Untested combinations of 'autoconf' and PostgreSQL versions are not
recommended. You can remove the check from 'configure.in' but it is then
your responsibility whether the result works or not.])])
-AC_COPYRIGHT([Copyright (c) 1996-2016, PostgreSQL Global Development Group])
+AC_COPYRIGHT([Copyright (c) 1996-2017, PostgreSQL Global Development Group])
AC_CONFIG_SRCDIR([src/backend/access/common/heaptuple.c])
AC_CONFIG_AUX_DIR(config)
AC_PREFIX_DEFAULT(/usr/local/pgsql)
PGAC_ARG_BOOL(enable, atomics, yes,
[do not use atomic operations])
+#
+# Random number generation
+#
+PGAC_ARG_BOOL(enable, strong-random, yes,
+ [do not use a strong random number source])
+AC_SUBST(enable_strong_random)
+
#
# --enable-debug adds -g to compiler flags
#
AC_SEARCH_LIBS(crypt, crypt)
AC_SEARCH_LIBS(shm_open, rt)
AC_SEARCH_LIBS(shm_unlink, rt)
+AC_SEARCH_LIBS(clock_gettime, [rt posix4])
# Solaris:
AC_SEARCH_LIBS(fdatasync, [rt posix4])
# Required for thread_test.c on Solaris
LIBS_including_readline="$LIBS"
LIBS=`echo "$LIBS" | sed -e 's/-ledit//g' -e 's/-lreadline//g'`
-AC_CHECK_FUNCS([cbrt dlopen fdatasync getifaddrs getpeerucred getrlimit mbstowcs_l memmove poll pstat pthread_is_threaded_np readlink setproctitle setsid shm_open symlink sync_file_range towlower utime utimes wcstombs wcstombs_l])
+AC_CHECK_FUNCS([cbrt clock_gettime dlopen fdatasync getifaddrs getpeerucred getrlimit mbstowcs_l memmove poll pstat pthread_is_threaded_np readlink setproctitle setsid shm_open symlink sync_file_range towlower utime utimes wcstombs wcstombs_l])
AC_REPLACE_FUNCS(fseeko)
case $host_os in
SEMA_IMPLEMENTATION="src/backend/port/sysv_sema.c"
sematype="System V"
fi
- AC_MSG_RESULT([$sematype])
fi
+ AC_MSG_RESULT([$sematype])
else
AC_DEFINE(USE_WIN32_SEMAPHORES, 1, [Define to select Win32-style semaphores.])
SEMA_IMPLEMENTATION="src/backend/port/win32_sema.c"
SHMEM_IMPLEMENTATION="src/backend/port/win32_shmem.c"
fi
+# Select random number source
+#
+# You can override this logic by setting the appropriate USE_*RANDOM flag to 1
+# in the template or configure command line.
+
+# If not selected manually, try to select a source automatically.
+if test "$enable_strong_random" = "yes" && test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
+ if test x"$with_openssl" = x"yes" ; then
+ USE_OPENSSL_RANDOM=1
+ elif test "$PORTNAME" = "win32" ; then
+ USE_WIN32_RANDOM=1
+ else
+ AC_CHECK_FILE([/dev/urandom], [], [])
+
+ if test x"$ac_cv_file__dev_urandom" = x"yes" ; then
+ USE_DEV_URANDOM=1
+ fi
+ fi
+fi
+
+AC_MSG_CHECKING([which random number source to use])
+if test "$enable_strong_random" = yes ; then
+ if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
+ AC_DEFINE(USE_OPENSSL_RANDOM, 1, [Define to use OpenSSL for random number generation])
+ AC_MSG_RESULT([OpenSSL])
+ elif test x"$USE_WIN32_RANDOM" = x"1" ; then
+ AC_DEFINE(USE_WIN32_RANDOM, 1, [Define to use native Windows API for random number generation])
+ AC_MSG_RESULT([Windows native])
+ elif test x"$USE_DEV_URANDOM" = x"1" ; then
+ AC_DEFINE(USE_DEV_URANDOM, 1, [Define to use /dev/urandom for random number generation])
+ AC_MSG_RESULT([/dev/urandom])
+ else
+ AC_MSG_ERROR([
+no source of strong random numbers was found
+PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers,
+for authentication protocols. You can use --disable-strong-random to use a
+built-in pseudo random number generator, but that may be insecure.])
+ fi
+ AC_DEFINE(HAVE_STRONG_RANDOM, 1, [Define to use have a strong random number source])
+else
+ AC_MSG_RESULT([weak builtin PRNG])
+ AC_MSG_WARN([
+*** Not using a strong random number source may be insecure.])
+fi
+
# If not set in template file, set bytes to use libc memset()
if test x"$MEMSET_LOOP_LIMIT" = x"" ; then
MEMSET_LOOP_LIMIT=1024