On Wed, Sep 05, 2018 at 01:19:39PM +0000, Alessandro Gherardi wrote:
> Hi Michael,I'm actually running postgres on Windows.
First you may want to avoid top-posting. This is not the style of the
community lists and this breaks the logic of a thread.
> I added code to fe-secure-openssl.c and be-secure-openssl.c that reads
> the Windows "standard" FIPS registry entry, and if FIPS is enabled
> calls FIPS_mode_set(1). This is to mimic to behavior of the .NET
> framework.
That's rather uncharted territory, as you are patching both the backend
*and* the client. If we could prove that sha2-openssl.c is actually
unreliable even if FIPS is enabled system-wide with either SCRAM
authentication or any of the other hashing functions, then I would be
ready to accept a patch. Now, as far as I can see and heard from other
folks for at least Linux, if FIPS is enabled at the OS level, then
Postgres would use it automatically and SCRAM is able to work. I have
yet to hear that this part is broken. As far as I know from companies
within the community which worked on STIG requirements, the thing
works.
> Below is the code I added to fe-secure-openssl.c, the code in
> be-secure-openssl.c is similar:
> Thoughts? I can try to fix the scram-sha-256 issue by using EVP and
> send you a merge request for the patch and the code below if you think
> my approach is correct.
That's a bit unreadable I am afraid :)
You may want to attach a patch after producing it with for example "git
format-patch -1".
--
Michael