| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Andrew Dunstan <andrew(dot)dunstan(at)2ndquadrant(dot)com>, Daniel Gustafsson <daniel(at)yesql(dot)se>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: OpenSSL 3.0.0 compatibility |
| Date: | 2020-06-01 08:33:12 |
| Message-ID: | 8481c941-f247-23cb-6a0e-0252d3a075a7@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2020-05-30 14:34, Andrew Dunstan wrote:
>
> On 5/28/20 6:16 PM, Daniel Gustafsson wrote:
>>
>> OpenSSL also deprecates DES keys in 3.0.0, which cause our password callback
>> tests to fail with the cryptic error "fetch failed", as the test suite keys are
>> encrypted with DES. 0002 fixes this by changing to AES256 (randomly chosen
>> among the ciphers supported in 1.0.1+ and likely to be around), and could be
>> applied already today as there is nothing 3.0.0 specific about it.
>>
>
> +1 for applying this forthwith. The key in my recent commit 896fcdb230
> is encrypted with AES256.
I don't see anything in that commit about how to regenerate those files,
such as a makefile rule. Is that missing?
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2020-06-01 08:39:45 | Re: Incorrect comment in be-secure-openssl.c |
| Previous Message | godjan • | 2020-06-01 07:44:26 | Re: Strange decreasing value of pg_last_wal_receive_lsn() |