> On 3 Mar 2021, at 14:55, Peter Eisentraut <peter.eisentr...@2ndquadrant.com>
> wrote:
>
> This thread is still in the commit fest, but I don't see any actual proposed
> patch still pending. Most of the activity has moved into other threads.
The doc changes in the patch proposed on 29/9 still stands, although I see that
it had an off by one in mentioning MD5 when it should be MD4 et.al; so
something more like the below.
diff --git a/doc/src/sgml/pgcrypto.sgml b/doc/src/sgml/pgcrypto.sgml
index b6bb23de0f..d45464c7ea 100644
--- a/doc/src/sgml/pgcrypto.sgml
+++ b/doc/src/sgml/pgcrypto.sgml
@@ -1234,6 +1234,12 @@ gen_random_uuid() returns uuid
</tgroup>
</table>
+ <para>
+ When compiled against <productname>OpenSSL</productname> 3.0.0, the legacy
+ provider must be activated in the system <filename>openssl.cnf</filename>
+ configuration file in order to use older ciphers like DES and Blowfish.
+ </para>
+
<para>
> Could you update the status of this CF entry, and perhaps also on the status
> of OpenSSL compatibility in general?
Let's just wait for 3.0.0 to ship before we do anything.
--
Daniel Gustafsson https://vmware.com/
