Re: pgcrypto sha256/384/512 don't work on Redhat. Please help!

From: "Joe Kramer" <cckramer(at)gmail(dot)com>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: pgcrypto sha256/384/512 don't work on Redhat. Please help!
Date: 2006-06-07 15:39:03
Message-ID: b4c00a110606070839q47cb968dq1354a0098ec45d7f@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

If it was commited to HEAD, it will appear in 8.1.5, right?

On 5/30/06, Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> wrote:
>
> Patch applied to CVS HEAD and 8.1.X. Thanks.
>
> ---------------------------------------------------------------------------
>
>
>
> Marko Kreen wrote:
> > On 5/9/06, Joe Kramer <cckramer(at)gmail(dot)com> wrote:
> > > On 5/9/06, Marko Kreen <markokr(at)gmail(dot)com> wrote:
> > > > The fact that Fedora pgcrypto is linked with OpenSSL that does not
> > > > support SHA256 is not a bug, just a fact.
> > >
> > > It's not Fedora only, same problem with Gentoo/portage.
> > > I think it's problem for all distros. You need recompile pgcrypto or install
> > > openssl 0.9.8 which is considered as "unstable" by most distros.
> > >
> > > Maybe pgcrypto should use built-in algorithms until OpenSSL 0.9.8 is
> > > mainstream/default install.
> >
> > To be honest, pgcrypto actually falls back on built-in code for AES,
> > in case old OpenSSL that does not have AES. Thats because AES
> > should be "always there", together with md5/sha1/blowfish.
> >
> > I do not consider SHA2 that important (yet?), so they don't
> > get same treatment.
> >
> > > > OTOH, the nicest solution to your problem would be self-compiled
> > > > pgcrypto, that would work with stock PostgreSQL. As the conflict
> > > > happens with only (new) SHA2 functions, I can prepare a patch for
> > > > symbol conflict, would that be satisfactory for you?
> > >
> > > Ideally, would be great if pgcrypto could fallback to built-in algorithm of
> > > OpenSSL don't support it.
> > > But since it's compile switch, completely seld-compiled pgcrypto would be
> > > great.
> >
> > Attached is a patch that re-defines SHA2 symbols so that they would not
> > conflict with OpenSSL.
> >
> > Now that I think about it, if your OpenSSL does not contain SHA2, then
> > there should be no conflict. But ofcourse, if someone upgrades OpenSSL,
> > server starts crashing. So I think its best to always apply this patch.
> >
> > I think I'll send the patch to 8.2 later, not sure if it's important
> > enough for 8.1.
> >
> > --
> > marko
>
> [ Attachment, skipping... ]
>
> >
> > ---------------------------(end of broadcast)---------------------------
> > TIP 6: explain analyze is your friend
>
> --
> Bruce Momjian http://candle.pha.pa.us
> EnterpriseDB http://www.enterprisedb.com
>
> + If your life is a hard drive, Christ can be your backup. +
>

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Tom Lane 2006-06-07 15:52:01 Re: Some mystery with execution plans on postgres 8.1
Previous Message Jessica M Salmon 2006-06-07 15:37:10 Re: composite data type question