Description of problem: FIPS mode can't be set with latest openssl package. # FIPSCHECK_DEBUG=stderr fipscheck /usr/sbin/sshd # rpm -q openssl openssl-1.0.0g-1.fc17.x86_64 # yum update openssl ... Installing: openssl-libs x86_64 1:1.0.1-1.fc18 rawhide 826 k replacing openssl.x86_64 1.0.0g-1.fc17 ... # FIPSCHECK_DEBUG=stderr fipscheck /usr/sbin/sshd fipscheck: FIPS_mode_set() failed # rpm -q openssl-libs openssl-libs-1.0.1-1.fc18.x86_64 # rpm -qf /usr/bin/fipscheck fipscheck-1.3.0-3.fc17.x86_64 [ 0.000000] Linux version 3.3.0-0.rc2.git3.2.fc17.x86_64 (mockbuild.fedoraproject.org) (gcc version 4.7.0 20120126 (Red Hat 4.7.0-0.10) (GCC) ) #1 SMP Fri Feb 3 19:19:19 UTC 2012 [ 0.000000] Command line: BOOT_IMAGE=/vmlinuz-3.3.0-0.rc2.git3.2.fc17.x86_64 root=UUID=3ada0784-6cdf-4071-83aa-b8dd23ad14a9 ro console=ttyS0 fips=1 1 [ 0.000000] Kernel command line: BOOT_IMAGE=/vmlinuz-3.4.0-0.rc0.git4.2.fc18.x86_64 root=UUID=3ada0784-6cdf-4071-83aa-b8dd23ad14a9 ro console=ttyS0 SYSFONT=latarcyrheb-sun16 LANG=en_US.UTF-8 KEYTABLE=us enforcing=0 fips=1 1 [ 0.000000] fips mode: enabled
Unfortunately I cannot reproduce it on freshly updated rawhide: [root@rawhide ~]# FIPSCHECK_DEBUG=stderr fipscheck /usr/sbin/sshd [root@rawhide ~]# echo $? 0 [root@rawhide ~]# rpm -q fipscheck openssl fipscheck-1.3.0-3.fc17.x86_64 openssl-1.0.1-1.fc18.x86_64
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle. Changing version to '19'. (As we did not run this process for some time, it could affect also pre-Fedora 19 development cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.) More information and reason for this action is here: https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19
Tentatively closing.