| From: | Daniel Gustafsson <dgustafsson(at)postgresql(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Disable OpenSSL EVP digest padding in pgcrypto |
| Date: | 2021-09-25 09:47:32 |
| Message-ID: | E1mU4HM-0003AF-Jb@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Disable OpenSSL EVP digest padding in pgcrypto
The PX layer in pgcrypto is handling digest padding on its own uniformly
for all backend implementations. Starting with OpenSSL 3.0.0, DecryptUpdate
doesn't flush the last block in case padding is enabled so explicitly
disable it as we don't use it.
This will be backpatched to all supported version once there is sufficient
testing in the buildfarm of OpenSSL 3.
Reviewed-by: Peter Eisentraut, Michael Paquier
Discussion: https://postgr.es/m/FEF81714-D479-4512-839B-C769D2605F8A@yesql.se
Backpatch-through: 9.6
Branch
------
REL_13_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/135d8687adf12a0d4cd7c94d1095ed5a7a08f7ed
Modified Files
--------------
contrib/pgcrypto/openssl.c | 4 ++++
1 file changed, 4 insertions(+)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2021-09-25 09:48:30 | pgsql: Add alternative output for OpenSSL 3 without legacy loaded |
| Previous Message | Daniel Gustafsson | 2021-09-25 09:46:00 | pgsql: Disable OpenSSL EVP digest padding in pgcrypto |