Home > mailing lists

Re: Replace current implementations in crypt() and gen_salt() to OpenSSL - Mailing list pgsql-hackers

From	Daniel Gustafsson
Subject	Re: Replace current implementations in crypt() and gen_salt() to OpenSSL
Date	October 29, 2024 12:57:28
Msg-id	8CA10735-00C2-4F11-95FC-5F081CD7AF99@yesql.se Whole thread Raw
In response to	Replace current implementations in crypt() and gen_salt() to OpenSSL ("Koshi Shibagaki (Fujitsu)" <shibagaki.koshi@fujitsu.com>)
Responses	Re: Replace current implementations in crypt() and gen_salt() to OpenSSL
List	pgsql-hackers

Tree view

> On 26 Oct 2024, at 20:10, Joe Conway <mail@joeconway.com> wrote:

> Rather than depend on figuring out if we are in FIPS_mode in a portable way, I think the GUC is simpler and
sufficient.Why not do that and just use a better name, e.g. legacy_crypto_enabled or something similar (bike-shedding
welcomed)as in the attached. 

I'm not very enthusiastic about adding a GUC to match a system property like
that for the same reason why we avoid GUCs with transitive dependencies.

Re-reading the thread and thinking about I think the best solution would be to
split these functions off into their own extension.

--
Daniel Gustafsson

pgsql-hackers by date:

From: vignesh C
Date: 29 October 2024, 12:48:16
Subject: Re: Pgoutput not capturing the generated columns

From: Кириллов Вячеслав
Date: 29 October 2024, 13:21:49
Subject: Re: Question about VACUUM behavior with sub-transactions in stored procedures

Re: Replace current implementations in crypt() and gen_salt() to OpenSSL - Mailing list pgsql-hackers

Previous

Next