Home > mailing lists

Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2 - Mailing list pgsql-hackers

From	Michael Paquier
Subject	Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2
Date	September 28, 2020 06:55:06
Msg-id	20200928035506.GB2316@paquier.xyz Whole thread Raw
In response to	Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2 (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2 (Michael Paquier <michael@paquier.xyz>)
List	pgsql-hackers

Tree view

On Fri, Sep 25, 2020 at 12:27:03AM -0400, Tom Lane wrote:
> Given the tiny number of complaints to date, it seems sufficient to me
> to deal with this in HEAD.

Thanks.  I have done more tests with the range of OpenSSL versions we
support on HEAD, and applied this one.  I have noticed that the
previous patch forgot two fail-and-abort code paths as of
EVP_DigestInit_ex() and EVP_DigestUpdate().
--
Michael

Attachment

signature.asc

pgsql-hackers by date:

From: Amit Kapila
Date: 28 September 2020, 06:43:34
Subject: Re: New statistics for tuning WAL buffer size

From: Keisuke Kuroda
Date: 28 September 2020, 07:31:01
Subject: Re: Logical replication CPU-bound with TRUNCATE/DROP/CREATE many tables

Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2 - Mailing list pgsql-hackers

Attachment

Previous

Next