Re: Move OpenSSL random under USE_OPENSSL_RANDOM

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Magnus Hagander <magnus(at)hagander(dot)net>
Cc: Daniel Gustafsson <daniel(at)yesql(dot)se>, Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Re: Move OpenSSL random under USE_OPENSSL_RANDOM
Date: 2020-11-05 03:44:13
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

On Wed, Nov 04, 2020 at 10:05:48AM +0100, Magnus Hagander wrote:
> Yes, we should absolutely do that. We already do this for
> pg_strong_random() itself, and we should definitely repeat the pattern
> in the init function.

This poked at my curiosity, so I looked at it. The result looks
indeed like an improvement to me, while taking care of the point of
upthread to make the implementation stuff controlled only by
USE_OPENSSL_RANDOM. Per se the attached.

This could make random number generation predictible when an extension
calls directly RAND_bytes() if USE_OPENSSL_RANDOM is not used while
building with OpenSSL, but perhaps I am just too much of a pessimistic

Attachment Content-Type Size
openssl_random_macros_v2.patch text/x-diff 2.5 KB

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message David Pirotte 2020-11-05 03:46:13 Re: Any objections to implementing LogicalDecodeMessageCB for pgoutput?
Previous Message Masahiko Sawada 2020-11-05 03:15:59 Re: Transactions involving multiple postgres foreign servers, take 2