Home > mailing lists

Re: Allow tests to pass in OpenSSL FIPS mode - Mailing list pgsql-hackers

From	Tom Lane
Subject	Re: Allow tests to pass in OpenSSL FIPS mode
Date	March 6, 2023 17:55:06
Msg-id	3349278.1678114506@sss.pgh.pa.us Whole thread Raw
In response to	Re: Allow tests to pass in OpenSSL FIPS mode (Daniel Gustafsson <daniel@yesql.se>)
Responses	Re: Allow tests to pass in OpenSSL FIPS mode (Daniel Gustafsson <daniel@yesql.se>)
List	pgsql-hackers

Tree view

Daniel Gustafsson <daniel@yesql.se> writes:
>> On 5 Mar 2023, at 00:04, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>> I've gone through this and have a modest suggestion: let's invent some
>> wrapper functions around encode(sha256()) to reduce the cosmetic diffs
>> and consequent need for closer study of patch changes.  In the attached
>> I called them "notmd5()", but I'm surely not wedded to that name.

> For readers without all context, wouldn't it be better to encode in the
> function name why we're not just calling a hash like md5?  Something like
> fips_allowed_hash() or similar?

I'd prefer shorter than that --- all these queries are laid out on the
expectation of a very short function name.  Maybe "fipshash()"?

We could make the comment introducing the function declarations more
elaborate, too.

            regards, tom lane

pgsql-hackers by date:

From: tender wang
Date: 06 March 2023, 17:50:51
Subject: Re: wrong results due to qual pushdown

From: Bharath Rupireddy
Date: 06 March 2023, 18:06:17
Subject: Re: Combine pg_walinspect till_end_of_wal functions with others

Re: Allow tests to pass in OpenSSL FIPS mode - Mailing list pgsql-hackers

Previous

Next