projects / users / heikki / postgres.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 13d3180) | patch
Replace PostmasterRandom() with a stronger way of generating randomness. scram-random
authorHeikki Linnakangas <[email protected]>
Fri, 14 Oct 2016 11:58:44 +0000 (14:58 +0300)
committerHeikki Linnakangas <[email protected]>
Fri, 14 Oct 2016 11:58:44 +0000 (14:58 +0300)
commit4b3000df3dc71ad41018a6606c92bc4a0adeb8f5
treeb2e3302509f05c70816c4420a6192b28d8532934tree
parent13d3180fd14c624bbb274e200e98ddb50e260216commit | diff
Replace PostmasterRandom() with a stronger way of generating randomness.

This adds a new routine, pg_strong_random() for generating random bytes,
for use in both frontend and backend. At the moment, it's only used in
the backend, but the upcoming SCRAM authentication patches need strong
random numbers in libpq as well.

pg_strong_random() can acquire strong random numbers from a number of
sources, depending on what's available:
- OpenSSL RAND_bytes(), if built with OpenSSL
- On Windows, the native cryptographic functions are used
- /dev/urandom
- /dev/random

Original patch by Magnus Hagander, with further tweaks by Michael Paquier
and me.

Discussion: <CAB7nPqRy3krN8quR9XujMVVHYtXJ0_60nqgVc6oUk8ygyVkZsA@mail.gmail.com>
src/backend/libpq/auth.c diff | blob | blame | history
src/backend/postmaster/postmaster.c diff | blob | blame | history
src/include/port.h diff | blob | blame | history
src/port/Makefile diff | blob | blame | history
src/port/pg_strong_random.c [new file with mode: 0644] blob
src/tools/msvc/Mkvcbuild.pm diff | blob | blame | history
Heikki's random PostgreSQL patches