You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hawq.apache.org by wl...@apache.org on 2015/11/11 09:37:24 UTC
incubator-hawq git commit: HAWQ-142. Remove fips mode
Repository: incubator-hawq
Updated Branches:
refs/heads/master fd93b6dcb -> bd62776ca
HAWQ-142. Remove fips mode
Project: http://git-wip-us.apache.org/repos/asf/incubator-hawq/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-hawq/commit/bd62776c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-hawq/tree/bd62776c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-hawq/diff/bd62776c
Branch: refs/heads/master
Commit: bd62776caa941c69792013463f1d60e974fc4149
Parents: fd93b6d
Author: Wen Lin <wl...@pivotal.io>
Authored: Wed Nov 11 16:42:58 2015 +0800
Committer: Wen Lin <wl...@pivotal.io>
Committed: Wed Nov 11 16:42:58 2015 +0800
----------------------------------------------------------------------
contrib/pgcrypto/Makefile | 1 +
contrib/pgcrypto/internal.c | 4 +-
contrib/pgcrypto/openssl.c | 14 +----
contrib/pgcrypto/pgcrypto.c | 15 ------
contrib/pgcrypto/pgp-pubenc.c | 4 +-
contrib/pgcrypto/pgp.c | 20 +-------
contrib/pgcrypto/px.c | 7 +--
src/backend/libpq/crypt.c | 1 -
src/backend/libpq/pg_sha2.c | 12 -----
src/backend/postmaster/postmaster.c | 1 -
src/backend/utils/misc/guc.c | 60 +---------------------
src/backend/utils/misc/postgresql.conf.sample | 1 -
src/include/libpq/password_hash.h | 3 +-
src/include/postmaster/postmaster.h | 1 -
14 files changed, 12 insertions(+), 132 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/contrib/pgcrypto/Makefile
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/Makefile b/contrib/pgcrypto/Makefile
index 5cd37b2..4cb3435 100644
--- a/contrib/pgcrypto/Makefile
+++ b/contrib/pgcrypto/Makefile
@@ -47,6 +47,7 @@ else
subdir = contrib/pgcrypto
top_builddir = ../..
include $(top_builddir)/src/Makefile.global
+include $(top_builddir)/contrib/contrib-global.mk
endif
# Add libraries that pgcrypto depends (or might depend) on into the
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/contrib/pgcrypto/internal.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/internal.c b/contrib/pgcrypto/internal.c
index 542e667..07e133b 100644
--- a/contrib/pgcrypto/internal.c
+++ b/contrib/pgcrypto/internal.c
@@ -583,10 +583,8 @@ px_find_digest(const char *name, PX_MD **res)
PX_MD *h;
for (p = int_digest_list; p->name; p++)
- if (pg_strcasecmp(p->name, name) == 0)
{
- if (fips_mode && !p->fips)
- continue;
+ if (pg_strcasecmp(p->name, name) == 0)
{
h = px_alloc(sizeof(*h));
p->init(h);
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/contrib/pgcrypto/openssl.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/openssl.c b/contrib/pgcrypto/openssl.c
index 27ba667..54ac7c4 100644
--- a/contrib/pgcrypto/openssl.c
+++ b/contrib/pgcrypto/openssl.c
@@ -862,7 +862,7 @@ static PX_Alias ossl_aliases[] = {
{"rijndael", "aes-cbc"},
{"rijndael-cbc", "aes-cbc"},
{"rijndael-ecb", "aes-ecb"},
- {NULL}
+ {NULL, NULL}
};
static const struct ossl_cipher ossl_bf_cbc = {
@@ -954,15 +954,11 @@ px_find_cipher(const char *name, PX_Cipher **res)
ossldata *od;
name = px_resolve_alias(ossl_aliases, name);
- if (fips_mode)
- {
- if (!strcmp(name, fips_crypto_algo_str))
- return PXE_NOT_ALLOWED_FIPS;
- }
for (i = ossl_cipher_types; i->name; i++)
if (!strcmp(i->name, name))
break;
+
if (i->name == NULL)
return PXE_NO_CIPHER;
@@ -970,12 +966,6 @@ px_find_cipher(const char *name, PX_Cipher **res)
memset(od, 0, sizeof(*od));
od->ciph = i->ciph;
- if (fips_mode)
- {
- if (!i->fips)
- return PXE_NOT_ALLOWED_FIPS;
- }
-
c = px_alloc(sizeof(*c));
c->block_size = gen_ossl_block_size;
c->key_size = gen_ossl_key_size;
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/contrib/pgcrypto/pgcrypto.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/pgcrypto.c b/contrib/pgcrypto/pgcrypto.c
index 3d1e415..067ef6c 100644
--- a/contrib/pgcrypto/pgcrypto.c
+++ b/contrib/pgcrypto/pgcrypto.c
@@ -138,11 +138,6 @@ pg_gen_salt(PG_FUNCTION_ARGS)
text *res;
char buf[PX_MAX_SALT_LEN + 1];
- if (fips_mode)
- ereport(ERROR,
- (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
- errmsg("gen_salt is insecure in fips mode")));
-
arg0 = PG_GETARG_TEXT_P(0);
len = VARSIZE(arg0) - VARHDRSZ;
@@ -176,11 +171,6 @@ pg_gen_salt_rounds(PG_FUNCTION_ARGS)
text *res;
char buf[PX_MAX_SALT_LEN + 1];
- if (fips_mode)
- ereport(ERROR,
- (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
- errmsg("gen_salt is insecure in fips mode")));
-
arg0 = PG_GETARG_TEXT_P(0);
rounds = PG_GETARG_INT32(1);
@@ -220,11 +210,6 @@ pg_crypt(PG_FUNCTION_ARGS)
*resbuf;
text *res;
- if (fips_mode)
- ereport(ERROR,
- (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
- errmsg("gen_salt is insecure in fips mode")));
-
arg0 = PG_GETARG_TEXT_P(0);
arg1 = PG_GETARG_TEXT_P(1);
len0 = VARSIZE(arg0) - VARHDRSZ;
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/contrib/pgcrypto/pgp-pubenc.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/pgp-pubenc.c b/contrib/pgcrypto/pgp-pubenc.c
index 0e9ebb4..9b44fbf 100644
--- a/contrib/pgcrypto/pgp-pubenc.c
+++ b/contrib/pgcrypto/pgp-pubenc.c
@@ -199,7 +199,7 @@ pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst)
PGP_PubKey *pk = ctx->pub_key;
uint8 ver = 3;
PushFilter *pkt = NULL;
- uint8 algo = pk->algo;
+ uint8 algo;
if (pk == NULL)
{
@@ -207,6 +207,8 @@ pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst)
return PXE_BUG;
}
+ algo = pk->algo;
+
/*
* now write packet
*/
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/contrib/pgcrypto/pgp.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/pgp.c b/contrib/pgcrypto/pgp.c
index 9c76cae..ce6f199 100644
--- a/contrib/pgcrypto/pgp.c
+++ b/contrib/pgcrypto/pgp.c
@@ -35,8 +35,6 @@
#include "mbuf.h"
#include "pgp.h"
-#include "postmaster/postmaster.h"
-
/*
* Defaults.
*/
@@ -109,15 +107,8 @@ pgp_get_digest_code(const char *name)
const struct digest_info *i;
for (i = digest_list; i->name; i++)
- {
if (pg_strcasecmp(i->name, name) == 0)
- {
- if (fips_mode && !i->fips)
- return PXE_NOT_ALLOWED_FIPS;
- else
- return i->code;
- }
- }
+ return i->code;
return PXE_PGP_UNSUPPORTED_HASH;
}
@@ -127,15 +118,8 @@ pgp_get_cipher_code(const char *name)
const struct cipher_info *i;
for (i = cipher_list; i->name; i++)
- {
if (pg_strcasecmp(i->name, name) == 0)
- {
- if (fips_mode && !i->fips)
- return PXE_NOT_ALLOWED_FIPS;
- else
- return i->code;
- }
- }
+ return i->code;
return PXE_PGP_UNSUPPORTED_CIPHER;
}
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/contrib/pgcrypto/px.c
----------------------------------------------------------------------
diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c
index 124dca7..4ba7391 100644
--- a/contrib/pgcrypto/px.c
+++ b/contrib/pgcrypto/px.c
@@ -113,12 +113,7 @@ px_resolve_alias(const PX_Alias *list, const char *name)
while (list->name)
{
if (pg_strcasecmp(list->alias, name) == 0)
- {
- if (fips_mode && !list->fips)
- return fips_crypto_algo_str;
- else
- return list->name;
- }
+ return list->name;
list++;
}
return name;
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/src/backend/libpq/crypt.c
----------------------------------------------------------------------
diff --git a/src/backend/libpq/crypt.c b/src/backend/libpq/crypt.c
index 72086d1..06d7fb6 100644
--- a/src/backend/libpq/crypt.c
+++ b/src/backend/libpq/crypt.c
@@ -33,7 +33,6 @@ hash_password(const char *passwd, char *salt, size_t salt_len, char *buf)
case PASSWORD_HASH_MD5:
return pg_md5_encrypt(passwd, salt, salt_len, buf);
case PASSWORD_HASH_SHA_256:
- case PASSWORD_HASH_SHA_256_FIPS:
return pg_sha256_encrypt(passwd, salt, salt_len, buf);
break;
default:
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/src/backend/libpq/pg_sha2.c
----------------------------------------------------------------------
diff --git a/src/backend/libpq/pg_sha2.c b/src/backend/libpq/pg_sha2.c
index 70f358e..109ccbb 100644
--- a/src/backend/libpq/pg_sha2.c
+++ b/src/backend/libpq/pg_sha2.c
@@ -48,18 +48,6 @@ pg_sha256_encrypt(const char *pass, char *salt, size_t salt_len,
memcpy(target + passwd_len, salt, salt_len);
target[passwd_len + salt_len] = '\0';
- /*
- * Users might require a FIPS compliant implementation. They can specify
- * this by setting the password_hash_algorithm GUC to SHA-256-FIPS.
- */
- if (password_hash_algorithm == PASSWORD_HASH_SHA_256_FIPS && !fips_mode)
- {
- ereport(ERROR,
- (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
- errmsg("FIPS certified SHA-256 is not enabled"),
- errhint("Use fips_mode=on setting to enable")));
- }
-
SHA256_Init(&ctx);
SHA256_Update(&ctx, (uint8 *)target, passwd_len + salt_len);
SHA256_Final(digest, &ctx);
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/src/backend/postmaster/postmaster.c
----------------------------------------------------------------------
diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c
index 0ea3ae6..03a5ec5 100644
--- a/src/backend/postmaster/postmaster.c
+++ b/src/backend/postmaster/postmaster.c
@@ -257,7 +257,6 @@ static int SendStop = false;
/* still more option variables */
bool EnableSSL = false;
-bool fips_mode = false;
bool SilentMode = false; /* silent_mode */
int PreAuthDelay = 0;
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/src/backend/utils/misc/guc.c
----------------------------------------------------------------------
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index 4f2d20d..7076be0 100644
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -213,7 +213,6 @@ static const char *assign_custom_variable_classes(const char *newval, bool doit,
static const char *assign_explain_memory_verbosity(const char *newval, bool doit, GucSource source);
static bool assign_debug_assertions(bool newval, bool doit, GucSource source);
static bool assign_ssl(bool newval, bool doit, GucSource source);
-static bool assign_fips_mode(bool newval, bool doit, GucSource source);
static bool assign_stage_log_stats(bool newval, bool doit, GucSource source);
static bool assign_log_stats(bool newval, bool doit, GucSource source);
static bool assign_dispatch_log_stats(bool newval, bool doit, GucSource source);
@@ -4427,15 +4426,6 @@ static struct config_bool ConfigureNamesBool[] =
},
{
- {"fips_mode", PGC_POSTMASTER, CONN_AUTH_SECURITY,
- gettext_noop("If set, enable OpenSSL FIPS Object Module, restricting allowed algorithms"),
- NULL
- },
- &fips_mode,
- false, assign_fips_mode, NULL
- },
-
- {
{"hawq_rm_force_fifo_queuing", PGC_POSTMASTER, RESOURCES_MGM,
gettext_noop("force to execute query in queue in a fifo sequence."),
NULL
@@ -7953,7 +7943,7 @@ static struct config_string ConfigureNamesString[] =
{
{"password_hash_algorithm", PGC_SUSET, CONN_AUTH_SECURITY,
gettext_noop("The cryptograph hash algorithm to apply to passwords before storing them."),
- gettext_noop("Valid values are MD5, SHA-256 or SHA-256-FIPS (for a FIPS compliant implementation)."),
+ gettext_noop("Valid values are MD5, SHA-256."),
GUC_SUPERUSER_ONLY
},
&password_hash_algorithm_str,
@@ -12826,11 +12816,6 @@ assign_password_hash_algorithm(const char *newval, bool doit, GucSource source)
if (doit)
password_hash_algorithm = PASSWORD_HASH_SHA_256;
}
- else if (pg_strcasecmp(newval, "SHA-256-FIPS") == 0)
- {
- if (doit)
- password_hash_algorithm = PASSWORD_HASH_SHA_256_FIPS;
- }
else
return NULL;
@@ -13115,49 +13100,6 @@ assign_ssl(bool newval, bool doit, GucSource source)
}
static bool
-assign_fips_mode(bool newval, bool doit, GucSource source)
-{
-#ifndef USE_SSL
- if (newval)
- ereport(ERROR,
- (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
- errmsg("SSL is not supported by this build")));
-#else
- /*
- * Put OpenSSL into FIPS mode. fips_mode is PGC_USERSET, but once entered,
- * there is actually no way of taking OpenSSL out of FIPS mode. So turning
- * it off doesn't do much. It does affect the allowed algorithms in
- * pgcrypto though.
- */
- if (newval && doit)
- {
- if (!FIPS_mode_set(1))
- {
- unsigned long ssl_err = ERR_get_error();
-
- /*
- * Give a more specific error message for the common case that
- * we're not linked with a FIPS-certified version of OpenSSL.
- */
-#ifdef CRYPTO_R_FIPS_MODE_NOT_SUPPORTED
- if (ERR_GET_REASON(ssl_err) == CRYPTO_R_FIPS_MODE_NOT_SUPPORTED)
- ereport(ERROR,
- (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
- errmsg("FIPS mode is not supported by this version of OpenSSL")));
- else
-#endif
- ereport(ERROR,
- (errcode(ERRCODE_EXTERNAL_ROUTINE_INVOCATION_EXCEPTION),
- errmsg("OpenSSL FIPS mode initialization failed"),
- errdetail("OpenSSL returned error %lx: %s",
- ssl_err, ERR_error_string(ssl_err, NULL))));
- }
- }
-#endif
- return true;
-}
-
-static bool
assign_optimizer(bool newval, bool doit, GucSource source)
{
#ifndef USE_ORCA
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/src/backend/utils/misc/postgresql.conf.sample
----------------------------------------------------------------------
diff --git a/src/backend/utils/misc/postgresql.conf.sample b/src/backend/utils/misc/postgresql.conf.sample
index a363e24..466221b 100755
--- a/src/backend/utils/misc/postgresql.conf.sample
+++ b/src/backend/utils/misc/postgresql.conf.sample
@@ -68,7 +68,6 @@
#authentication_timeout = 1min # 1s-600s
#ssl = off # (change requires restart)
-#fips_mode = off # use OpenSSL FIPS mode.
#ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers
# (change requires restart)
#password_encryption = on
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/src/include/libpq/password_hash.h
----------------------------------------------------------------------
diff --git a/src/include/libpq/password_hash.h b/src/include/libpq/password_hash.h
index 13d9d66..da9b968 100644
--- a/src/include/libpq/password_hash.h
+++ b/src/include/libpq/password_hash.h
@@ -23,8 +23,7 @@ typedef enum
{
PASSWORD_HASH_NONE = 0,
PASSWORD_HASH_MD5,
- PASSWORD_HASH_SHA_256,
- PASSWORD_HASH_SHA_256_FIPS
+ PASSWORD_HASH_SHA_256
} PasswdHashAlg;
extern PasswdHashAlg password_hash_algorithm;
http://git-wip-us.apache.org/repos/asf/incubator-hawq/blob/bd62776c/src/include/postmaster/postmaster.h
----------------------------------------------------------------------
diff --git a/src/include/postmaster/postmaster.h b/src/include/postmaster/postmaster.h
index d5b657b..66e6868 100644
--- a/src/include/postmaster/postmaster.h
+++ b/src/include/postmaster/postmaster.h
@@ -15,7 +15,6 @@
/* GUC options */
extern bool EnableSSL;
-extern PGDLLIMPORT bool fips_mode;
extern bool SilentMode;
extern int ReservedBackends;
extern int PostPortNumber;