Re: md5 issues Postgres14 on OL7

Michael Paquier <michael(at)paquier(dot)xyz> writes:
> On Tue, Jan 04, 2022 at 12:54:35PM -0500, Tom Lane wrote:
>> I reproduced this on Fedora 35 with FIPS mode enabled. The problem
>> is that OpenSSL treats MD5 as a disallowed cipher type under FIPS
>> mode, so this call in pg_cryptohash_init fails:

> Is that 3.0.0 or 1.1.1? I can see the following, telling that Fedora
> 35 uses OpenSSL 1.1.1:
> https://packages.fedoraproject.org/pkgs/openssl/openssl/

I don't have the image booted up right at the moment, but it was
a plain vanilla, fresh-out-of-the-box F35 install, so whatever the
default openssl version is for that. That link does say that it
should be 1.1.1l.

> Indeed, this error is a pilot error with the cryptohash integration of
> 14. In ~13, the custom MD5 implementation would only fail on OOM, but
> more failure modes are possible now.

Right, the code in md5_text() was fine when it was written ... but
now, not so much.

> At the end, I agree that we should improve the error message in these
> two cases. However, I would stick to simplicity by not assuming that
> those two code paths fail only on OOM, and reword things in md5_text()
> and md5_bytea() with a simple "could not compute MD5 hash". Any code
> paths calling the routines of md5_common.c just do that as well for
> ages when the computation fails, and that's what we care about here.

I think it's very important that the error message in this case
mention "FIPS mode" explicitly. Otherwise, people will have no
idea that that's where the problem originates, and they'll be
frustrated and we'll get bug reports. (They may be frustrated
anyway, but it was their choice, or their corporate policy's
choice, to cut off their access to MD5. Not our place to dodge
that decision.)

regards, tom lane