Home > mailing lists

Re: OpenSSL 3.0.0 compatibility - Mailing list pgsql-hackers

From	Andrew Dunstan
Subject	Re: OpenSSL 3.0.0 compatibility
Date	May 30, 2020 15:34:37
Msg-id	1e125686-4c71-422f-8ab8-15298473e42d@2ndQuadrant.com Whole thread Raw
In response to	OpenSSL 3.0.0 compatibility (Daniel Gustafsson <daniel@yesql.se>)
Responses	Re: OpenSSL 3.0.0 compatibility
List	pgsql-hackers

Tree view

On 5/28/20 6:16 PM, Daniel Gustafsson wrote:
>
> OpenSSL also deprecates DES keys in 3.0.0, which cause our password callback
> tests to fail with the cryptic error "fetch failed", as the test suite keys are
> encrypted with DES.  0002 fixes this by changing to AES256 (randomly chosen
> among the ciphers supported in 1.0.1+ and likely to be around), and could be
> applied already today as there is nothing 3.0.0 specific about it.
>

+1 for applying this forthwith. The key in my recent commit 896fcdb230
is encrypted with AES256.


cheers


andrew


-- 
Andrew Dunstan                https://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

pgsql-hackers by date:

From: Peter Eisentraut
Date: 30 May 2020, 12:29:11
Subject: Re: OpenSSL 3.0.0 compatibility

From: Michael Paquier
Date: 31 May 2020, 05:02:20
Subject: Re: Read access for pg_monitor to pg_replication_origin_status view

Re: OpenSSL 3.0.0 compatibility - Mailing list pgsql-hackers

Previous

Next