granicus.if.org Git - postgresql/commit

Replace PostmasterRandom() with a stronger way of generating randomness.

This adds a new routine, pg_strong_random() for generating random bytes,
for use in both frontend and backend. At the moment, it's only used in
the backend, but the upcoming SCRAM authentication patches need strong
random numbers in libpq as well.

pg_strong_random() is based on, and replaces, the existing implementation
in pgcrypto. It can acquire strong random numbers from a number of sources,
depending on what's available:
- OpenSSL RAND_bytes(), if built with OpenSSL
- On Windows, the native cryptographic functions are used
- /dev/urandom
- /dev/random

Original patch by Magnus Hagander, with further work by Michael Paquier
and me.

Discussion: <CAB7nPqRy3krN8quR9XujMVVHYtXJ0_60nqgVc6oUk8ygyVkZsA@mail.gmail.com>

author	Heikki Linnakangas <heikki.linnakangas@iki.fi>
	Mon, 17 Oct 2016 08:52:50 +0000 (11:52 +0300)
committer	Heikki Linnakangas <heikki.linnakangas@iki.fi>
	Mon, 17 Oct 2016 08:52:50 +0000 (11:52 +0300)
commit	9e083fd4683294f41544e6d0d72f6e258ff3a77c
tree	bbacc73b0c4a29a0d7b62d3c5a7bb4583d592ad1	tree \| snapshot
parent	5dfc198146b49ce7ecc8a1fc9d5e171fb75f6ba5	commit \| diff

contrib/pgcrypto/Makefile		diff \| blob \| history
contrib/pgcrypto/internal.c		diff \| blob \| history
contrib/pgcrypto/random.c	[deleted file]	blob \| history
src/backend/libpq/auth.c		diff \| blob \| history
src/backend/postmaster/postmaster.c		diff \| blob \| history
src/include/port.h		diff \| blob \| history
src/port/Makefile		diff \| blob \| history
src/port/pg_strong_random.c	[new file with mode: 0644]	blob
src/tools/msvc/Mkvcbuild.pm		diff \| blob \| history