Skip to content

25.3.8-fips: fixes for verification issues#1616

Open
mkmkme wants to merge 3 commits intoreleases/25.3.8-fipsfrom
mkmkme/fips/fixes
Open

25.3.8-fips: fixes for verification issues#1616
mkmkme wants to merge 3 commits intoreleases/25.3.8-fipsfrom
mkmkme/fips/fixes

Conversation

@mkmkme
Copy link
Copy Markdown
Collaborator

@mkmkme mkmkme commented Apr 3, 2026

Changelog category (leave one):

  • Not for changelog (changelog entry is not required)

Changelog entry (a user-readable short description of the changes that goes to CHANGELOG.md):

...

Documentation entry for user-facing changes

...

CI/CD Options

Exclude tests:

  • Fast test
  • Integration Tests
  • Stateless tests
  • Stateful tests
  • Performance tests
  • All with ASAN
  • All with TSAN
  • All with MSAN
  • All with UBSAN
  • All with Coverage
  • All with Aarch64
  • All Regression
  • Disable CI Cache

Regression jobs to run:

  • Fast suites (mostly <1h)
  • Aggregate Functions (2h)
  • Alter (1.5h)
  • Benchmark (30m)
  • ClickHouse Keeper (1h)
  • Iceberg (2h)
  • LDAP (1h)
  • Parquet (1.5h)
  • RBAC (1.5h)
  • SSL Server (1h)
  • S3 (2h)
  • S3 Export (2h)
  • Swarms (30m)
  • Tiered Storage (2h)

mkmkme added 3 commits April 3, 2026 15:43
@mkmkme
shim: fix a memory leak in BIO_do_handshake
714e479 
in SSL_set_bio, if `rbio == wbio`, there's an internal `BIO_up_ref` call
by the function [1]. Doing it manually creates a memory leak. Let's fix
it.

[1] https://github.com/aws/aws-lc/blob/AWS-LC-FIPS-2.0.0/ssl/ssl_lib.cc#L748
@mkmkme
CompressionCodecEncrypted: fix the non-fips build
76d9efa 
Non-fips build uses `*_SIV` algorithms, so let's reflect it in
`registerCodecEncrypted` as well.
@mkmkme
Compression: fix the copy-paste error in fuzzer
80cbce6 
on fips build, `*_SIV` are not defined. Let's fix it.
@mkmkme mkmkme added fips Work related to Altinity FIPS releases fips-25.3 fips-25.3.8.30001 labels Apr 3, 2026
@mkmkme mkmkme mentioned this pull request Apr 3, 2026
Open
27 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

fips Work related to Altinity FIPS releases fips-25.3 fips-25.3.8.30001

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mkmkme