| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | Joe Conway <mail(at)joeconway(dot)com>, "Koshi Shibagaki (Fujitsu)" <shibagaki(dot)koshi(at)fujitsu(dot)com>, "Hayato Kuroda (Fujitsu)" <kuroda(dot)hayato(at)fujitsu(dot)com>, Peter Eisentraut <peter(at)eisentraut(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com>, "pgsql-hackers(at)lists(dot)postgresql(dot)org" <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Replace current implementations in crypt() and gen_salt() to OpenSSL |
| Date: | 2025-01-21 20:59:19 |
| Message-ID: | 3435777.1737493159@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Daniel Gustafsson <daniel(at)yesql(dot)se> writes:
> It could indeed be useful, but I doubt we can make it portable to check for
> anything but the state of OpenSSL. If the operating system has a FIPS mode
> then we won't capture that. That might not be a problem since if the OS is in
> FIPS mode then OpenSSL most likely will be too but we can't guarantee it.
Not our problem, I think. The OS vendor would have to have fallen
down on the job quite badly to offer an OS-level "FIPS mode" while
shipping an OpenSSL that doesn't honor that. It would not be optional
for OpenSSL to be in that mode if the OS is.
(If we end up inventing a FIPS-mode flag, I would fully expect
interested vendors to patch our code to force it on when the
OS-level flag is set, which is exactly what they will have done
to OpenSSL. We should design our behavior with that in mind.)
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2025-01-21 21:05:09 | Re: Replace current implementations in crypt() and gen_salt() to OpenSSL |
| Previous Message | Álvaro Herrera | 2025-01-21 20:53:53 | Re: pg_dump --no-comments confusion |