httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Peter Arseneau" <>
Subject FIPS mode for MOD_SSL
Date Wed, 18 Nov 2009 19:01:17 GMT
Dear Apache developer,


(this is related to Apache bugzilla 46270)


I'm attempting to build a FIPS compliant version of Apache 2.2.14.

I've applied a patch to the SSL modules directory and it seems to work,

except httpd ends up calling "ssl_init_Module" more than once.   The

time(s), httpd initializes correctly.


On the final run, the base_server->FIPS flag is not pre-initialized and

httpd always seems to start in FIPS mode.


Could this be related to changes made in server/main.c?

I've attached main.c from the latest Apache (2.2.14) , and the patched
version of



       for (mod = ap_prelinked_modules; *mod != NULL; mod++) {

            ap_register_hooks(*mod, pconf);



        /* This is a hack until we finish the code so that it only reads

         * the config file once and just operates on the tree already in

         * memory.  rbb





        if (ap_run_post_config(pconf, plog, ptemp, server_conf) != OK)

(This is where ssl_init_Module is re-run but with an uninitialized
sc->FIPS flag)


Any help would be most welcome.

If you need more information, please feel free to ask.


Yours truly,


Peter Arseneau



View raw message