On Wed, Sep 14, 2022 at 7:54 AM Maxim Orlov <orlo...@gmail.com> wrote: > For the patch itself, I think it is better to use a more precise time > function in libpq_prng_init or call it only once. > Thought it is a special corner case, imagine all the connection attempts at > first second will be seeded with the save > value, i.e. will attempt to connect to the same host. I think, this is not we > want to achieve.
Just a quick single-issue review, but I agree with Maxim that having one PRNG, seeded once, would be simpler -- with the tangible benefit that it would eliminate weird behavior on simultaneous connections when the client isn't using OpenSSL. (I'm guessing a simple lock on a global PRNG would be less overhead than the per-connection strong_random machinery, too, but I have no data to back that up.) The test seed could then be handled globally as well (envvar?) so that you don't have to introduce a debug-only option into the connection string. Overall, I like the concept. --Jacob
