On Wed, Sep 05, 2018 at 01:19:39PM +0000, Alessandro Gherardi wrote: > Hi Michael,I'm actually running postgres on Windows. First you may want to avoid top-posting. This is not the style of the community lists and this breaks the logic of a thread. > I added code to fe-secure-openssl.c and be-secure-openssl.c that reads > the Windows "standard" FIPS registry entry, and if FIPS is enabled > calls FIPS_mode_set(1). This is to mimic to behavior of the .NET > framework. That's rather uncharted territory, as you are patching both the backend *and* the client. If we could prove that sha2-openssl.c is actually unreliable even if FIPS is enabled system-wide with either SCRAM authentication or any of the other hashing functions, then I would be ready to accept a patch. Now, as far as I can see and heard from other folks for at least Linux, if FIPS is enabled at the OS level, then Postgres would use it automatically and SCRAM is able to work. I have yet to hear that this part is broken. As far as I know from companies within the community which worked on STIG requirements, the thing works. > Below is the code I added to fe-secure-openssl.c, the code in > be-secure-openssl.c is similar: > Thoughts? I can try to fix the scram-sha-256 issue by using EVP and > send you a merge request for the patch and the code below if you think > my approach is correct. That's a bit unreadable I am afraid :) You may want to attach a patch after producing it with for example "git format-patch -1". -- Michael
Attachment:
signature.asc
Description: PGP signature
