On Tue, Oct 18, 2016 at 5:35 AM, Tom Lane <t...@sss.pgh.pa.us> wrote: > If we want it to fail, and don't want to retire pademelon, there are > multiple ways we could get to that goal: > > * Enable --with-openssl in pademelon's build (don't really want to do > this, since I believe almost all the rest of the buildfarm tests with > openssl)
Yes, I don't think that's a good thing to make openssl installation mandatory for this animal. > * Add variant expected-files (probably bad, it'd hide real failures) > > * Add a configure option to suppress building/testing pgcrypto (maybe > just make it contingent on --with-openssl, which would allow deletion > of a bunch of code that duplicates openssl functionality...) > > * Support reading entropy from prngd (but this means we have no buildfarm > coverage for entropy-daemon-less platforms) > > None of these are perfect, but I'd say the last one is not so obviously > the best that we shouldn't consider alternatives. In light of this discussion, it seems to me that we still want at the end the --allow-weak-keys anyway as an extreme fallback, and this even if there is additional support for prngd. An essential part is to document the weakness of this option properly, like not using pgcrypto with that if there is no other entropy source on an OS. By reading this thread, the point is that we should not complicate the support for obscure nix platforms, and it would be user-unfriendly to require users to install prngd to get more entropy from the system. And actually, enabling prngd would need to be controlled by a configure switch as well disabled by default, no? -- Michael -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
