> On 30 Oct 2021, at 14:11, Peter Eisentraut <peter.eisentraut@enterprisedb.com> wrote:
>
> On 24.08.21 11:13, Peter Eisentraut wrote:
>> So I'm tempted to suggest that we remove the built-in, non-OpenSSL cipher and hash implementations in pgcrypto
(basicallyINT_SRCS in pgcrypto/Makefile), and then also pursue the simplifications in the OpenSSL code paths described
in[0].
>
> Here is a patch for this.
+1 on this patch, it does what it says on the tin and lays good foundations for
further work on modernizing pgcrypto. If anything, maybe the hard OpenSSL
requirement should be advertised earlier in the documentation?
Should we consider bumping the version number of the module? While it's true
that everyone will have to recompile anyways, and there are no changes in
exposed functionality, it might be an easier sell for those it without OpenSSL
if the version nunber indicates a change.
--
Daniel Gustafsson https://vmware.com/
