Daniel Gustafsson <daniel@yesql.se> writes:
> On 20 Feb 2026, at 17:07, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> I'd rather test the normal configuration
>> normally and make people who want to run the test on a FIPS platform
>> do something different.
> How about a function in Cluster.pm which returns whether the underlying OpenSSL
> is using FIPS or not, and if it does we adjust the config to make it not fail
> on an unallowed group? That way we can have a CI job that runs with FIPS and
> the adjusted test config, and the rest - along with the Buildfarm - runs the
> default config.
If we can get that information easily, then sure.
BTW, I think we should be back-patching these fixes into v18, since
the testing hazard exists there too. But maybe wait till after the
re-release is finished.
regards, tom lane
