On Thu, Jul 04, 2019 at 08:24:13AM +0200, Daniel Gustafsson wrote:
> LGTM, thanks.
Okay, done, after rechecking the shape of the key. Thanks!
--
Michael
signature.asc
Description: PGP signature
> On 04 Jul 2019, at 02:58, Michael Paquier wrote:
>
>> On Wed, Jul 03, 2019 at 08:56:42PM +0200, Daniel Gustafsson wrote:
>> Agreed, I’ve updated the patch with a comment on this formulated such that it
>> should stand the test of time even as OpenSSL changes etc.
>
> I'd like to think that
On Wed, Jul 03, 2019 at 08:56:42PM +0200, Daniel Gustafsson wrote:
> Agreed, I’ve updated the patch with a comment on this formulated such that it
> should stand the test of time even as OpenSSL changes etc.
I'd like to think that we had rather mention the warning issue
explicitely, so as people d
> On 3 Jul 2019, at 12:11, Michael Paquier wrote:
> It would be nice to add a comment on that though, perhaps in
> libpq-be.h where the key is defined.
Agreed, I’ve updated the patch with a comment on this formulated such that it
should stand the test of time even as OpenSSL changes etc.
cheers
On Wed, Jul 03, 2019 at 10:56:41AM +0200, Daniel Gustafsson wrote:
> OpenSSL provides DH_check() which we use in load_dh_file() to ensure that the
> user is passing a valid prime in the DH file. Adding this to the hardcoded
> blob seems overkill though, once the validity has been verified before i
> On 2 Jul 2019, at 09:49, Michael Paquier wrote:
> On Tue, Jul 02, 2019 at 08:14:25AM +0100, Peter Eisentraut wrote:
>>
>> I was wondering whether the provided binary blob contained any checksums
>> or other internal checks. How would we know whether it contains
>> transposed characters or rep
On Tue, Jul 02, 2019 at 08:14:25AM +0100, Peter Eisentraut wrote:
> It appears that we have consensus to go ahead with this.
Yeah, I was planning to look at that one next. Or perhaps you would
like to take care of it, Peter?
>
> I was wondering whether the provided binary blob contained any che
On 2019-06-18 13:05, Daniel Gustafsson wrote:
> This was touched upon, but never really discussed AFAICT, back when then EDH
> parameters were reworked a few years ago. Instead of replacing with custom
> ones, as suggested in [1] it we might as well replace with standardized ones
> as
> this is a
On Wed, Jun 19, 2019 at 07:44:46AM +0200, Daniel Gustafsson wrote:
> I think this is v13 material, I’ll stick it in the next commitfest.
Thanks!
--
Michael
signature.asc
Description: PGP signature
> On 19 Jun 2019, at 05:40, Michael Paquier wrote:
> Fine by me. Let's stick with the 2048b-long one for now as we did in
> c0a15e0. I am wondering if we should sneak that into v12, but I'd
> rather just wait for v13 to open.
I think this is v13 material, I’ll stick it in the next commitfest.
On Tue, Jun 18, 2019 at 02:05:00PM +0200, Daniel Gustafsson wrote:
> The current hardcoded EDH parameter fallback use the old SKIP primes, for
> which
> the source disappeared from the web a long time ago. Referencing a known dead
> source seems a bit silly, so I think we should either switch to
The current hardcoded EDH parameter fallback use the old SKIP primes, for which
the source disappeared from the web a long time ago. Referencing a known dead
source seems a bit silly, so I think we should either switch to a non-dead
source of MODP primes or use an archive.org link for SKIP. Perso
12 matches
Mail list logo
