Home > mailing lists

Re: postgresql 9.3.10, FIPS mode and DRBG issues. - Mailing list pgsql-general

From	Tom Lane
Subject	Re: postgresql 9.3.10, FIPS mode and DRBG issues.
Date	April 4, 2016 22:52:08
Msg-id	29191.1459799507@sss.pgh.pa.us Whole thread Raw
In response to	postgresql 9.3.10, FIPS mode and DRBG issues. (Rodney Lott <rlott@evertz.com>)
Responses	Re: postgresql 9.3.10, FIPS mode and DRBG issues.
List	pgsql-general

Tree view

Rodney Lott <rlott@evertz.com> writes:
> So, my question is this: In FIPS mode, what would cause the random
> number generation to not initialize?

I remember that Red Hat's version of "FIPS mode" involved crypto features
(including RNGs) just refusing to work in modes deemed inadequately
secure.  So my guess is that psql is trying to configure OpenSSL with some
inadequately-secure settings.  Not sure why it'd be different from the
server though.  Are you sure psql and the libpq it's using are same
version as the apparently-working server?

            regards, tom lane

pgsql-general by date:

From: Soni M
Date: 04 April 2016, 21:32:09
Subject: Re: CORRUPTION on TOAST table

From: Rodney Lott
Date: 04 April 2016, 23:22:49
Subject: Re: postgresql 9.3.10, FIPS mode and DRBG issues.

Re: postgresql 9.3.10, FIPS mode and DRBG issues. - Mailing list pgsql-general

Previous

Next