[HACKERS] FIPS mode?
| От | Curtis Ruck |
|---|---|
| Тема | [HACKERS] FIPS mode? |
| Дата | |
| Msg-id | CAFgGLFeuFrpT=kR2M-N91QyroO-Refzc=OKd2pqFa5xnaJbjVA@mail.gmail.com обсуждение исходный текст |
| Ответы |
Re: [HACKERS] FIPS mode?
|
| Список | pgsql-hackers |
I've got a requirement for enabling FIPS support in our environment. Looking at postgresql's be-secure-openssl.c and mucking with it, it seems fairly straight forward to just add a few ifdefs and enable fips with a new configure flag and a new postgresql.conf configuration setting.
If I clean this up some, maintain styleguide, what is the likely hood of getting this included in the redhat packages, since redhat ships a certified FIPS implementation?
For what its worth, I've got the FIPS_mode_set(1) working and postgresql seems to function properly. I'd just like to see this in upstream so I don't end up maintaining a long-lived branch.
Looking at scope, logically it seems mostly confined to libpq, and be-secure-openssl.c, though i'd expect pgcrypto to be affected.
В списке pgsql-hackers по дате отправления: