Skip site navigation (1) Skip section navigation (2)

Re: pgcrypto: fix for broken solaris openssl, v03

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Marko Kreen" <markokr(at)gmail(dot)com>
Cc: PostgreSQL-patches <pgsql-patches(at)postgresql(dot)org>, "Zdenek Kotala" <Zdenek(dot)Kotala(at)sun(dot)com>
Subject: Re: pgcrypto: fix for broken solaris openssl, v03
Date: 2007-09-29 02:21:35
Message-ID: 24459.1191032495@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-patches
"Marko Kreen" <markokr(at)gmail(dot)com> writes:
> solaris openssl refuses to handle keys longer than 128bits.
> ...
> So something like the current patch should be still applied
> as a near-term fix.

Applied to HEAD and 8.2.  I wasn't sure if there was interest in
patching further back, or if the patch was meant to work further back.
Let me know if you're not happy.

> But I'm starting to think that the blowfish
> check should be #ifdef __solaris__ only.   Has anyone good reasons
> why it should apply to everyone?

As long as we've got to have the code, we may as well use it --- it's
possible that Sun isn't the only vendor who got worried about the crypto
export laws.  Your caching of the result should be enough to ensure that
the overhead is negligible.

			regards, tom lane

In response to

Responses

pgsql-patches by date

Next:From: Neil ConwayDate: 2007-09-29 02:52:46
Subject: Re: too many variants of relation_open
Previous:From: Tom LaneDate: 2007-09-29 00:28:09
Subject: Re: OpenSSL Applink

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group