On Tue, Sep 11, 2018 at 04:32:27PM +0200, Peter Eisentraut wrote: > I recommend letting this bake in the master branch for a while. There > are a lot weirdly patched and alternative OpenSSL versions out there > that defy any documentation. Good point. Such things have bitten in the past. Okay, then let's do something about sha2_openssl.c only on HEAD for now then, which I am fine to finish wrapping. > Of course, we should also see if this actually fixes the reported problem. It seems to me that addressing FIPS concerns on Windows and getting our hashing functions plugged with OpenSSL correctly are two separate issues. The second one also says that we are in the grey based on OpenSSL docs, which worryies me. And EVP_DigestInit is used in pgcrypto for ages, where I don't recall seeing reports about that. -- Michael
Attachment:
signature.asc
Description: PGP signature
