On Sun, Dec 30, 2018 at 11:47:03AM -0500, Tom Lane wrote: > Michael Paquier <mich...@paquier.xyz> writes: > > And attached is an updated patch with all those fixes included. Any > > thoughts or opinions? > > contrib/pgcrypto has some variant expected-files for the no-strong-random > case that could be removed now. > > BackendRandomLock should be removed, too.
Done and done.
> Since pg_strong_random is declared to take "void *", the places that
> cast arguments to "char *" could be simplified. (I guess that's a
> hangover from the rather random decision to make pg_backend_random
> take char *?)
Done.
> The wording for pgcrypto's PXE_NO_RANDOM error,
>
> {PXE_NO_RANDOM, "No strong random source"},
>
> perhaps needs to be changed --- maybe "Failed to generate strong
> random bits"?
Okay, changed this way. I looked previously at that description but
let it as-is.
> Not the fault of this patch, but surely this bit in pgcrypto's
> pad_eme_pkcs1_v15()
>
> if (!pg_strong_random((char *) p, 1))
> {
> px_memset(buf, 0, res_len);
> px_free(buf);
> break;
> }
>
> is insane, because the "break" makes it fall into code that will continue
> to scribble on "buf". I think the "break" needs to be "return
> PXE_NO_RANDOM", and probably we'd better back-patch that as a bug fix.
> (I'm also failing to see the point of that px_memset before freeing the
> buffer --- at this point, it contains no sensitive data, surely.)
Good catch. As far as I understand this code, the message is not
included yet and random bytes are just added to avoid having 0 in the
padding. So I agree that the memset is not really meaningful to
have on the whole buffer. I can take care of that as well, and of
course you get the credits. If you want to commit and back-patch the
fix yourself, please feel free to do so.
I am attaching an updated patch. I'll do an extra pass on it in the
next couple of days and commit if there is nothing. The diff stats
are nice:
32 files changed, 60 insertions(+), 1181 deletions(-)
Thanks a lot for the reviews!
--
Michael
diff --git a/configure b/configure
index ea40f5f03d..1e2238e3f5 100755
--- a/configure
+++ b/configure
@@ -761,7 +761,6 @@ GENHTML
LCOV
GCOV
enable_debug
-enable_strong_random
enable_rpath
default_port
WANTED_LANGUAGES
@@ -829,7 +828,6 @@ with_pgport
enable_rpath
enable_spinlocks
enable_atomics
-enable_strong_random
enable_debug
enable_profiling
enable_coverage
@@ -1512,7 +1510,6 @@ Optional Features:
executables
--disable-spinlocks do not use spinlocks
--disable-atomics do not use atomic operations
- --disable-strong-random do not use a strong random number source
--enable-debug build with debugging symbols (-g)
--enable-profiling build with profiling enabled
--enable-coverage build with coverage testing instrumentation
@@ -3272,34 +3269,6 @@ fi
-#
-# Random number generation
-#
-
-
-# Check whether --enable-strong-random was given.
-if test "${enable_strong_random+set}" = set; then :
- enableval=$enable_strong_random;
- case $enableval in
- yes)
- :
- ;;
- no)
- :
- ;;
- *)
- as_fn_error $? "no argument expected for --enable-strong-random option" "$LINENO" 5
- ;;
- esac
-
-else
- enable_strong_random=yes
-
-fi
-
-
-
-
#
# --enable-debug adds -g to compiler flags
#
@@ -17937,7 +17906,7 @@ fi
# in the template or configure command line.
# If not selected manually, try to select a source automatically.
-if test "$enable_strong_random" = "yes" && test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
+if test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
if test x"$with_openssl" = x"yes" ; then
USE_OPENSSL_RANDOM=1
elif test "$PORTNAME" = "win32" ; then
@@ -17971,42 +17940,29 @@ fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking which random number source to use" >&5
$as_echo_n "checking which random number source to use... " >&6; }
-if test "$enable_strong_random" = yes ; then
- if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
+if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
$as_echo "#define USE_OPENSSL_RANDOM 1" >>confdefs.h
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5
$as_echo "OpenSSL" >&6; }
- elif test x"$USE_WIN32_RANDOM" = x"1" ; then
+elif test x"$USE_WIN32_RANDOM" = x"1" ; then
$as_echo "#define USE_WIN32_RANDOM 1" >>confdefs.h
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5
$as_echo "Windows native" >&6; }
- elif test x"$USE_DEV_URANDOM" = x"1" ; then
+elif test x"$USE_DEV_URANDOM" = x"1" ; then
$as_echo "#define USE_DEV_URANDOM 1" >>confdefs.h
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: /dev/urandom" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: /dev/urandom" >&5
$as_echo "/dev/urandom" >&6; }
- else
- as_fn_error $? "
+else
+ as_fn_error $? "
no source of strong random numbers was found
PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers,
-for authentication protocols. You can use --disable-strong-random to use a
-built-in pseudo random number generator, but that may be insecure." "$LINENO" 5
- fi
-
-$as_echo "#define HAVE_STRONG_RANDOM 1" >>confdefs.h
-
-else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: weak builtin PRNG" >&5
-$as_echo "weak builtin PRNG" >&6; }
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING:
-*** Not using a strong random number source may be insecure." >&5
-$as_echo "$as_me: WARNING:
-*** Not using a strong random number source may be insecure." >&2;}
+for authentication protocols." "$LINENO" 5
fi
# If not set in template file, set bytes to use libc memset()
diff --git a/configure.in b/configure.in
index 89a0fb2470..66ff7fbc07 100644
--- a/configure.in
+++ b/configure.in
@@ -193,13 +193,6 @@ PGAC_ARG_BOOL(enable, spinlocks, yes,
PGAC_ARG_BOOL(enable, atomics, yes,
[do not use atomic operations])
-#
-# Random number generation
-#
-PGAC_ARG_BOOL(enable, strong-random, yes,
- [do not use a strong random number source])
-AC_SUBST(enable_strong_random)
-
#
# --enable-debug adds -g to compiler flags
#
@@ -2151,7 +2144,7 @@ fi
# in the template or configure command line.
# If not selected manually, try to select a source automatically.
-if test "$enable_strong_random" = "yes" && test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
+if test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
if test x"$with_openssl" = x"yes" ; then
USE_OPENSSL_RANDOM=1
elif test "$PORTNAME" = "win32" ; then
@@ -2166,28 +2159,20 @@ if test "$enable_strong_random" = "yes" && test x"$USE_OPENSSL_RANDOM" = x"" &&
fi
AC_MSG_CHECKING([which random number source to use])
-if test "$enable_strong_random" = yes ; then
- if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
- AC_DEFINE(USE_OPENSSL_RANDOM, 1, [Define to use OpenSSL for random number generation])
- AC_MSG_RESULT([OpenSSL])
- elif test x"$USE_WIN32_RANDOM" = x"1" ; then
- AC_DEFINE(USE_WIN32_RANDOM, 1, [Define to use native Windows API for random number generation])
- AC_MSG_RESULT([Windows native])
- elif test x"$USE_DEV_URANDOM" = x"1" ; then
- AC_DEFINE(USE_DEV_URANDOM, 1, [Define to use /dev/urandom for random number generation])
- AC_MSG_RESULT([/dev/urandom])
- else
- AC_MSG_ERROR([
+if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
+ AC_DEFINE(USE_OPENSSL_RANDOM, 1, [Define to use OpenSSL for random number generation])
+ AC_MSG_RESULT([OpenSSL])
+elif test x"$USE_WIN32_RANDOM" = x"1" ; then
+ AC_DEFINE(USE_WIN32_RANDOM, 1, [Define to use native Windows API for random number generation])
+ AC_MSG_RESULT([Windows native])
+elif test x"$USE_DEV_URANDOM" = x"1" ; then
+ AC_DEFINE(USE_DEV_URANDOM, 1, [Define to use /dev/urandom for random number generation])
+ AC_MSG_RESULT([/dev/urandom])
+else
+ AC_MSG_ERROR([
no source of strong random numbers was found
PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers,
-for authentication protocols. You can use --disable-strong-random to use a
-built-in pseudo random number generator, but that may be insecure.])
- fi
- AC_DEFINE(HAVE_STRONG_RANDOM, 1, [Define to use have a strong random number source])
-else
- AC_MSG_RESULT([weak builtin PRNG])
- AC_MSG_WARN([
-*** Not using a strong random number source may be insecure.])
+for authentication protocols.])
fi
# If not set in template file, set bytes to use libc memset()
diff --git a/contrib/pgcrypto/expected/pgp-compression_1.out b/contrib/pgcrypto/expected/pgp-compression_1.out
deleted file mode 100644
index 655830ae14..0000000000
--- a/contrib/pgcrypto/expected/pgp-compression_1.out
+++ /dev/null
@@ -1,42 +0,0 @@
---
--- PGP compression support
---
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-
-ww0ECQMCsci6AdHnELlh0kQB4jFcVwHMJg0Bulop7m3Mi36s15TAhBo0AnzIrRFrdLVCkKohsS6+
-DMcmR53SXfLoDJOv/M8uKj3QSq7oWNIp95pxfA==
-=tbSn
------END PGP MESSAGE-----
-'), 'key', 'expect-compress-algo=1');
- pgp_sym_decrypt
------------------
- Secret message
-(1 row)
-
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret message', 'key', 'compress-algo=0'),
- 'key', 'expect-compress-algo=0');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret message', 'key', 'compress-algo=1'),
- 'key', 'expect-compress-algo=1');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret message', 'key', 'compress-algo=2'),
- 'key', 'expect-compress-algo=2');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- level=0 should turn compression off
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret message', 'key',
- 'compress-algo=2, compress-level=0'),
- 'key', 'expect-compress-algo=0');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
diff --git a/contrib/pgcrypto/expected/pgp-decrypt_1.out b/contrib/pgcrypto/expected/pgp-decrypt_1.out
deleted file mode 100644
index f3df4e618a..0000000000
--- a/contrib/pgcrypto/expected/pgp-decrypt_1.out
+++ /dev/null
@@ -1,424 +0,0 @@
---
--- pgp_descrypt tests
---
--- Checking ciphers
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.blowfish.sha1.mdc.s2k3.z0
-
-jA0EBAMCfFNwxnvodX9g0jwB4n4s26/g5VmKzVab1bX1SmwY7gvgvlWdF3jKisvS
-yA6Ce1QTMK3KdL2MPfamsTUSAML8huCJMwYQFfE=
-=JcP+
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.mdc.s2k3.z0
-
-jA0EBwMCci97v0Q6Z0Zg0kQBsVf5Oe3iC+FBzUmuMV9KxmAyOMyjCc/5i8f1Eest
-UTAsG35A1vYs02VARKzGz6xI2UHwFUirP+brPBg3Ee7muOx8pA==
-=XtrP
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes192.sha1.mdc.s2k3.z0
-
-jA0ECAMCI7YQpWqp3D1g0kQBCjB7GlX7+SQeXNleXeXQ78ZAPNliquGDq9u378zI
-5FPTqAhIB2/2fjY8QEIs1ai00qphjX2NitxV/3Wn+6dufB4Q4g==
-=rCZt
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes256.sha1.mdc.s2k3.z0
-
-jA0ECQMC4f/5djqCC1Rg0kQBTHEPsD+Sw7biBsM2er3vKyGPAQkuTBGKC5ie7hT/
-lceMfQdbAg6oTFyJpk/wH18GzRDphCofg0X8uLgkAKMrpcmgog==
-=fB6S
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
--- Checking MDC modes
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.nomdc.s2k3.z0
-
-jA0EBwMCnv07rlXqWctgyS2Dm2JfOKCRL4sLSLJUC8RS2cH7cIhKSuLitOtyquB+
-u9YkgfJfsuRJmgQ9tmo=
-=60ui
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.mdc.s2k3.z0
-
-jA0EBwMCEeP3idNjQ1Bg0kQBf4G0wX+2QNzLh2YNwYkQgQkfYhn/hLXjV4nK9nsE
-8Ex1Dsdt5UPvOz8W8VKQRS6loOfOe+yyXil8W3IYFwUpdDUi+Q==
-=moGf
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
--- Checking hashes
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.md5.mdc.s2k3.z0
-
-jA0EBwMClrXXtOXetohg0kQBn0Kl1ymevQZRHkdoYRHgzCwSQEiss7zYff2UNzgO
-KyRrHf7zEBuZiZ2AG34jNVMOLToj1jJUg5zTSdecUzQVCykWTA==
-=NyLk
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.mdc.s2k3.z0
-
-jA0EBwMCApbdlrURoWJg0kQBzHM/E0o7djY82bNuspjxjAcPFrrtp0uvDdMQ4z2m
-/PM8jhgI5vxFYfNQjLl8y3fHYIomk9YflN9K/Q13iq8A8sjeTw==
-=FxbQ
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
--- Checking S2K modes
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.mdc.s2k0.z0
-
-jAQEBwAC0kQBKTaLAKE3xzps+QIZowqRNb2eAdzBw2LxEW2YD5PgNlbhJdGg+dvw
-Ah9GXjGS1TVALzTImJbz1uHUZRfhJlFbc5yGQw==
-=YvkV
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.mdc.s2k1.z0
-
-jAwEBwEC/QTByBLI3b/SRAHPxKzI6SZBo5lAEOD+EsvKQWO4adL9tDY+++Iqy1xK
-4IaWXVKEj9R2Lr2xntWWMGZtcKtjD2lFFRXXd9dZp1ZThNDz
-=dbXm
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.mdc.s2k3.z0
-
-jA0EBwMCEq4Su3ZqNEJg0kQB4QG5jBTKF0i04xtH+avzmLhstBNRxvV3nsmB3cwl
-z+9ZaA/XdSx5ZiFnMym8P6r8uY9rLjjNptvvRHlxIReF+p9MNg==
-=VJKg
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes192.sha1.mdc.s2k0.z0
-
-jAQECAAC0kQBBDnQWkgsx9YFaqDfWmpsiyAJ6y2xG/sBvap1dySYEMuZ+wJTXQ9E
-Cr3i2M7TgVZ0M4jp4QL0adG1lpN5iK7aQeOwMw==
-=cg+i
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes192.sha1.mdc.s2k1.z0
-
-jAwECAECruOfyNDFiTnSRAEVoGXm4A9UZKkWljdzjEO/iaE7mIraltIpQMkiqCh9
-7h8uZ2u9uRBOv222fZodGvc6bvq/4R4hAa/6qSHtm8mdmvGt
-=aHmC
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes192.sha1.mdc.s2k3.z0
-
-jA0ECAMCjFn6SRi3SONg0kQBqtSHPaD0m7rXfDAhCWU/ypAsI93GuHGRyM99cvMv
-q6eF6859ZVnli3BFSDSk3a4e/pXhglxmDYCfjAXkozKNYLo6yw==
-=K0LS
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes256.sha1.mdc.s2k0.z0
-
-jAQECQAC0kQB4L1eMbani07XF2ZYiXNK9LW3v8w41oUPl7dStmrJPQFwsdxmrDHu
-rQr3WbdKdY9ufjOE5+mXI+EFkSPrF9rL9NCq6w==
-=RGts
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes256.sha1.mdc.s2k1.z0
-
-jAwECQECKHhrou7ZOIXSRAHWIVP+xjVQcjAVBTt+qh9SNzYe248xFTwozkwev3mO
-+KVJW0qhk0An+Y2KF99/bYFl9cL5D3Tl43fC8fXGl3x3m7pR
-=SUrU
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes256.sha1.mdc.s2k3.z0
-
-jA0ECQMCjc8lwZu8Fz1g0kQBkEzjImi21liep5jj+3dAJ2aZFfUkohi8b3n9z+7+
-4+NRzL7cMW2RLAFnJbiqXDlRHMwleeuLN1up2WIxsxtYYuaBjA==
-=XZrG
------END PGP MESSAGE-----
-'), 'foobar');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
--- Checking longer passwords
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.mdc.s2k3.z0
-
-jA0EBwMCx6dBiuqrYNRg0kQBEo63AvA1SCslxP7ayanLf1H0/hlk2nONVhTwVEWi
-tTGup1mMz6Cfh1uDRErUuXpx9A0gdMu7zX0o5XjrL7WGDAZdSw==
-=XKKG
------END PGP MESSAGE-----
-'), '0123456789abcdefghij');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.mdc.s2k3.z0
-
-jA0EBwMCBDvYuS990iFg0kQBW31UK5OiCjWf5x6KJ8qNNT2HZWQCjCBZMU0XsOC6
-CMxFKadf144H/vpoV9GA0f22keQgCl0EsTE4V4lweVOPTKCMJg==
-=gWDh
------END PGP MESSAGE-----
-'), '0123456789abcdefghij2jk4h5g2j54khg23h54g2kh54g2khj54g23hj54');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.mdc.s2k3.z0
-
-jA0EBwMCqXbFafC+ofVg0kQBejyiPqH0QMERVGfmPOjtAxvyG5KDIJPYojTgVSDt
-FwsDabdQUz5O7bgNSnxfmyw1OifGF+W2bIn/8W+0rDf8u3+O+Q==
-=OxOF
------END PGP MESSAGE-----
-'), 'x');
- pgp_sym_decrypt
------------------
- Secret message.
-(1 row)
-
--- Checking various data
-select encode(digest(pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat1.aes.sha1.mdc.s2k3.z0
-
-jA0EBwMCGJ+SpuOysINg0kQBJfSjzsW0x4OVcAyr17O7FBvMTwIGeGcJd99oTQU8
-Xtx3kDqnhUq9Z1fS3qPbi5iNP2A9NxOBxPWz2JzxhydANlgbxg==
-=W/ik
------END PGP MESSAGE-----
-'), '0123456789abcdefghij'), 'sha1'), 'hex');
- encode
-------------------------------------------
- 0225e3ede6f2587b076d021a189ff60aad67e066
-(1 row)
-
--- expected: 0225e3ede6f2587b076d021a189ff60aad67e066
-select encode(digest(pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat2.aes.sha1.mdc.s2k3.z0
-
-jA0EBwMCvdpDvidNzMxg0jUBvj8eS2+1t/9/zgemxvhtc0fvdKGGbjH7dleaTJRB
-SaV9L04ky1qECNDx3XjnoKLC+H7IOQ==
-=Fxen
------END PGP MESSAGE-----
-'), '0123456789abcdefghij'), 'sha1'), 'hex');
- encode
-------------------------------------------
- da39a3ee5e6b4b0d3255bfef95601890afd80709
-(1 row)
-
--- expected: da39a3ee5e6b4b0d3255bfef95601890afd80709
-select encode(digest(pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: dat3.aes.sha1.mdc.s2k3.z0
-
-jA0EBwMCxQvxJZ3G/HRg0lgBeYmTa7/uDAjPyFwSX4CYBgpZWVn/JS8JzILrcWF8
-gFnkUKIE0PSaYFp+Yi1VlRfUtRQ/X/LYNGa7tWZS+4VQajz2Xtz4vUeAEiYFYPXk
-73Hb8m1yRhQK
-=ivrD
------END PGP MESSAGE-----
-'), '0123456789abcdefghij'), 'sha1'), 'hex');
- encode
-------------------------------------------
- 5e5c135efc0dd00633efc6dfd6e731ea408a5b4c
-(1 row)
-
--- expected: 5e5c135efc0dd00633efc6dfd6e731ea408a5b4c
--- Checking CRLF
-select encode(digest(pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: crlf mess
-
-ww0ECQMCt7VAtby6l4Bi0lgB5KMIZiiF/b3CfMfUyY0eDncsGXtkbu1X+l9brjpMP8eJnY79Amms
-a3nsOzKTXUfS9VyaXo8IrncM6n7fdaXpwba/3tNsAhJG4lDv1k4g9v8Ix2dfv6Rs
-=mBP9
------END PGP MESSAGE-----
-'), 'key', 'convert-crlf=0'), 'sha1'), 'hex');
- encode
-------------------------------------------
- 9353062be7720f1446d30b9e75573a4833886784
-(1 row)
-
--- expected: 9353062be7720f1446d30b9e75573a4833886784
-select encode(digest(pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-Comment: crlf mess
-
-ww0ECQMCt7VAtby6l4Bi0lgB5KMIZiiF/b3CfMfUyY0eDncsGXtkbu1X+l9brjpMP8eJnY79Amms
-a3nsOzKTXUfS9VyaXo8IrncM6n7fdaXpwba/3tNsAhJG4lDv1k4g9v8Ix2dfv6Rs
-=mBP9
------END PGP MESSAGE-----
-'), 'key', 'convert-crlf=1'), 'sha1'), 'hex');
- encode
-------------------------------------------
- 7efefcab38467f7484d6fa43dc86cf5281bd78e2
-(1 row)
-
--- expected: 7efefcab38467f7484d6fa43dc86cf5281bd78e2
--- check BUG #11905, problem with messages 6 less than a power of 2.
-select pgp_sym_decrypt(pgp_sym_encrypt(repeat('x',65530),'1'),'1') = repeat('x',65530);
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- expected: true
--- Negative tests
--- Decryption with a certain incorrect key yields an apparent Literal Data
--- packet reporting its content to be binary data. Ciphertext source:
--- iterative pgp_sym_encrypt('secret', 'key') until the random prefix gave
--- rise to that property.
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-
-ww0EBwMCxf8PTrQBmJdl0jcB6y2joE7GSLKRv7trbNsF5Z8ou5NISLUg31llVH/S0B2wl4bvzZjV
-VsxxqLSPzNLAeIspJk5G
-=mSd/
------END PGP MESSAGE-----
-'), 'wrong-key', 'debug=1');
-NOTICE: dbg: prefix_init: corrupt prefix
-NOTICE: dbg: parse_literal_data: data type=b
-NOTICE: dbg: mdcbuf_finish: bad MDC pkt hdr
-ERROR: Wrong key or corrupt data
--- Routine text/binary mismatch.
-select pgp_sym_decrypt(pgp_sym_encrypt_bytea('P', 'key'), 'key', 'debug=1');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- Decryption with a certain incorrect key yields an apparent BZip2-compressed
--- plaintext. Ciphertext source: iterative pgp_sym_encrypt('secret', 'key')
--- until the random prefix gave rise to that property.
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-
-ww0EBwMC9rK/dMkF5Zlt0jcBlzAQ1mQY2qYbKYbw8h3EZ5Jk0K2IiY92R82TRhWzBIF/8cmXDPtP
-GXsd65oYJZp3Khz0qfyn
-=Nmpq
------END PGP MESSAGE-----
-'), 'wrong-key', 'debug=1');
-NOTICE: dbg: prefix_init: corrupt prefix
-NOTICE: dbg: parse_compressed_data: bzip2 unsupported
-NOTICE: dbg: mdcbuf_finish: bad MDC pkt hdr
-ERROR: Wrong key or corrupt data
--- Routine use of BZip2 compression. Ciphertext source:
--- echo x | gpg --homedir /nonexistent --personal-compress-preferences bzip2 \
--- --personal-cipher-preferences aes --no-emit-version --batch \
--- --symmetric --passphrase key --armor
-select pgp_sym_decrypt(dearmor('
------BEGIN PGP MESSAGE-----
-
-jA0EBwMCRhFrAKNcLVJg0mMBLJG1cCASNk/x/3dt1zJ+2eo7jHfjgg3N6wpB3XIe
-QCwkWJwlBG5pzbO5gu7xuPQN+TbPJ7aQ2sLx3bAHhtYb0i3vV9RO10Gw++yUyd4R
-UCAAw2JRIISttRHMfDpDuZJpvYo=
-=AZ9M
------END PGP MESSAGE-----
-'), 'key', 'debug=1');
-NOTICE: dbg: parse_compressed_data: bzip2 unsupported
-ERROR: Unsupported compression algorithm
diff --git a/contrib/pgcrypto/expected/pgp-encrypt_1.out b/contrib/pgcrypto/expected/pgp-encrypt_1.out
deleted file mode 100644
index 72f346414a..0000000000
--- a/contrib/pgcrypto/expected/pgp-encrypt_1.out
+++ /dev/null
@@ -1,161 +0,0 @@
---
--- PGP encrypt
---
--- ensure consistent test output regardless of the default bytea format
-SET bytea_output TO escape;
-select pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key'), 'key');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- check whether the defaults are ok
-select pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key'),
- 'key', 'expect-cipher-algo=aes128,
- expect-disable-mdc=0,
- expect-sess-key=0,
- expect-s2k-mode=3,
- expect-s2k-digest-algo=sha1,
- expect-compress-algo=0
- ');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- maybe the expect- stuff simply does not work
-select pgp_sym_decrypt(pgp_sym_encrypt('Secret.', 'key'),
- 'key', 'expect-cipher-algo=bf,
- expect-disable-mdc=1,
- expect-sess-key=1,
- expect-s2k-mode=0,
- expect-s2k-digest-algo=md5,
- expect-compress-algo=1
- ');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- bytea as text
-select pgp_sym_decrypt(pgp_sym_encrypt_bytea('Binary', 'baz'), 'baz');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- text as bytea
-select pgp_sym_decrypt_bytea(pgp_sym_encrypt('Text', 'baz'), 'baz');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- algorithm change
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=bf'),
- 'key', 'expect-cipher-algo=bf');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes'),
- 'key', 'expect-cipher-algo=aes128');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 'cipher-algo=aes192'),
- 'key', 'expect-cipher-algo=aes192');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- s2k change
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 's2k-mode=0'),
- 'key', 'expect-s2k-mode=0');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 's2k-mode=1'),
- 'key', 'expect-s2k-mode=1');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 's2k-mode=3'),
- 'key', 'expect-s2k-mode=3');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- s2k count change
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 's2k-count=1024'),
- 'key', 'expect-s2k-count=1024');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- s2k_count rounds up
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 's2k-count=65000000'),
- 'key', 'expect-s2k-count=65000000');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- s2k digest change
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 's2k-digest-algo=md5'),
- 'key', 'expect-s2k-digest-algo=md5');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 's2k-digest-algo=sha1'),
- 'key', 'expect-s2k-digest-algo=sha1');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- sess key
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 'sess-key=0'),
- 'key', 'expect-sess-key=0');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 'sess-key=1'),
- 'key', 'expect-sess-key=1');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 'sess-key=1, cipher-algo=bf'),
- 'key', 'expect-sess-key=1, expect-cipher-algo=bf');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 'sess-key=1, cipher-algo=aes192'),
- 'key', 'expect-sess-key=1, expect-cipher-algo=aes192');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 'sess-key=1, cipher-algo=aes256'),
- 'key', 'expect-sess-key=1, expect-cipher-algo=aes256');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- no mdc
-select pgp_sym_decrypt(
- pgp_sym_encrypt('Secret.', 'key', 'disable-mdc=1'),
- 'key', 'expect-disable-mdc=1');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- crlf
-select encode(pgp_sym_decrypt_bytea(
- pgp_sym_encrypt(E'1\n2\n3\r\n', 'key', 'convert-crlf=1'),
- 'key'), 'hex');
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- conversion should be lossless
-select encode(digest(pgp_sym_decrypt(
- pgp_sym_encrypt(E'\r\n0\n1\r\r\n\n2\r', 'key', 'convert-crlf=1'),
- 'key', 'convert-crlf=1'), 'sha1'), 'hex') as result,
- encode(digest(E'\r\n0\n1\r\r\n\n2\r', 'sha1'), 'hex') as expect;
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
diff --git a/contrib/pgcrypto/expected/pgp-pubkey-encrypt_1.out b/contrib/pgcrypto/expected/pgp-pubkey-encrypt_1.out
deleted file mode 100644
index 6da4c6da41..0000000000
--- a/contrib/pgcrypto/expected/pgp-pubkey-encrypt_1.out
+++ /dev/null
@@ -1,62 +0,0 @@
---
--- PGP Public Key Encryption
---
--- ensure consistent test output regardless of the default bytea format
-SET bytea_output TO escape;
--- successful encrypt/decrypt
-select pgp_pub_decrypt(
- pgp_pub_encrypt('Secret msg', dearmor(pubkey)),
- dearmor(seckey))
-from keytbl where keytbl.id=1;
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_pub_decrypt(
- pgp_pub_encrypt('Secret msg', dearmor(pubkey)),
- dearmor(seckey))
-from keytbl where keytbl.id=2;
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_pub_decrypt(
- pgp_pub_encrypt('Secret msg', dearmor(pubkey)),
- dearmor(seckey))
-from keytbl where keytbl.id=3;
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
-select pgp_pub_decrypt(
- pgp_pub_encrypt('Secret msg', dearmor(pubkey)),
- dearmor(seckey))
-from keytbl where keytbl.id=6;
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- try with rsa-sign only
-select pgp_pub_decrypt(
- pgp_pub_encrypt('Secret msg', dearmor(pubkey)),
- dearmor(seckey))
-from keytbl where keytbl.id=4;
-ERROR: No encryption key found
--- try with secret key
-select pgp_pub_decrypt(
- pgp_pub_encrypt('Secret msg', dearmor(seckey)),
- dearmor(seckey))
-from keytbl where keytbl.id=1;
-ERROR: Refusing to encrypt with secret key
--- does text-to-bytea works
-select pgp_pub_decrypt_bytea(
- pgp_pub_encrypt('Secret msg', dearmor(pubkey)),
- dearmor(seckey))
-from keytbl where keytbl.id=1;
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
--- and bytea-to-text?
-select pgp_pub_decrypt(
- pgp_pub_encrypt_bytea('Secret msg', dearmor(pubkey)),
- dearmor(seckey))
-from keytbl where keytbl.id=1;
-ERROR: generating random data is not supported by this build
-DETAIL: This functionality requires a source of strong random numbers.
-HINT: You need to rebuild PostgreSQL using --enable-strong-random.
diff --git a/contrib/pgcrypto/pgcrypto.c b/contrib/pgcrypto/pgcrypto.c
index de09ececcf..c558767909 100644
--- a/contrib/pgcrypto/pgcrypto.c
+++ b/contrib/pgcrypto/pgcrypto.c
@@ -34,7 +34,6 @@
#include <ctype.h>
#include "parser/scansup.h"
-#include "utils/backend_random.h"
#include "utils/builtins.h"
#include "utils/uuid.h"
@@ -423,7 +422,6 @@ PG_FUNCTION_INFO_V1(pg_random_bytes);
Datum
pg_random_bytes(PG_FUNCTION_ARGS)
{
-#ifdef HAVE_STRONG_RANDOM
int len = PG_GETARG_INT32(0);
bytea *res;
@@ -440,9 +438,6 @@ pg_random_bytes(PG_FUNCTION_ARGS)
px_THROW_ERROR(PXE_NO_RANDOM);
PG_RETURN_BYTEA_P(res);
-#else
- px_THROW_ERROR(PXE_NO_RANDOM);
-#endif
}
/* SQL function: gen_random_uuid() returns uuid */
@@ -451,11 +446,10 @@ PG_FUNCTION_INFO_V1(pg_random_uuid);
Datum
pg_random_uuid(PG_FUNCTION_ARGS)
{
-#ifdef HAVE_STRONG_RANDOM
uint8 *buf = (uint8 *) palloc(UUID_LEN);
/* Generate random bits. */
- if (!pg_backend_random((char *) buf, UUID_LEN))
+ if (!pg_strong_random(buf, UUID_LEN))
px_THROW_ERROR(PXE_NO_RANDOM);
/*
@@ -466,9 +460,6 @@ pg_random_uuid(PG_FUNCTION_ARGS)
buf[8] = (buf[8] & 0x3f) | 0x80; /* "variant" field */
PG_RETURN_UUID_P((pg_uuid_t *) buf);
-#else
- px_THROW_ERROR(PXE_NO_RANDOM);
-#endif
}
static void *
diff --git a/contrib/pgcrypto/pgp-encrypt.c b/contrib/pgcrypto/pgp-encrypt.c
index d510729e5b..8a6cd82675 100644
--- a/contrib/pgcrypto/pgp-encrypt.c
+++ b/contrib/pgcrypto/pgp-encrypt.c
@@ -37,8 +37,6 @@
#include "px.h"
#include "pgp.h"
-#include "utils/backend_random.h"
-
#define MDC_DIGEST_LEN 20
#define STREAM_ID 0xE0
@@ -481,13 +479,12 @@ init_encdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
static int
write_prefix(PGP_Context *ctx, PushFilter *dst)
{
-#ifdef HAVE_STRONG_RANDOM
uint8 prefix[PGP_MAX_BLOCK + 2];
int res,
bs;
bs = pgp_get_cipher_block_size(ctx->cipher_algo);
- if (!pg_backend_random((char *) prefix, bs))
+ if (!pg_strong_random(prefix, bs))
return PXE_NO_RANDOM;
prefix[bs + 0] = prefix[bs - 2];
@@ -496,9 +493,6 @@ write_prefix(PGP_Context *ctx, PushFilter *dst)
res = pushf_write(dst, prefix, bs + 2);
px_memset(prefix, 0, bs + 2);
return res < 0 ? res : 0;
-#else
- return PXE_NO_RANDOM;
-#endif
}
/*
@@ -587,13 +581,9 @@ init_sess_key(PGP_Context *ctx)
{
if (ctx->use_sess_key || ctx->pub_key)
{
-#ifdef HAVE_STRONG_RANDOM
ctx->sess_key_len = pgp_get_cipher_key_size(ctx->cipher_algo);
- if (!pg_strong_random((char *) ctx->sess_key, ctx->sess_key_len))
+ if (!pg_strong_random(ctx->sess_key, ctx->sess_key_len))
return PXE_NO_RANDOM;
-#else
- return PXE_NO_RANDOM;
-#endif
}
else
{
diff --git a/contrib/pgcrypto/pgp-mpi-internal.c b/contrib/pgcrypto/pgp-mpi-internal.c
index 545009ce19..c73f086b0b 100644
--- a/contrib/pgcrypto/pgp-mpi-internal.c
+++ b/contrib/pgcrypto/pgp-mpi-internal.c
@@ -57,13 +57,12 @@ mp_clear_free(mpz_t *a)
static int
mp_px_rand(uint32 bits, mpz_t *res)
{
-#ifdef HAVE_STRONG_RANDOM
unsigned bytes = (bits + 7) / 8;
int last_bits = bits & 7;
uint8 *buf;
buf = px_alloc(bytes);
- if (!pg_strong_random((char *) buf, bytes))
+ if (!pg_strong_random(buf, bytes))
{
px_free(buf);
return PXE_NO_RANDOM;
@@ -83,9 +82,6 @@ mp_px_rand(uint32 bits, mpz_t *res)
px_free(buf);
return 0;
-#else
- return PXE_NO_RANDOM;
-#endif
}
static void
diff --git a/contrib/pgcrypto/pgp-pubenc.c b/contrib/pgcrypto/pgp-pubenc.c
index 4439876664..d34ebe9eed 100644
--- a/contrib/pgcrypto/pgp-pubenc.c
+++ b/contrib/pgcrypto/pgp-pubenc.c
@@ -39,7 +39,6 @@
static int
pad_eme_pkcs1_v15(uint8 *data, int data_len, int res_len, uint8 **res_p)
{
-#ifdef HAVE_STRONG_RANDOM
uint8 *buf,
*p;
int pad_len = res_len - 2 - data_len;
@@ -50,7 +49,7 @@ pad_eme_pkcs1_v15(uint8 *data, int data_len, int res_len, uint8 **res_p)
buf = px_alloc(res_len);
buf[0] = 0x02;
- if (!pg_strong_random((char *) buf + 1, pad_len))
+ if (!pg_strong_random(buf + 1, pad_len))
{
px_free(buf);
return PXE_NO_RANDOM;
@@ -62,11 +61,10 @@ pad_eme_pkcs1_v15(uint8 *data, int data_len, int res_len, uint8 **res_p)
{
if (*p == 0)
{
- if (!pg_strong_random((char *) p, 1))
+ if (!pg_strong_random(p, 1))
{
- px_memset(buf, 0, res_len);
px_free(buf);
- break;
+ return PXE_NO_RANDOM;
}
}
if (*p != 0)
@@ -78,10 +76,6 @@ pad_eme_pkcs1_v15(uint8 *data, int data_len, int res_len, uint8 **res_p)
*res_p = buf;
return 0;
-
-#else
- return PXE_NO_RANDOM;
-#endif
}
static int
diff --git a/contrib/pgcrypto/pgp-s2k.c b/contrib/pgcrypto/pgp-s2k.c
index a0fd8969ef..3f2f442ffc 100644
--- a/contrib/pgcrypto/pgp-s2k.c
+++ b/contrib/pgcrypto/pgp-s2k.c
@@ -34,7 +34,6 @@
#include "px.h"
#include "pgp.h"
-#include "utils/backend_random.h"
static int
calc_s2k_simple(PGP_S2K *s2k, PX_MD *md, const uint8 *key,
@@ -235,13 +234,13 @@ pgp_s2k_fill(PGP_S2K *s2k, int mode, int digest_algo, int count)
case PGP_S2K_SIMPLE:
break;
case PGP_S2K_SALTED:
- if (!pg_backend_random((char *) s2k->salt, PGP_S2K_SALT))
+ if (!pg_strong_random(s2k->salt, PGP_S2K_SALT))
return PXE_NO_RANDOM;
break;
case PGP_S2K_ISALTED:
- if (!pg_backend_random((char *) s2k->salt, PGP_S2K_SALT))
+ if (!pg_strong_random(s2k->salt, PGP_S2K_SALT))
return PXE_NO_RANDOM;
- if (!pg_backend_random((char *) &tmp, 1))
+ if (!pg_strong_random(&tmp, 1))
return PXE_NO_RANDOM;
s2k->iter = decide_s2k_iter(tmp, count);
break;
diff --git a/contrib/pgcrypto/px-crypt.c b/contrib/pgcrypto/px-crypt.c
index ee40788fe7..51be0b7da1 100644
--- a/contrib/pgcrypto/px-crypt.c
+++ b/contrib/pgcrypto/px-crypt.c
@@ -34,7 +34,6 @@
#include "px.h"
#include "px-crypt.h"
-#include "utils/backend_random.h"
static char *
run_crypt_des(const char *psw, const char *salt,
@@ -153,7 +152,7 @@ px_gen_salt(const char *salt_type, char *buf, int rounds)
return PXE_BAD_SALT_ROUNDS;
}
- if (!pg_backend_random(rbuf, g->input_len))
+ if (!pg_strong_random(rbuf, g->input_len))
return PXE_NO_RANDOM;
p = g->gen(rounds, rbuf, g->input_len, buf, PX_MAX_SALT_LEN);
diff --git a/contrib/pgcrypto/px.c b/contrib/pgcrypto/px.c
index aea8e863af..0f02fb56c4 100644
--- a/contrib/pgcrypto/px.c
+++ b/contrib/pgcrypto/px.c
@@ -56,7 +56,7 @@ static const struct error_desc px_err_list[] = {
{PXE_UNKNOWN_SALT_ALGO, "Unknown salt algorithm"},
{PXE_BAD_SALT_ROUNDS, "Incorrect number of rounds"},
{PXE_MCRYPT_INTERNAL, "mcrypt internal error"},
- {PXE_NO_RANDOM, "No strong random source"},
+ {PXE_NO_RANDOM, "Failed to generate strong random bits"},
{PXE_DECRYPT_FAILED, "Decryption failed"},
{PXE_PGP_CORRUPT_DATA, "Wrong key or corrupt data"},
{PXE_PGP_CORRUPT_ARMOR, "Corrupt ascii-armor"},
@@ -97,17 +97,9 @@ px_THROW_ERROR(int err)
{
if (err == PXE_NO_RANDOM)
{
-#ifdef HAVE_STRONG_RANDOM
ereport(ERROR,
(errcode(ERRCODE_INTERNAL_ERROR),
errmsg("could not generate a random number")));
-#else
- ereport(ERROR,
- (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
- errmsg("generating random data is not supported by this build"),
- errdetail("This functionality requires a source of strong random numbers."),
- errhint("You need to rebuild PostgreSQL using --enable-strong-random.")));
-#endif
}
else
{
diff --git a/doc/src/sgml/installation.sgml b/doc/src/sgml/installation.sgml
index d3326ce182..297f12e7f3 100644
--- a/doc/src/sgml/installation.sgml
+++ b/doc/src/sgml/installation.sgml
@@ -246,7 +246,10 @@ su - postgres
<para>
You need <productname>OpenSSL</productname>, if you want to support
encrypted client connections. The minimum required version is
- 0.9.8.
+ 0.9.8. <productname>OpenSSL</productname> is also required for
+ random number generation on platforms that do not have
+ <filename>/dev/urandom</filename> (except Windows). The minimum
+ required version is 0.9.8.
</para>
</listitem>
@@ -1111,24 +1114,6 @@ su - postgres
</listitem>
</varlistentry>
- <varlistentry>
- <term><option>--disable-strong-random</option></term>
- <listitem>
- <para>
- Allow the build to succeed even if <productname>PostgreSQL</productname>
- has no support for strong random numbers on the platform.
- A source of random numbers is needed for some authentication
- protocols, as well as some routines in the
- <xref linkend="pgcrypto"/>
- module. <option>--disable-strong-random</option> disables functionality that
- requires cryptographically strong random numbers, and substitutes
- a weak pseudo-random-number-generator for the generation of
- authentication salt values and query cancel keys. It may make
- authentication less secure.
- </para>
- </listitem>
- </varlistentry>
-
<varlistentry>
<term><option>--disable-thread-safety</option></term>
<listitem>
diff --git a/doc/src/sgml/monitoring.sgml b/doc/src/sgml/monitoring.sgml
index 96bcc3a63b..22c9f1a152 100644
--- a/doc/src/sgml/monitoring.sgml
+++ b/doc/src/sgml/monitoring.sgml
@@ -1034,10 +1034,6 @@ postgres 27093 0.0 0.0 30096 2752 ? Ss 11:34 0:00 postgres: ser
<entry><literal>OldSnapshotTimeMapLock</literal></entry>
<entry>Waiting to read or update old snapshot control information.</entry>
</row>
- <row>
- <entry><literal>BackendRandomLock</literal></entry>
- <entry>Waiting to generate a random number.</entry>
- </row>
<row>
<entry><literal>LogicalRepWorkerLock</literal></entry>
<entry>Waiting for action on logical replication worker to finish.</entry>
diff --git a/src/Makefile.global.in b/src/Makefile.global.in
index 956fd274cd..4962d0d20e 100644
--- a/src/Makefile.global.in
+++ b/src/Makefile.global.in
@@ -203,7 +203,6 @@ enable_dtrace = @enable_dtrace@
enable_coverage = @enable_coverage@
enable_tap_tests = @enable_tap_tests@
enable_thread_safety = @enable_thread_safety@
-enable_strong_random = @enable_strong_random@
python_includespec = @python_includespec@
python_libdir = @python_libdir@
diff --git a/src/backend/access/transam/xlog.c b/src/backend/access/transam/xlog.c
index a28be4f7db..0856e30ace 100644
--- a/src/backend/access/transam/xlog.c
+++ b/src/backend/access/transam/xlog.c
@@ -65,7 +65,6 @@
#include "storage/reinit.h"
#include "storage/smgr.h"
#include "storage/spin.h"
-#include "utils/backend_random.h"
#include "utils/builtins.h"
#include "utils/guc.h"
#include "utils/memutils.h"
@@ -5132,7 +5131,7 @@ BootStrapXLOG(void)
* a genuine-looking password challenge for the non-existent user, in lieu
* of an actual stored password.
*/
- if (!pg_backend_random(mock_auth_nonce, MOCK_AUTH_NONCE_LEN))
+ if (!pg_strong_random(mock_auth_nonce, MOCK_AUTH_NONCE_LEN))
ereport(PANIC,
(errcode(ERRCODE_INTERNAL_ERROR),
errmsg("could not generate secret authorization token")));
diff --git a/src/backend/libpq/auth-scram.c b/src/backend/libpq/auth-scram.c
index e997c94600..9a969a7029 100644
--- a/src/backend/libpq/auth-scram.c
+++ b/src/backend/libpq/auth-scram.c
@@ -102,7 +102,6 @@
#include "libpq/crypt.h"
#include "libpq/scram.h"
#include "miscadmin.h"
-#include "utils/backend_random.h"
#include "utils/builtins.h"
#include "utils/timestamp.h"
@@ -468,7 +467,7 @@ pg_be_scram_build_verifier(const char *password)
password = (const char *) prep_password;
/* Generate random salt */
- if (!pg_backend_random(saltbuf, SCRAM_DEFAULT_SALT_LEN))
+ if (!pg_strong_random(saltbuf, SCRAM_DEFAULT_SALT_LEN))
ereport(ERROR,
(errcode(ERRCODE_INTERNAL_ERROR),
errmsg("could not generate random salt")));
@@ -1123,7 +1122,7 @@ build_server_first_message(scram_state *state)
char raw_nonce[SCRAM_RAW_NONCE_LEN];
int encoded_len;
- if (!pg_backend_random(raw_nonce, SCRAM_RAW_NONCE_LEN))
+ if (!pg_strong_random(raw_nonce, SCRAM_RAW_NONCE_LEN))
ereport(ERROR,
(errcode(ERRCODE_INTERNAL_ERROR),
errmsg("could not generate random nonce")));
diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c
index ff0832dba8..0c2ca39d1b 100644
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -36,7 +36,6 @@
#include "port/pg_bswap.h"
#include "replication/walsender.h"
#include "storage/ipc.h"
-#include "utils/backend_random.h"
#include "utils/timestamp.h"
@@ -835,7 +834,7 @@ CheckMD5Auth(Port *port, char *shadow_pass, char **logdetail)
errmsg("MD5 authentication is not supported when \"db_user_namespace\" is enabled")));
/* include the salt to use for computing the response */
- if (!pg_backend_random(md5Salt, 4))
+ if (!pg_strong_random(md5Salt, 4))
{
ereport(LOG,
(errmsg("could not generate random MD5 salt")));
@@ -3036,7 +3035,7 @@ PerformRadiusTransaction(const char *server, const char *secret, const char *por
/* Construct RADIUS packet */
packet->code = RADIUS_ACCESS_REQUEST;
packet->length = RADIUS_HEADER_LENGTH;
- if (!pg_backend_random((char *) packet->vector, RADIUS_VECTOR_LENGTH))
+ if (!pg_strong_random(packet->vector, RADIUS_VECTOR_LENGTH))
{
ereport(LOG,
(errmsg("could not generate random encryption vector")));
diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c
index 2d5a0ac7d3..406cc2cf2d 100644
--- a/src/backend/postmaster/postmaster.c
+++ b/src/backend/postmaster/postmaster.c
@@ -367,16 +367,6 @@ static volatile sig_atomic_t WalReceiverRequested = false;
static volatile bool StartWorkerNeeded = true;
static volatile bool HaveCrashedWorker = false;
-#ifndef HAVE_STRONG_RANDOM
-/*
- * State for assigning cancel keys.
- * Also, the global MyCancelKey passes the cancel key assigned to a given
- * backend from the postmaster to that backend (via fork).
- */
-static unsigned int random_seed = 0;
-static struct timeval random_start_time;
-#endif
-
#ifdef USE_SSL
/* Set when and if SSL has been initialized properly */
static bool LoadedSSL = false;
@@ -1361,10 +1351,6 @@ PostmasterMain(int argc, char *argv[])
* Remember postmaster startup time
*/
PgStartTime = GetCurrentTimestamp();
-#ifndef HAVE_STRONG_RANDOM
- /* RandomCancelKey wants its own copy */
- gettimeofday(&random_start_time, NULL);
-#endif
/*
* Report postmaster status in the postmaster.pid file, to allow pg_ctl to
@@ -2531,27 +2517,12 @@ InitProcessGlobals(void)
MyStartTimestamp = GetCurrentTimestamp();
MyStartTime = timestamptz_to_time_t(MyStartTimestamp);
- /*
- * Don't want backend to be able to see the postmaster random number
- * generator state. We have to clobber the static random_seed.
- */
-#ifndef HAVE_STRONG_RANDOM
- random_seed = 0;
- random_start_time.tv_usec = 0;
-#endif
-
/*
* Set a different seed for random() in every process. We want something
* unpredictable, so if possible, use high-quality random bits for the
* seed. Otherwise, fall back to a seed based on timestamp and PID.
- *
- * Note we can't use pg_backend_random here, since this is used in the
- * postmaster, and even in a backend we might not be attached to shared
- * memory yet.
*/
-#ifdef HAVE_STRONG_RANDOM
if (!pg_strong_random(&rseed, sizeof(rseed)))
-#endif
{
/*
* Since PIDs and timestamps tend to change more frequently in their
@@ -5256,38 +5227,7 @@ StartupPacketTimeoutHandler(void)
static bool
RandomCancelKey(int32 *cancel_key)
{
-#ifdef HAVE_STRONG_RANDOM
- return pg_strong_random((char *) cancel_key, sizeof(int32));
-#else
-
- /*
- * If built with --disable-strong-random, use plain old erand48.
- *
- * We cannot use pg_backend_random() in postmaster, because it stores its
- * state in shared memory.
- */
- static unsigned short seed[3];
-
- /*
- * Select a random seed at the time of first receiving a request.
- */
- if (random_seed == 0)
- {
- struct timeval random_stop_time;
-
- gettimeofday(&random_stop_time, NULL);
-
- seed[0] = (unsigned short) random_start_time.tv_usec;
- seed[1] = (unsigned short) (random_stop_time.tv_usec) ^ (random_start_time.tv_usec >> 16);
- seed[2] = (unsigned short) (random_stop_time.tv_usec >> 16);
-
- random_seed = 1;
- }
-
- *cancel_key = pg_jrand48(seed);
-
- return true;
-#endif
+ return pg_strong_random(cancel_key, sizeof(int32));
}
/*
diff --git a/src/backend/storage/ipc/ipci.c b/src/backend/storage/ipc/ipci.c
index 0c86a581c0..473513a927 100644
--- a/src/backend/storage/ipc/ipci.c
+++ b/src/backend/storage/ipc/ipci.c
@@ -44,7 +44,6 @@
#include "storage/procsignal.h"
#include "storage/sinvaladt.h"
#include "storage/spin.h"
-#include "utils/backend_random.h"
#include "utils/snapmgr.h"
@@ -149,7 +148,6 @@ CreateSharedMemoryAndSemaphores(bool makePrivate, int port)
size = add_size(size, BTreeShmemSize());
size = add_size(size, SyncScanShmemSize());
size = add_size(size, AsyncShmemSize());
- size = add_size(size, BackendRandomShmemSize());
#ifdef EXEC_BACKEND
size = add_size(size, ShmemBackendArraySize());
#endif
@@ -269,7 +267,6 @@ CreateSharedMemoryAndSemaphores(bool makePrivate, int port)
BTreeShmemInit();
SyncScanShmemInit();
AsyncShmemInit();
- BackendRandomShmemInit();
#ifdef EXEC_BACKEND
diff --git a/src/backend/storage/lmgr/lwlocknames.txt b/src/backend/storage/lmgr/lwlocknames.txt
index e6025ecedb..db47843229 100644
--- a/src/backend/storage/lmgr/lwlocknames.txt
+++ b/src/backend/storage/lmgr/lwlocknames.txt
@@ -47,6 +47,5 @@ CommitTsLock 39
ReplicationOriginLock 40
MultiXactTruncationLock 41
OldSnapshotTimeMapLock 42
-BackendRandomLock 43
-LogicalRepWorkerLock 44
-CLogTruncationLock 45
+LogicalRepWorkerLock 43
+CLogTruncationLock 44
diff --git a/src/backend/utils/adt/float.c b/src/backend/utils/adt/float.c
index add099ec9d..1407f9612c 100644
--- a/src/backend/utils/adt/float.c
+++ b/src/backend/utils/adt/float.c
@@ -24,7 +24,6 @@
#include "libpq/pqformat.h"
#include "miscadmin.h"
#include "utils/array.h"
-#include "utils/backend_random.h"
#include "utils/float.h"
#include "utils/fmgrprotos.h"
#include "utils/sortsupport.h"
@@ -2393,7 +2392,7 @@ drandom(PG_FUNCTION_ARGS)
* Should that fail for some reason, we fall back on a lower-quality
* seed based on current time and PID.
*/
- if (!pg_backend_random((char *) drandom_seed, sizeof(drandom_seed)))
+ if (!pg_strong_random(drandom_seed, sizeof(drandom_seed)))
{
TimestampTz now = GetCurrentTimestamp();
uint64 iseed;
diff --git a/src/backend/utils/misc/Makefile b/src/backend/utils/misc/Makefile
index a53fcdf188..ec7ec131e5 100644
--- a/src/backend/utils/misc/Makefile
+++ b/src/backend/utils/misc/Makefile
@@ -14,9 +14,9 @@ include $(top_builddir)/src/Makefile.global
override CPPFLAGS := -I. -I$(srcdir) $(CPPFLAGS)
-OBJS = backend_random.o guc.o help_config.o pg_config.o pg_controldata.o \
- pg_rusage.o ps_status.o queryenvironment.o rls.o sampling.o \
- superuser.o timeout.o tzparser.o
+OBJS = guc.o help_config.o pg_config.o pg_controldata.o pg_rusage.o \
+ ps_status.o queryenvironment.o rls.o sampling.o superuser.o \
+ timeout.o tzparser.o
# This location might depend on the installation directories. Therefore
# we can't substitute it into pg_config.h.
diff --git a/src/backend/utils/misc/backend_random.c b/src/backend/utils/misc/backend_random.c
deleted file mode 100644
index a64f3ac398..0000000000
--- a/src/backend/utils/misc/backend_random.c
+++ /dev/null
@@ -1,158 +0,0 @@
-/*-------------------------------------------------------------------------
- *
- * backend_random.c
- * Backend random number generation routine.
- *
- * pg_backend_random() function fills a buffer with random bytes. Normally,
- * it is just a thin wrapper around pg_strong_random(), but when compiled
- * with --disable-strong-random, we provide a built-in implementation.
- *
- * This function is used for generating nonces in authentication, and for
- * random salt generation in pgcrypto. The built-in implementation is not
- * cryptographically strong, but if the user asked for it, we'll go ahead
- * and use it anyway.
- *
- * The built-in implementation uses the standard erand48 algorithm, with
- * a seed shared between all backends.
- *
- * Portions Copyright (c) 1996-2018, PostgreSQL Global Development Group
- * Portions Copyright (c) 1994, Regents of the University of California
- *
- *
- * IDENTIFICATION
- * src/backend/utils/misc/backend_random.c
- *
- *-------------------------------------------------------------------------
- */
-
-#include "postgres.h"
-
-#include <sys/time.h>
-
-#include "miscadmin.h"
-#include "storage/lwlock.h"
-#include "storage/shmem.h"
-#include "utils/backend_random.h"
-#include "utils/timestamp.h"
-
-#ifdef HAVE_STRONG_RANDOM
-
-Size
-BackendRandomShmemSize(void)
-{
- return 0;
-}
-
-void
-BackendRandomShmemInit(void)
-{
- /* do nothing */
-}
-
-bool
-pg_backend_random(char *dst, int len)
-{
- /* should not be called in postmaster */
- Assert(IsUnderPostmaster || !IsPostmasterEnvironment);
-
- return pg_strong_random(dst, len);
-}
-
-#else
-
-/*
- * Seed for the PRNG, stored in shared memory.
- *
- * Protected by BackendRandomLock.
- */
-typedef struct
-{
- bool initialized;
- unsigned short seed[3];
-} BackendRandomShmemStruct;
-
-static BackendRandomShmemStruct * BackendRandomShmem;
-
-Size
-BackendRandomShmemSize(void)
-{
- return sizeof(BackendRandomShmemStruct);
-}
-
-void
-BackendRandomShmemInit(void)
-{
- bool found;
-
- BackendRandomShmem = (BackendRandomShmemStruct *)
- ShmemInitStruct("Backend PRNG state",
- BackendRandomShmemSize(),
- &found);
-
- if (!IsUnderPostmaster)
- {
- Assert(!found);
-
- BackendRandomShmem->initialized = false;
- }
- else
- Assert(found);
-}
-
-bool
-pg_backend_random(char *dst, int len)
-{
- int i;
- char *end = dst + len;
-
- /* should not be called in postmaster */
- Assert(IsUnderPostmaster || !IsPostmasterEnvironment);
-
- LWLockAcquire(BackendRandomLock, LW_EXCLUSIVE);
-
- /*
- * Seed the PRNG on the first use.
- */
- if (!BackendRandomShmem->initialized)
- {
- struct timeval now;
-
- gettimeofday(&now, NULL);
-
- BackendRandomShmem->seed[0] = now.tv_sec;
- BackendRandomShmem->seed[1] = (unsigned short) (now.tv_usec);
- BackendRandomShmem->seed[2] = (unsigned short) (now.tv_usec >> 16);
-
- /*
- * Mix in the cancel key, generated by the postmaster. This adds what
- * little entropy the postmaster had to the seed.
- */
- BackendRandomShmem->seed[0] ^= (MyCancelKey);
- BackendRandomShmem->seed[1] ^= (MyCancelKey >> 16);
-
- BackendRandomShmem->initialized = true;
- }
-
- for (i = 0; dst < end; i++)
- {
- uint32 r;
- int j;
-
- /*
- * pg_jrand48 returns a 32-bit integer. Fill the next 4 bytes from it.
- */
- r = (uint32) pg_jrand48(BackendRandomShmem->seed);
-
- for (j = 0; j < 4 && dst < end; j++)
- {
- *(dst++) = (char) (r & 0xFF);
- r >>= 8;
- }
- }
- LWLockRelease(BackendRandomLock);
-
- return true;
-}
-
-
-#endif /* HAVE_STRONG_RANDOM */
diff --git a/src/bin/pgbench/pgbench.c b/src/bin/pgbench/pgbench.c
index c64e16187a..f3f4ac3e3c 100644
--- a/src/bin/pgbench/pgbench.c
+++ b/src/bin/pgbench/pgbench.c
@@ -4844,13 +4844,9 @@ set_random_seed(const char *seed)
else if (strcmp(seed, "rand") == 0)
{
/* use some "strong" random source */
-#ifdef HAVE_STRONG_RANDOM
if (!pg_strong_random(&iseed, sizeof(iseed)))
-#endif
{
- fprintf(stderr,
- "cannot seed random from a strong source, none available: "
- "use \"time\" or an unsigned integer value.\n");
+ fprintf(stderr, "could not generate random seed.\n");
return false;
}
}
diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
index 76bd81e9bf..9d99816eae 100644
--- a/src/include/pg_config.h.in
+++ b/src/include/pg_config.h.in
@@ -552,9 +552,6 @@
/* Define to 1 if you have the `strnlen' function. */
#undef HAVE_STRNLEN
-/* Define to use have a strong random number source */
-#undef HAVE_STRONG_RANDOM
-
/* Define to 1 if you have the `strsignal' function. */
#undef HAVE_STRSIGNAL
diff --git a/src/include/pg_config.h.win32 b/src/include/pg_config.h.win32
index de0c4d9997..1a89a8c24e 100644
--- a/src/include/pg_config.h.win32
+++ b/src/include/pg_config.h.win32
@@ -412,9 +412,6 @@
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
-/* Define to use have a strong random number source */
-#define HAVE_STRONG_RANDOM 1
-
/* Define to 1 if you have the `strsignal' function. */
/* #undef HAVE_STRSIGNAL */
diff --git a/src/include/port.h b/src/include/port.h
index 570a9052a2..ebf9d55979 100644
--- a/src/include/port.h
+++ b/src/include/port.h
@@ -498,9 +498,12 @@ extern char *inet_net_ntop(int af, const void *src, int bits,
char *dst, size_t size);
/* port/pg_strong_random.c */
-#ifdef HAVE_STRONG_RANDOM
extern bool pg_strong_random(void *buf, size_t len);
-#endif
+/*
+ * pg_backend_random used to be a wrapper for pg_strong_random before
+ * Postgres 12 for the backend code.
+ */
+#define pg_backend_random pg_strong_random
/* port/pgcheckdir.c */
extern int pg_check_dir(const char *dir);
diff --git a/src/include/utils/backend_random.h b/src/include/utils/backend_random.h
deleted file mode 100644
index 99ea2cb9fb..0000000000
--- a/src/include/utils/backend_random.h
+++ /dev/null
@@ -1,19 +0,0 @@
-/*-------------------------------------------------------------------------
- *
- * backend_random.h
- * Declarations for backend random number generation
- *
- * Portions Copyright (c) 1996-2018, PostgreSQL Global Development Group
- *
- * src/include/utils/backend_random.h
- *
- *-------------------------------------------------------------------------
- */
-#ifndef BACKEND_RANDOM_H
-#define BACKEND_RANDOM_H
-
-extern Size BackendRandomShmemSize(void);
-extern void BackendRandomShmemInit(void);
-extern bool pg_backend_random(char *dst, int len);
-
-#endif /* BACKEND_RANDOM_H */
diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c
index 603ef4c002..6f9e6789d5 100644
--- a/src/interfaces/libpq/fe-auth-scram.c
+++ b/src/interfaces/libpq/fe-auth-scram.c
@@ -19,11 +19,6 @@
#include "common/scram-common.h"
#include "fe-auth.h"
-/* These are needed for getpid(), in the fallback implementation */
-#ifndef HAVE_STRONG_RANDOM
-#include <sys/types.h>
-#include <unistd.h>
-#endif
/*
* Status of exchange messages used for SCRAM authentication via the
@@ -72,7 +67,6 @@ static bool verify_server_signature(fe_scram_state *state);
static void calculate_client_proof(fe_scram_state *state,
const char *client_final_message_without_proof,
uint8 *result);
-static bool pg_frontend_random(char *dst, int len);
/*
* Initialize SCRAM exchange status.
@@ -320,7 +314,7 @@ build_client_first_message(fe_scram_state *state)
* Generate a "raw" nonce. This is converted to ASCII-printable form by
* base64-encoding it.
*/
- if (!pg_frontend_random(raw_nonce, SCRAM_RAW_NONCE_LEN))
+ if (!pg_strong_random(raw_nonce, SCRAM_RAW_NONCE_LEN))
{
printfPQExpBuffer(&conn->errorMessage,
libpq_gettext("could not generate nonce\n"));
@@ -764,7 +758,7 @@ pg_fe_scram_build_verifier(const char *password)
password = (const char *) prep_password;
/* Generate a random salt */
- if (!pg_frontend_random(saltbuf, SCRAM_DEFAULT_SALT_LEN))
+ if (!pg_strong_random(saltbuf, SCRAM_DEFAULT_SALT_LEN))
{
if (prep_password)
free(prep_password);
@@ -779,55 +773,3 @@ pg_fe_scram_build_verifier(const char *password)
return result;
}
-
-/*
- * Random number generator.
- */
-static bool
-pg_frontend_random(char *dst, int len)
-{
-#ifdef HAVE_STRONG_RANDOM
- return pg_strong_random(dst, len);
-#else
- int i;
- char *end = dst + len;
-
- static unsigned short seed[3];
- static int mypid = 0;
-
- pglock_thread();
-
- if (mypid != getpid())
- {
- struct timeval now;
-
- gettimeofday(&now, NULL);
-
- seed[0] = now.tv_sec ^ getpid();
- seed[1] = (unsigned short) (now.tv_usec);
- seed[2] = (unsigned short) (now.tv_usec >> 16);
- }
-
- for (i = 0; dst < end; i++)
- {
- uint32 r;
- int j;
-
- /*
- * pg_jrand48 returns a 32-bit integer. Fill the next 4 bytes from
- * it.
- */
- r = (uint32) pg_jrand48(seed);
-
- for (j = 0; j < 4 && dst < end; j++)
- {
- *(dst++) = (char) (r & 0xFF);
- r >>= 8;
- }
- }
-
- pgunlock_thread();
-
- return true;
-#endif
-}
diff --git a/src/port/Makefile b/src/port/Makefile
index ae3f973ae1..9cfc0f9279 100644
--- a/src/port/Makefile
+++ b/src/port/Makefile
@@ -37,14 +37,10 @@ LIBS += $(PTHREAD_LIBS)
OBJS = $(LIBOBJS) $(PG_CRC32C_OBJS) chklocale.o erand48.o inet_net_ntop.o \
noblock.o path.o pgcheckdir.o pgmkdirp.o pgsleep.o \
- pgstrcasecmp.o pgstrsignal.o pqsignal.o \
+ pg_strong_random.o pgstrcasecmp.o pgstrsignal.o pqsignal.o \
qsort.o qsort_arg.o quotes.o snprintf.o sprompt.o strerror.o \
tar.o thread.o
-ifeq ($(enable_strong_random), yes)
-OBJS += pg_strong_random.o
-endif
-
# libpgport.a, libpgport_shlib.a, and libpgport_srv.a contain the same files
# foo.o, foo_shlib.o, and foo_srv.o are all built from foo.c
OBJS_SHLIB = $(OBJS:%.o=%_shlib.o)
signature.asc
Description: PGP signature
