Re: SSL (patch 5)

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Bear Giles <bgiles(at)coyotesong(dot)com>
Cc: pgsql-patches(at)postgresql(dot)org
Subject: Re: SSL (patch 5)
Date: 2002-06-11 22:32:15
Message-ID: 200206112232.g5BMWFq24141@candle.pha.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-patches


Seems we don't want this patch because we hope the SSL library will
handle it soon, right?

---------------------------------------------------------------------------

Bear Giles wrote:
> Patch to add initialization from entropy source, either a
> file ($HOME/.postgresql/.rand, $DataDir/.rand) or the
> /dev/urandom device.
>
> This is intended to reduce the ability of an attacker to
> predict our "random" keys.
>
> The random file can be generated with the OpenSSL command:
> openssl rand -out .rand 1024.
>
> Bear

Content-Description: /tmp/patch5

[ Attachment, skipping... ]

>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026

In response to

Browse pgsql-patches by date

  From Date Subject
Next Message Bruce Momjian 2002-06-11 22:32:19 Re: SSL (patch 6)
Previous Message Bruce Momjian 2002-06-11 22:31:53 Re: SSL (combined patches 1-4)