Re: Move OpenSSL random under USE_OPENSSL_RANDOM
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Magnus Hagander <magnus@hagander.net>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2020-11-05T23:36:32Z
Lists: pgsql-hackers
On Thu, Nov 05, 2020 at 01:59:11PM +0100, Daniel Gustafsson wrote: > Not yet, and potentially never will. Given the consequences of a PRNG which > hasn't been properly initialized I think it's ok to be defensive in this > codepath however. + /* + * In case the backend is using the PRNG from OpenSSL without being built + * with support for OpenSSL, make sure to perform post-fork initialization. + * If the backend is using OpenSSL then we have already performed this + * step. The same version caveat as discussed in the comment above applies + * here as well. + */ +#ifndef USE_OPENSSL + RAND_poll(); +#endif I still don't see the point of this extra complexity, as USE_OPENSSL_RANDOM implies USE_OPENSSL, and we also call RAND_poll() a couple of lines down in the main function under USE_OPENSSL_RANDOM. So I would just remove this whole block, and replace the comment by a simple "initialization already done above". -- Michael
Commits
-
Remove ability to independently select random number generator
- 16f96c74d48e 14.0 landed
-
Add pg_strong_random_init function to initialize random number generator
- 5ee180a39470 14.0 landed