> On 8 Mar 2023, at 10:30, Peter Eisentraut <peter.eisentr...@enterprisedb.com> > wrote: > > On 08.03.23 10:21, Daniel Gustafsson wrote: >>> On 8 Mar 2023, at 09:49, Peter Eisentraut >>> <peter.eisentr...@enterprisedb.com> wrote: >>> It occurred to me that it would be easier to maintain this in the long run >>> if we could enable a "fake FIPS" mode that would have the same effect but >>> didn't require fiddling with the OpenSSL configuration or installation. >>> >>> The attached patch shows how this could work. Thoughts? >> - * Initialize a hash context. Note that this implementation is designed >> - * to never fail, so this always returns 0. >> + * Initialize a hash context. >> Regardless of which, we wan't this hunk since the code clearly can return -1. > > I was a bit puzzled by these comments in that file. While the existing > implementations (mostly) never fail, they are clearly not *designed* to never > fail, since the parallel OpenSSL implementations can fail (which is the point > of this thread). So I would remove these comments altogether, really.
The comment in question was missed in 55fe26a4b58, but I agree that it's a false claim given the OpenSSL implementation so removing or at least mimicking the comments in cryptohash_openssl.c would be better. -- Daniel Gustafsson