On 07/01/2016 11:41 AM, Christoph Berg wrote:
> thanks for the patches. I applied all there patches on top of HEAD
> (10c0558f). The server builds and passes "make check", pgcrypto still
> needs work, though:
Thanks, I had forgotten pgcrypto.
When fixing pgcrypto I noticed that the OpenSSL team has deprecated
RAND_pseudo_bytes() and recommend using RAND_bytes() instead (see
302d38e3f73d5fd2ba2fd30bb7798778cb9f18dd).
As far as I can tell the only difference is that RAND_bytes() adds an
error to the error queue if there is not enough entropy for generating
secure data. And since we already always use strong random with the
Fortuna algorithm, why not just drop px_get_pseudo_random_bytes()? It
feels like a potential security problem with to me unclear benefit.
I also found that client CA loading is broken in OpenSSL 1.1-pre5
(reported as https://github.com/openssl/openssl/pull/1279). This might
be good to be aware of when testing my patches.
Attached a new set of patches:
0001-Fixes-for-compiling-with-OpenSSL-1.1-v2.patch
The fixes necessary to build with OpenSSL 1.1. Mostly fixes surrounding
direct access to struct fields.
0002-Remove-OpenSSL-1.1-deprecation-warnings-v2.patch
Fix deprecation warnings. Mostly trusting OpenSSL 1.1 to handle
threading and initialization automatically.
0003-Remove-px_get_pseudo_random_bytes-v2.patch
Remove the px_get_pseudo_random_bytes() from pgcrypto. Also silcences
deprecation warning about RAND_pseudo_bytes().
0004-Define-CRYPTO_LOCK-for-OpenSSL-1.1-compat-v2.patch
Useful if you want to play around with
0001-Fixes-for-compiling-with-OpenSSL-1.1-v2.patch before they release a
new version where CRYPTO_LOCK is added back. See
https://github.com/openssl/openssl/issues/1260
Andreas