From: | Michael Paquier <michael(at)paquier(dot)xyz> |
---|---|
To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Subject: | Re: OpenSSL 3.0.0 compatibility |
Date: | 2021-09-22 07:49:10 |
Message-ID: | YUrf9sd4xoPfjQuf@paquier.xyz |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Tue, Sep 07, 2021 at 02:04:23PM +0200, Daniel Gustafsson wrote:
> On 10 Aug 2021, at 15:27, Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>
>> These have now been committed, when OpenSSL 3.0.0 ships and there is coverage
>> in the buildfarm I’ll revisit this for the backbranches.
>
> As an update to this, I’ve tested the tree frozen for the upcoming 3.0.0
> release (scheduled for today AFAIK) and postgres still builds and tests clean
> with the patches that were applied.
I think that the time to do a backpatch of 318df8 has come. caiman,
that runs Fedora 35, has just failed:
https://buildfarm.postgresql.org/cgi-bin/show_log.pl?nm=caiman&dt=2021-09-22%2006%3A28%3A00
Here is a diff:
@@ -8,168 +8,88 @@
decode('0000000000000000', 'hex'),
decode('0000000000000000', 'hex'),
'bf-ecb/pad:none'), 'hex');
- encode
-------------------
- 4ef997456198dd78
-(1 row)
-
+ERROR: encrypt error: Cipher cannot be initialized ?
And if I look at the list of packages at the top of Fedora, I see an
update to OpenSSL 3.0.0:
https://fedora.pkgs.org/rawhide/fedora-aarch64/openssl-libs-3.0.0-1.fc36.aarch64.rpm.html
So the coverage is here. HEAD passes, not the stabele branches. At
least for 14 it would be nice to do that before the release of next
week.
--
Michael
From | Date | Subject | |
---|---|---|---|
Next Message | Daniel Gustafsson | 2021-09-22 08:06:26 | Re: OpenSSL 3.0.0 compatibility |
Previous Message | Michael Paquier | 2021-09-22 07:39:10 | Re: Proposal: Save user's original authenticated identity for logging |