| From: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Allow tests to pass in OpenSSL FIPS mode |
| Date: | 2022-10-13 10:26:32 |
| Message-ID: | 3c36b798-fbb2-9246-fafd-4e4b2f546de8@enterprisedb.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 12.10.22 03:18, Michael Paquier wrote:
> On Tue, Oct 11, 2022 at 01:51:50PM +0200, Peter Eisentraut wrote:
>> Let's make a small start on this. The attached patch moves the tests of the
>> md5() function to a separate test file. That would ultimately make it
>> easier to maintain a variant expected file for FIPS mode where that function
>> will fail (similar to how we have done it for the pgcrypto tests).
>
> Makes sense to me. This slice looks fine.
Committed.
> I think that the other md5() computations done in the main regression
> test suite could just be switched to use one of the sha*() functions
> as they just want to put their hands on text values. It looks like a
> few of them have some expections with the output size and
> generate_series(), though, but this could be tweaked by making the
> series shorter, for example.
Right, that's the rest of my original patch. I'll come back with an
updated version of that.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2022-10-13 10:29:36 | Re: Make finding openssl program a configure or meson option |
| Previous Message | Bharath Rupireddy | 2022-10-13 10:25:37 | Re: Move backup-related code to xlogbackup.c/.h |