diff -up aide-0.15.1/src/aide.c.fipsfix aide-0.15.1/src/aide.c

--- aide-0.15.1/src/aide.c.fipsfix	2010-08-08 19:39:31.000000000 +0200

+++ aide-0.15.1/src/aide.c	2012-11-22 16:59:45.378713818 +0100

@@ -484,9 +484,28 @@ int main(int argc,char**argv)

 #endif

   umask(0177);

   init_sighandler();

-

   setdefaults_before_config();

+#if WITH_GCRYPT

+  error(255,"Gcrypt library initialization\n");

+  /*

+   *  Initialize libgcrypt as per

+   *  http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html

+   *

+   *

+   */

+  gcry_control(GCRYCTL_SET_ENFORCED_FIPS_FLAG, 0);

+  gcry_control(GCRYCTL_INIT_SECMEM, 1);

+

+  if(!gcry_check_version(GCRYPT_VERSION)) {

+      error(0,"libgcrypt version mismatch\n");

+      exit(VERSION_MISMATCH_ERROR);

+  }

+

+  gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);

+#endif /* WITH_GCRYPT */

+

+

   if(read_param(argc,argv)==RETFAIL){

     error(0, _("Invalid argument\n") );

     exit(INVALID_ARGUMENT_ERROR);

@@ -641,6 +660,9 @@ int main(int argc,char**argv)

     }

 #endif

   }

+#ifdef WITH_GCRYPT

+  gcry_control(GCRYCTL_TERM_SECMEM, 0);

+#endif /* WITH_GCRYPT */

   return RETOK;

 }

 const char* aide_key_3=CONFHMACKEY_03;

diff -up aide-0.15.1/src/md.c.fipsfix aide-0.15.1/src/md.c

--- aide-0.15.1/src/md.c.fipsfix	2010-08-08 19:39:31.000000000 +0200

+++ aide-0.15.1/src/md.c	2012-11-22 16:59:33.166673632 +0100

@@ -201,14 +201,7 @@ int init_md(struct md_container* md) {

   }

 #endif 

 #ifdef WITH_GCRYPT

-  error(255,"Gcrypt library initialization\n");

-  	if(!gcry_check_version(GCRYPT_VERSION)) {

-		error(0,"libgcrypt version mismatch\n");

-		exit(VERSION_MISMATCH_ERROR);

-	}

-	gcry_control(GCRYCTL_DISABLE_SECMEM, 0);

-	gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);

-	if(gcry_md_open(&md->mdh,0,0)!=GPG_ERR_NO_ERROR){

+	if(gcry_md_open(&md->mdh,0,GCRY_MD_FLAG_SECURE)!=GPG_ERR_NO_ERROR){

 		error(0,"gcrypt_md_open failed\n");

 		exit(IO_ERROR);

 	}

@@ -299,7 +292,7 @@ int close_md(struct md_container* md) {

   /*.    There might be more hashes in the library. Add those here..   */

-  gcry_md_reset(md->mdh);

+  gcry_md_close(md->mdh);

 #endif  

 #ifdef WITH_MHASH

diff -up aide-0.15.1/src/util.c.fipsfix aide-0.15.1/src/util.c

--- aide-0.15.1/src/util.c.fipsfix	2010-08-08 19:39:31.000000000 +0200

+++ aide-0.15.1/src/util.c	2012-11-22 16:59:33.166673632 +0100

@@ -494,28 +494,5 @@ int syslog_facility_lookup(char *s)

 	return(AIDE_SYSLOG_FACILITY);

 }

-/* We need these dummy stubs to fool the linker into believing that

-   we do not need them at link time */

-

-void* dlopen(char*filename,int flag)

-{

-  return NULL;

-}

-

-void* dlsym(void*handle,char*symbol)

-{

-  return NULL;

-}

-

-void* dlclose(void*handle)

-{

-  return NULL;

-}

-

-const char* dlerror(void)

-{

-  return NULL;

-}

-

 const char* aide_key_2=CONFHMACKEY_02;

 const char* db_key_2=DBHMACKEY_02;