Re: Avoiding useless SHA256 initialization with backup manifests, breaking base backups with FIPS

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: Postgres hackers <pgsql-hackers@lists.postgresql.org>
Cc: Julien Rouhaud <rjuju123@gmail.com>, Robert Haas <robertmhaas@gmail.com>
Date: 2020-11-12T02:00:14Z
Lists: pgsql-hackers
On Tue, Nov 10, 2020 at 11:00:14AM +0900, Michael Paquier wrote:
> Attached is a patch that I would like to back-patch down to v13 to
> avoid this useless initialization, giving users the possibility to
> take base backups with FIPS when not using a backup manifest.  Without
> the solution in the first paragraph, you cannot make use of backup 
> manifests at all with OpenSSL+FIPS (one can still enforce the use of
> the in-core SHA2 implementation even if building with OpenSSL), but at
> least it gives an escape route with 13.

Okay.  Hearing nothing, I have applied that.
--
Michael

Commits

  1. Remove useless SHA256 initialization when not using backup manifests