| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Bear Giles <bgiles(at)coyotesong(dot)com> |
| Cc: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: SSL (patch 5) |
| Date: | 2002-06-14 04:39:54 |
| Message-ID: | 200206140439.g5E4dsK24610@candle.pha.pa.us |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
Bear, can you confirm that this patch should be rejected and that
hopefully the SSL library will handle it in the future?
---------------------------------------------------------------------------
Bear Giles wrote:
> Patch to add initialization from entropy source, either a
> file ($HOME/.postgresql/.rand, $DataDir/.rand) or the
> /dev/urandom device.
>
> This is intended to reduce the ability of an attacker to
> predict our "random" keys.
>
> The random file can be generated with the OpenSSL command:
> openssl rand -out .rand 1024.
>
> Bear
Content-Description: /tmp/patch5
[ Attachment, skipping... ]
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2002-06-14 04:40:52 | Re: [HACKERS] PATCH SSL_pending() checks in libpq/fe-misc.c |
| Previous Message | Bruce Momjian | 2002-06-14 04:38:52 | Re: SSL (patch 10) |