> On 9 Feb 2026, at 20:41, Tom Lane <[email protected]> wrote: > > Daniel Gustafsson <[email protected]> writes: >> On 18 Mar 2025, at 16:07, Andres Freund <[email protected]> wrote: >>> Thanks to both of you for fixing this! > >> No worries, this has now been committed. Whether or not we can do anything >> for >> backbranches is another discussion. > > I happened to discover that daa02c6bd causes us to fail on FIPS-mode > platforms, because X25519 is not a permitted ECDH curve under FIPS.
Ugh, seems I missed testing this with a FIPS enabled setup.. > SSL connection attempts fail with > > 2026-02-09 14:29:05.214 EST postmaster[118237] FATAL: could not set group > names specified in ssl_groups: passed invalid argument > 2026-02-09 14:29:05.214 EST postmaster[118237] HINT: Ensure that each group > name is spelled correctly and supported by the installed version of OpenSSL. > > (This is with OpenSSL 3.0.9 on Fedora 38.) > > The reason this eluded detection by the buildfarm is that > (a) our animals that run on FIPS-mode platforms aren't using > --enable-tap-tests, and (b) ssl_groups is not validated in any way > until we try to load it into an SSL context, ie at the moment of > actually receiving an SSL connection. > > I don't object to X25519 being in the default setting, given that it > seems to be widely used. But I think we had better (1) document that > you need to remove it if you want to run under FIPS, and (2) fix our > SSL-using regression tests to not use it. I wonder also if we could > find a way to validate the ssl_groups setting in a check_hook. Maybe we can create a lightweight throw-away context in a check hook and ensure the settings work? Are you hacking on it or do you want me to pick it up? -- Daniel Gustafsson
