Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wGIId-0064wx-2O for pgsql-bugs@arkaria.postgresql.org; Fri, 24 Apr 2026 15:18:36 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.96) (envelope-from ) id 1wGIIc-006vnG-0f for pgsql-bugs@arkaria.postgresql.org; Fri, 24 Apr 2026 15:18:34 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1wGIIb-006vls-1u for pgsql-bugs@lists.postgresql.org; Fri, 24 Apr 2026 15:18:33 +0000 Received: from mail-yw1-x112c.google.com ([2607:f8b0:4864:20::112c]) by makus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.98.2) (envelope-from ) id 1wGIIY-00000002as5-47pg for pgsql-bugs@lists.postgresql.org; Fri, 24 Apr 2026 15:18:32 +0000 Received: by mail-yw1-x112c.google.com with SMTP id 00721157ae682-79885f4a8ffso86259427b3.3 for ; Fri, 24 Apr 2026 08:18:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=joeconway.com; s=google; t=1777043910; x=1777648710; darn=lists.postgresql.org; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=wIoYbL8+drMqnrqF1/0YkTrZtam75P964beBuomPfP8=; b=OFsxS3tneOqFvlAPNWvKimy+58gpf4wCZUSjBa5EY6R63g/KiJovIos7RufIjv+d4E s9G5rEYEXVON8dqk4J972u/R6n8efr0U1RWZfXciin8qPkdO8PBwqyRMd3rwz41bvmPq OS7nqafT/A2OAF0wbRR8/FfZilB4hR+lqJyYXp1rR1Ru6Imdp9S7pH87Fn/Z9Qkk6X9z E3Rd6d4uoertgZUbuSWIQLcPQW8TIxZn0Die+6sPkJWHFwkHfUESW6s3dOQjVercpTB0 gU2uYa6il6XpZGg/Vrmao/AdM7BzQd8/ewtceK+0JJC77cBiIgKW3Pjq8SSP9HSFheek s4ag== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1777043910; x=1777648710; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=wIoYbL8+drMqnrqF1/0YkTrZtam75P964beBuomPfP8=; b=Kwtdklf5UHiopxMP04iu11tpBImsQIY0Bsoo/JOQVA6DJ+tMTdV7U1xy5wWdHbjByu eiQaaffdGTYfpSWCyMgvuO/vI0RTio0H50f55OGzWirE1Hp+w41iFjEgk2hCJS21CC68 jMLe1m+ryorVQgKF9bdj/mCdF6gJS21B6tgMS6Whzb6vIjIoR3UNhmMHaKG+6EYXkhri WxBKAUqNv3qlDCcbhs85PoMp+HHmIVTGehb92zqZRsNkCefPoaQ2HRjdivXZ0Q3gWJ5d anXx+rXIDDUv/1REUsgKR8/uwDtpQ3szqCr8mb2gpJmqVUCgaqRAGyjnonvNOTfYrbVr bURQ== X-Forwarded-Encrypted: i=1; AFNElJ+TwQ+johjLLRkIzf+z+8g+E8A0bKopbknkgXPDNGcoji2QRVwptLMe2nUvKOGxi+Yo+4h2Xw+xkcTD@lists.postgresql.org X-Gm-Message-State: AOJu0YxR0cZ6t0RBMMIGdeuPRaexQSMPAUT4+Mu/eo25P9y8ReajvIn+ H3E2tusZEPG23whT5+weCqQGc7HiRXt2XyzwKNe2BMkX7rykLGVZgIyrRIjhusIMQck= X-Gm-Gg: AeBDietjrq1uiC1W67tPzZTxG77Od1H9niVWmh5w5eqa94duvRTJzyqq3Ypfin4ADtb 4G3fqbzmnhfrwPxOonGPFt45MxiBXxBoLUdY9WI9GNrCO9y3dFyEI3OYYiXy+GjhI+6xP1Hh5Xz D35ZkjFKjYhYQ7jJKkxZJn/S6PHHpdpva0AP9fSGiwCJRi+jbNfZBIbwAcEgfurTP3pLFEtAq6N uhXVvM5XRqw8tSl7OJrmtOarVaYBbXI7rAV6c87aFch5n/1H7flLWSw1351rgxClp82AReJ5J3m om8Nd8IZZRwfl6Tgf84MYqwbig/ghRExjwAgcEQCZpfPkodoSW3OiWyZZv/3nbjmaZ5JBZhn1OH jq2LB6g7UUXgpH+VZi8S5wuugv6k2ee9PWeo/CF2AIW3i/u9VUYxQ6iySH39mCu33BGT6erajWu 1AOiUUEJle4sBwmBlntXkWHMOzmV2eGEnIuPc= X-Received: by 2002:a05:690c:c4e9:b0:7ba:f2f1:86b5 with SMTP id 00721157ae682-7baf2f18fb0mr238543077b3.14.1777043910137; Fri, 24 Apr 2026 08:18:30 -0700 (PDT) Received: from [192.168.4.42] ([46.110.138.68]) by smtp.gmail.com with ESMTPSA id 00721157ae682-7baf1cda83bsm59334577b3.5.2026.04.24.08.18.28 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 24 Apr 2026 08:18:28 -0700 (PDT) Message-ID: <71c66a3b-4c0d-447b-8b84-ef15ac047561@joeconway.com> Date: Fri, 24 Apr 2026 11:18:28 -0400 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: BUG #19457: RE: pgp_sym_encrypt silently accepts non-FIPS ciphers (bf, cast5, 3des) when OpenSSL is in FIPS mod To: Tom Lane , Daniel Gustafsson Cc: Michael Paquier , ansh01072001@gmail.com, pgsql-bugs@lists.postgresql.org References: <19457-4bab15c17aea36c7@postgresql.org> <3A2299BC-1684-4CEB-BD65-1DEBFB446F24@yesql.se> <99F0B98C-2276-4C01-B553-BDD0806CAEEF@yesql.se> <1612210.1777041534@sss.pgh.pa.us> Content-Language: en-US From: Joe Conway In-Reply-To: <1612210.1777041534@sss.pgh.pa.us> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 4/24/26 10:38, Tom Lane wrote: > Daniel Gustafsson writes: >>> On 24 Apr 2026, at 06:20, Michael Paquier wrote: >>> I am interesting in getting that fixed for the next point release, so >>> I have given it a try, finishing with the attached. This would cause >>> pgp_sym_encrypt() and pgp_sym_decrypt() to complain when the builtin >>> mode is disabled, making things more consistent with the surroundings. > >> I'm not convinced this is material for a minor release, the feature works as >> documented and it was never documented to cover PGP. Re-reading the thread PGP >> was never discussed, and while that admittedly seem like an oversight doing >> this in a minor release will alter documented behaviour which is generally not >> what we want to do. > > I sympathize with that argument, but ... people who are running in > FIPS mode are probably doing so because they have contractual or legal > obligations to meet that standard. A person who could be in hot water > if they are accidentally running disallowed crypto would see this as a > dangerous bug. A person who does not care should not be using FIPS > mode. +1 I think we should consider this as a backpatchable bug. -- Joe Conway PostgreSQL Contributors Team Amazon Web Services: https://aws.amazon.com