[Openswan dev] nss/nspr4 warning and PLUTO_SENDS_VENDORID vs HAVE_LIBNSS

D. Hugh Redelmeier hugh at mimosa.com
Tue Jan 5 11:54:29 EST 2010

| From: Avesh Agarwal <avagarwa at redhat.com>

| It may not be a security issue but as I said above that md5 is not 
| allowed in FIPS mode.

| Same as above, can we then change it to SHA1 or something else?

Seems unlikely: the convention of MD5 is required for interoperation I

Perhaps the hash could be precomputed (at build time) and skirt the
silly restriction.

More information about the Dev mailing list