Michael Paquier <michael@xxxxxxxxxxx> writes: > On Tue, Jan 04, 2022 at 12:54:35PM -0500, Tom Lane wrote: >> I reproduced this on Fedora 35 with FIPS mode enabled. The problem >> is that OpenSSL treats MD5 as a disallowed cipher type under FIPS >> mode, so this call in pg_cryptohash_init fails: > Is that 3.0.0 or 1.1.1? I can see the following, telling that Fedora > 35 uses OpenSSL 1.1.1: > https://packages.fedoraproject.org/pkgs/openssl/openssl/ I don't have the image booted up right at the moment, but it was a plain vanilla, fresh-out-of-the-box F35 install, so whatever the default openssl version is for that. That link does say that it should be 1.1.1l. > Indeed, this error is a pilot error with the cryptohash integration of > 14. In ~13, the custom MD5 implementation would only fail on OOM, but > more failure modes are possible now. Right, the code in md5_text() was fine when it was written ... but now, not so much. > At the end, I agree that we should improve the error message in these > two cases. However, I would stick to simplicity by not assuming that > those two code paths fail only on OOM, and reword things in md5_text() > and md5_bytea() with a simple "could not compute MD5 hash". Any code > paths calling the routines of md5_common.c just do that as well for > ages when the computation fails, and that's what we care about here. I think it's very important that the error message in this case mention "FIPS mode" explicitly. Otherwise, people will have no idea that that's where the problem originates, and they'll be frustrated and we'll get bug reports. (They may be frustrated anyway, but it was their choice, or their corporate policy's choice, to cut off their access to MD5. Not our place to dodge that decision.) regards, tom lane