- Desktop
- Enterprise
- Gaming
- Graphics
- Hardware
- Linux Kernel
- Multimedia
- Operating Systems
- Programming
- System Internals
- All Projects
- Latest News
- fate/iamf: add a demux text
- pg_combinebackup: Add --version to --help output
- PostgreSQL: Support SSL_R_VERSION_TOO_LOW when using LibreSSL
- avcodec/mediacodecenc: Add global header support
- tdf#159660: also add normal blend filter
- Linux Kernel: Linux 6.9-rc5
- WINE: Release 9.7.
- Sync psm/evdev/atkbd with FreeBSD
- Latest News (cont.)
- lavfi: Add pad_vaapi filter
- lavfi: Add drawbox_vaapi filter
- Linux Kernel: Linux 6.9-rc4
- Embind: support .implement()-based JS UNO objects
- tdf#33603: sd: rework notes panel
- xwayland: Add SourceValidate hook
- UPower: Release 1.90.4
- timezone: sync to TZDB 2024a
- Linux Kernel: Linux 6.9-rc3
- Optimize pg_popcount() with AVX-512 instructions
- Enhance nbtree ScalarArrayOp execution
Featured content is also available via:
Replace PostmasterRandom() with a stronger way of generating randomness
Enterprise / PostgreSQL - Heikki Linnakangas [iki.fi] - 17 October 2016 03:52 UTC
This adds a new routine, pg_strong_random() for generating random bytes, for use in both frontend and backend. At the moment, it's only used in the backend, but the upcoming SCRAM authentication patches need strong random numbers in libpq as well.
pg_strong_random() is based on, and replaces, the existing implementation in pgcrypto. It can acquire strong random numbers from a number of sources, depending on what's available:- OpenSSL RAND_bytes(), if built with OpenSSL- On Windows, the native cryptographic functions are used- /dev/urandom- /dev/random
Original patch by Magnus Hagander, with further work by Michael Paquier and me.
Discussion:
9e083fd Replace PostmasterRandom() with a stronger way of generating randomness.
contrib/pgcrypto/Makefile | 2 +-
contrib/pgcrypto/internal.c | 40 +++---
contrib/pgcrypto/random.c | 247 -----------------------------------
src/backend/libpq/auth.c | 27 +++-
src/backend/postmaster/postmaster.c | 153 ++++++----------------
src/include/port.h | 3 +
src/port/Makefile | 2 +-
src/port/pg_strong_random.c | 148 +++++++++++++++++++++
src/tools/msvc/Mkvcbuild.pm | 6 +-
9 files changed, 244 insertions(+), 384 deletions(-)
Upstream: git.postgresql.org
Share
- Tweet
Recent PostgreSQL Activity
- Avoid unnecessary "touch meson.build" in vpath builds
Andres Freund - Post-commit review fixes for slot synchronization
Amit Kapila - pg_combinebackup: Add --version to --help output
Peter Eisentraut - Support SSL_R_VERSION_TOO_LOW when using LibreSSL
Daniel Gustafsson - Support disallowing SSL renegotiation when using LibreSSL
Daniel Gustafsson