I am developing application with PortgreSQL and I can't tell customer to "Recompile PostgreSQL and see if it works then try to use non-openssl pgcrypto or try to compile openSSL 0.9.8."
Pgcrypto depends on OpenSSL 0.9.8. And 0.9.8 is not "Stable" in RedHat and Gentoo. So you need to recompile pgcrypto/openssl anyway if you want to use it. Can I report this in PostgreSQL bug system?
Regards.
On 5/9/06, Marko Kreen <markokr@xxxxxxxxx> wrote:
On 5/9/06, Joe Kramer <cckramer@xxxxxxxxx> wrote:
> Fedora core has OpenSSL 0.9.7 installed by default. And it's not possible to
> install 0.9.8 because of glibc conflict.
>
> I suspect pgcrypto looks for SHA256 in OpeSSL lib when it should use
> built-in.
> SHA256 is working fine on Windows but on Redhat it fails. Maybe because
> windows pgcrypto DLL is compiled statically with OpenSSL?
OpenSSL vs. builtin is a compile-time decision, so the builtin code
cannot be fallback at runtime.
Windows code is using either builtin code or newer OpenSSL.
> How to make pgcrypto use built-in sha256?
You need to recompile PostgreSQL. Don't try to use non-OpenSSL
pgcrypto with OpenSSL PostgreSQL, it will crash due to symbol
conflict.
Another variant is to try to compile separate OpenSSL 0.9.8 and
compile PostgreSQL against that. So you don't need to upgrade
system OpenSSL.
--
marko