| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: scram-sha-256 broken with FIPS and OpenSSL 1.0.2 |
| Date: | 2020-12-03 01:47:32 |
| Message-ID: | X8hDtMHgovMFr6pi@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Dec 02, 2020 at 12:03:49PM +0900, Michael Paquier wrote:
> Thanks. 0001 has been applied and the buildfarm does not complain, so
> it looks like we are good (I'll take care of any issues, like the one
> Fujii-san has just reported). Attached are new patches for 0002, the
> EVP switch. One thing I noticed is that we need to free the backup
> manifest a bit earlier once we begin to use resource owner in
> basebackup.c as there is a specific step that may do a double-free.
> This would not happen when not using OpenSSL or on HEAD. It would be
> easy to separate the resowner and cryptohash portions of the patch
> here, but both are tightly linked, so I'd prefer to keep them
> together.
Attached is a rebased version to take care of the conflicts introduced
by 91624c2f.
--
Michael
| Attachment | Content-Type | Size |
|---|---|---|
| v8-0001-Switch-cryptohash_openssl.c-to-use-EVP.patch | text/x-diff | 11.2 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2020-12-03 01:47:35 | Re: Deprecate custom encoding conversions |
| Previous Message | Tom Lane | 2020-12-03 01:36:50 | Re: Get memory contexts of an arbitrary backend process |