From 2b8a95f33f7eee2acf622c1ce53fb0ebd468d7d9 Mon Sep 17 00:00:00 2001 From: Tony Vu Date: Thu, 1 Jun 2023 08:40:06 -0700 Subject: [PATCH] (maint) Reenable bf and cast ciphers for pgcrypto The openssl built for puppet-runtime is used to build postgres for puppetdb; when openssl is built with the `no-bf` and `no-cast` flags, the pgcrypto module for postgres errors out during the build process. This change puts the ciphers back in so postgres can build for puppetdb. --- configs/components/openssl-3.0.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configs/components/openssl-3.0.rb b/configs/components/openssl-3.0.rb index 0742ac0f8..6d5f8d100 100644 --- a/configs/components/openssl-3.0.rb +++ b/configs/components/openssl-3.0.rb @@ -113,8 +113,8 @@ 'no-dtls1-method', 'no-dtls1_2-method', 'no-aria', - 'no-bf', - 'no-cast', + # 'no-bf', pgcrypto is requires this cipher in postgres for puppetdb + # 'no-cast', pgcrypto is requires this cipher in postgres for puppetdb 'no-rc2', 'no-rc5', # 'no-md4', puppet infra uses the agent's runtime and runs WinRM tasks using NTLM, so it needs DES & MD4