upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-02-20 00:10:16 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Avoid using the X25519 curve in ssl tests

Browse source 
The X25519 curve is disallowed when OpenSSL is configured for
FIPS mode which makes the testsuite fail.  Since X25519 isn't
required for the tests we can remove it to allow FIPS enabled
configurations to run the tests.

Author: Daniel Gustafsson <daniel@yesql.se>
Reported-by: Tom Lane <tgl@sss.pgh.pa.us>
Discussion: https://postgr.es/m/3521653.1770666093@sss.pgh.pa.us
This commit is contained in:
Daniel Gustafsson 2026-02-16 15:10:16 +01:00
parent d50c86e743
commit 07e90c6913
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/test/ssl/t/SSL/Server.pm
View file

@ -324,7 +324,7 @@ sub switch_server_cert
$node->append_conf('sslconfig.conf', $backend->set_server_cert(\%params));
# use lists of ECDH curves and cipher suites for syntax testing
$node->append_conf('sslconfig.conf',
'ssl_groups=X25519:prime256v1:secp521r1');
'ssl_groups=prime256v1:secp521r1');
$node->append_conf('sslconfig.conf',
'ssl_tls13_ciphers=TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256');