From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
---|---|
To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Re: OpenSSL 3.0.0 compatibility |
Date: | 2021-03-10 08:23:15 |
Message-ID: | A47E7675-E506-44EB-857B-60E1FF193FA6@yesql.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> On 3 Mar 2021, at 14:55, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
>
> This thread is still in the commit fest, but I don't see any actual proposed patch still pending. Most of the activity has moved into other threads.
The doc changes in the patch proposed on 29/9 still stands, although I see that
it had an off by one in mentioning MD5 when it should be MD4 et.al; so
something more like the below.
diff --git a/doc/src/sgml/pgcrypto.sgml b/doc/src/sgml/pgcrypto.sgml
index b6bb23de0f..d45464c7ea 100644
--- a/doc/src/sgml/pgcrypto.sgml
+++ b/doc/src/sgml/pgcrypto.sgml
@@ -1234,6 +1234,12 @@ gen_random_uuid() returns uuid
</tgroup>
</table>
+ <para>
+ When compiled against <productname>OpenSSL</productname> 3.0.0, the legacy
+ provider must be activated in the system <filename>openssl.cnf</filename>
+ configuration file in order to use older ciphers like DES and Blowfish.
+ </para>
+
<para>
> Could you update the status of this CF entry, and perhaps also on the status of OpenSSL compatibility in general?
Let's just wait for 3.0.0 to ship before we do anything.
--
Daniel Gustafsson https://vmware.com/
From | Date | Subject | |
---|---|---|---|
Next Message | tsunakawa.takay@fujitsu.com | 2021-03-10 08:24:42 | RE: Avoid CommandCounterIncrement in RI trigger when INSERT INTO referencing table |
Previous Message | Michael Paquier | 2021-03-10 08:21:53 | Re: cryptohash: missing locking functions for OpenSSL <= 1.0.2? |