Re: Move OpenSSL random under USE_OPENSSL_RANDOM
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Magnus Hagander <magnus@hagander.net>
Cc: Daniel Gustafsson <daniel@yesql.se>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2020-11-05T03:44:13Z
Lists: pgsql-hackers
Attachments
- openssl_random_macros_v2.patch (text/x-diff) patch v2
On Wed, Nov 04, 2020 at 10:05:48AM +0100, Magnus Hagander wrote: > Yes, we should absolutely do that. We already do this for > pg_strong_random() itself, and we should definitely repeat the pattern > in the init function. This poked at my curiosity, so I looked at it. The result looks indeed like an improvement to me, while taking care of the point of upthread to make the implementation stuff controlled only by USE_OPENSSL_RANDOM. Per se the attached. This could make random number generation predictible when an extension calls directly RAND_bytes() if USE_OPENSSL_RANDOM is not used while building with OpenSSL, but perhaps I am just too much of a pessimistic nature. -- Michael
Commits
-
Remove ability to independently select random number generator
- 16f96c74d48e 14.0 landed
-
Add pg_strong_random_init function to initialize random number generator
- 5ee180a39470 14.0 landed