Forbid gen_random_uuid() with --disable-strong-random
Heikki Linnakangas <heikki.linnakangas@iki.fi>
Forbid gen_random_uuid() with --disable-strong-random Previously, gen_random_uuid() would fall back to a weak random number generator, unlike gen_random_bytes() which would just fail. And this was not made very clear in the docs. For consistency, also make gen_random_uuid() fail outright, if compiled with --disable-strong-random. Re-word the error message you get with --disable-strong-random. It is also used by pgp functions that require random salts, and now also gen_random_uuid(). Reported by Radek Slupik. Discussion: https://www.postgresql.org/message-id/20170101232054.10135.50528@wrigleys.postgresql.org
Files
| Path | Change | +/− |
|---|---|---|
| contrib/pgcrypto/expected/pgp-compression_1.out | modified | +4 −4 |
| contrib/pgcrypto/expected/pgp-decrypt_1.out | modified | +2 −2 |
| contrib/pgcrypto/expected/pgp-encrypt_1.out | modified | +23 −23 |
| contrib/pgcrypto/expected/pgp-pubkey-encrypt_1.out | modified | +6 −6 |
| contrib/pgcrypto/pgcrypto.c | modified | +5 −5 |
| contrib/pgcrypto/px.c | modified | +1 −1 |
Discussion
- gen_random_uuid security not explicit in documentation 8 messages · 2017-01-01 → 2017-07-03