Re: pgcrypto sha256/384/512 don't work on Redhat. Please help!

On 5/9/06, Marko Kreen <markokr(at)gmail(dot)com> wrote:
>
> On 5/9/06, Joe Kramer <cckramer(at)gmail(dot)com> wrote:
> > Thanks, but I need it to work out-of-the-box, with standard installation
> of
> > RedHat or Gentoo and standard PostgreSQL rpm.
> >
> > I am developing application with PortgreSQL and I can't tell customer
> to
> > "Recompile PostgreSQL and see if it works then try to use non-openssl
> > pgcrypto or try to compile openSSL 0.9.8."
> >
> > Pgcrypto depends on OpenSSL 0.9.8. And 0.9.8 is not "Stable" in RedHat
> and
> > Gentoo. So you need to recompile pgcrypto/openssl anyway if you want to
> use
> > it. Can I report this in PostgreSQL bug system?
>
> What bug are you refering to? Only bug that I can see is the
> symbol-conflict problem, but as 8.1 pgcrypto uses always same
> setting as core postgres, it should not be a big deal.
>
> The fact that Fedora pgcrypto is linked with OpenSSL that does not
> support SHA256 is not a bug, just a fact.

It's not Fedora only, same problem with Gentoo/portage.
I think it's problem for all distros. You need recompile pgcrypto or install
openssl 0.9.8 which is considered as "unstable" by most distros.
Maybe pgcrypto should use built-in algorithms until OpenSSL 0.9.8 is
mainstream/default install.

OTOH, the nicest solution to your problem would be self-compiled
> pgcrypto, that would work with stock PostgreSQL. As the conflict
> happens with only (new) SHA2 functions, I can prepare a patch for
> symbol conflict, would that be satisfactory for you?

Ideally, would be great if pgcrypto could fallback to built-in algorithm of
OpenSSL don't support it.
But since it's compile switch, completely seld-compiled pgcrypto would be
great.

Thanks a lot!