Alvaro Herrera <alvhe...@2ndquadrant.com> wrote: > On 2019-Aug-02, Shawn Wang wrote: > > > Hi Antonin, > > It is very glad to see the new patch. I used the public patches a long time > > ago. > > I did some tests like the stream replication, much data running, temporary > > files encryption. > > I found that there is an issue in the > > src/backend/storage/file/encryption.c. You should put block_size = > > EVP_CIPHER_CTX_block_size(ctx); under the #ifdef USE_ASSERT_CHECKING. > > There is some problem to merge your patches to the latest kernel in the > > pg_ctl.c. > > Is a new, fixed version going to be posted soon? It's been a while. > > Also, apologies if this has been asked before, but: how does this patch > relate to the stuff being discussed in > https://postgr.es/m/031401d3f41d$5c70ed90$1552c8b0$@lab.ntt.co.jp ?
This thread started later than our effort but important design questions are being discussed there. So far there seems to be no consensus whether full-instance encryption should be implemented first, so any effort spent on this patch might get wasted. When/if there will be an agreement on the design, we'll see how much of this patch can be used. -- Antonin Houska Web: https://www.cybertec-postgresql.com
