Re: A mystery: use of deprecated crypto cipher aes-ecb by /u01/app/oracle/product/12.1.0.2.home1/bin/oracle

From: Jose Rodriguez <jrodriguez2_at_pythian.com>
Date: Mon, 11 Feb 2019 08:23:37 +0100
Message-ID: <CAGV8MGrPcV-iVwrnBp_JZe11PMgdbRzF7UdCkV2F+wcCAk885g_at_mail.gmail.com>

I would consider relinking the Oracle binaries after a Solaris upgrade. It was in some MOS note some time ago, not sure if it still applies or what the outcome may be.
Just try it first in a non prod environment ;)

[image: Pythian] <http://www.pythian.com/> *Jose Rodriguez* | Oracle Project Engineer | [image: LinkedIn] <https://www.linkedin.com/company/pythian> *t* +1 613 565 8696 <+1+613+565+8696> *ext.* 1393 *m* +34 607 55 49 91 <+34+607+55+49+91>
jrodriguez2_at_pythian.com
*www.pythian.com* <https://www.pythian.com/> [image: Pythian] <https://www.pythian.com/email-footer-click>

On Fri, 8 Feb 2019 at 23:08, Charles Schultz <sacrophyte_at_gmail.com> wrote:

> Good day, Listers,
>
> After applying Solaris patch 11.4 to our oracle database servers, we are
> now flooded with a stream of warnings in the console log about deprecated
> ciphers.
>
> We have opened several SRs, which have come to naught so far.
>
> On our own, we have discovered that the warning message is from new crypto
> libraries installed by the Solaris patch (/usr/lib/libucrypto.so.1). We
> have noticed that the crypto libraries are linked to many oracle binaries.
> So it stands to reason that something in the oracle binaries is calling the
> deprecated cipher (aes-ecb). But so far, we have not yet figured out where
> it exactly comes from.
>
> I am sure there are many ways to reproduce the problem, but one sure way
> we have found is this:
> sqlplus / as sysdba
> select count(*) From dba_data_files;
>
> After a little bit of trial and error, it seems like this select will also
> do it:
> select count(*) from sys.x$ktfbhc;
>
>
> We only see a corresponding warning in the console log the first time this
> query runs for each session.
>
> We are trying to diagnose with dtrace, but so far have not hit upon any
> obvious clues (still trying).
>
> We have tried this on OSEE 11.2.0.4, 12.1.0.2 and 12.2.0.1
>
> Any ideas?
>
> --
> Charles Schultz
>

-- 


--






--
http://www.freelists.org/webpage/oracle-l

Received on Mon Feb 11 2019 - 08:23:37 CET

This message: [ Message body ]
Next message: Howard Latham: "Critical Patch Update RH LInux x64 11.2.0.4"
Previous message: Sanjay Mishra: "Securefile BLOBS storage"
In reply to: Charles Schultz: "A mystery: use of deprecated crypto cipher aes-ecb by /u01/app/oracle/product/12.1.0.2.home1/bin/oracle"
In reply to Charles Schultz: "A mystery: use of deprecated crypto cipher aes-ecb by /u01/app/oracle/product/12.1.0.2.home1/bin/oracle"
Next in thread: Ls Cheng: "Re: exadata write performance problems"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message