From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
---|---|
To: | Michael Paquier <michael(at)paquier(dot)xyz> |
Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Move OpenSSL random under USE_OPENSSL_RANDOM |
Date: | 2020-11-05 12:18:15 |
Message-ID: | 7001EB35-BF76-4DEA-A7AB-CA94BCAA64E3@yesql.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
> On 5 Nov 2020, at 13:12, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>
> On Thu, Nov 05, 2020 at 10:49:45AM +0100, Daniel Gustafsson wrote:
>> This must check for USE_OPENSSL as well as per my original patch, since we'd
>> otherwise fail to perform post-fork initialization in case one use OpenSSL with
>> anothe PRNG for pg_strong_random. That might be theoretical at this point, but
>> if we ever support that and miss updating this it would be problematic.
>
> That's actually the same point I tried to make at the end of my last
> email, but worded differently, isn't it?
Ah, ok, then I failed to parse it that way. At least we are in agreement then
which is good.
> In short we have
> USE_OPENSSL, but !USE_OPENSSL_RANDOM and we still need an
> initialization. We could just do something like the following:
> #ifdef USE_OPENSSL
> RAND_poll();
> #endif
> #if defined(USE_OPENSSL_RANDOM)
> /* OpenSSL is done above, because blah.. */
> #elif etc..
> [...]
> #error missing an init, pal.
> #endif
>
> Or do you jave something else in mind?
What about the (hypothetical) situation where USE_OPENSSL_RANDOM is used
without USE_OPENSSL? Wouldn't the below make sure we cover all bases?
#if defined(USE_OPENSSL) || defined(USE_OPENSSL_RANDOM)
cheers ./daniel
From | Date | Subject | |
---|---|---|---|
Next Message | Peter Eisentraut | 2020-11-05 12:27:21 | redundant error messages |
Previous Message | Michael Paquier | 2020-11-05 12:12:53 | Re: Move OpenSSL random under USE_OPENSSL_RANDOM |