 7 block(s), 126 data byte(s), 406 control byte(s)



It can be worked around by adding 'fips = no' in the top half of 
/etc/stunnel/stunnel.conf




Reproducible: 

Steps to Reproduce:
Comment 1 Manuel Hiebel 2014-04-23 16:45:13 CEST 
looks a dup

*** This bug has been marked as a duplicate of bug 11000 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE
Note You need to log in before you can comment on or make changes to this bug.