Heikki Linnakangas wrote: > In short, pgcrypto actually used to use the EVP functions, but was changed > to *not* use them, because in older versions of OpenSSL, some key lengths > and/or padding options that pgcrypto supports were not supported by the EVP > API. That was fixed in OpenSSL 0.9.7, however. The consensus in 2007 was > that we could drop support for OpenSSL 0.9.6 and below, so that should > definitely be OK by now, if we haven't already done that elsewhere in the > code.
I think we already effectively dropped support for < 0.9.7 with the renegotiation fixes; see https://www.postgresql.org/message-id/20130712203252.GH29206%40eldon.alvh.no-ip.org -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
