On Wed, Nov 18, 2020 at 10:43:35AM +0100, Daniel Gustafsson wrote: > While it does simplify configure.ac, I'm just not a fan of the strict ordering > which is required without the labels even implying it. But that might just be > my personal preference.
I just looked at that, and the attached seems more intuitive to me. There is more code removed, but not that much either. -- Michael
From fac12471a159c50d2de7bcf4da9fb2951facda4e Mon Sep 17 00:00:00 2001
From: Michael Paquier <mich...@paquier.xyz>
Date: Thu, 19 Nov 2020 12:33:28 +0900
Subject: [PATCH v3] Remove ability to choose randomness source
There existed a possibility to mix and match the randomness source
with the TLS library via USE_*RANDOM defines when running configure.
This had little benefit in practice, and required complicated logic
in the strong_random code. This removes the ability to choose in
favor of always using the TLS library as a source of randomness iff
PostgreSQL is built with TLS, else the native platform source.
---
src/include/pg_config.h.in | 9 ------
src/port/pg_strong_random.c | 40 ++++++------------------
configure | 61 ++++++++++++-------------------------
configure.ac | 41 ++++++++-----------------
src/tools/msvc/Solution.pm | 3 --
5 files changed, 41 insertions(+), 113 deletions(-)
diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
index fb270df678..de8f838e53 100644
--- a/src/include/pg_config.h.in
+++ b/src/include/pg_config.h.in
@@ -862,9 +862,6 @@
/* Define to 1 to build with BSD Authentication support. (--with-bsd-auth) */
#undef USE_BSD_AUTH
-/* Define to use /dev/urandom for random number generation */
-#undef USE_DEV_URANDOM
-
/* Define to build with ICU support. (--with-icu) */
#undef USE_ICU
@@ -887,9 +884,6 @@
/* Define to build with OpenSSL support. (--with-openssl) */
#undef USE_OPENSSL
-/* Define to use OpenSSL for random number generation */
-#undef USE_OPENSSL_RANDOM
-
/* Define to 1 to build with PAM support. (--with-pam) */
#undef USE_PAM
@@ -914,9 +908,6 @@
/* Define to select unnamed POSIX semaphores. */
#undef USE_UNNAMED_POSIX_SEMAPHORES
-/* Define to use native Windows API for random number generation */
-#undef USE_WIN32_RANDOM
-
/* Define to select Win32-style semaphores. */
#undef USE_WIN32_SEMAPHORES
diff --git a/src/port/pg_strong_random.c b/src/port/pg_strong_random.c
index 6d85f50b7c..a99600613a 100644
--- a/src/port/pg_strong_random.c
+++ b/src/port/pg_strong_random.c
@@ -24,14 +24,14 @@
#include <unistd.h>
#include <sys/time.h>
-#ifdef USE_OPENSSL_RANDOM
+#ifdef USE_OPENSSL
#include <openssl/rand.h>
#endif
-#ifdef USE_WIN32_RANDOM
+#ifdef WIN32
#include <wincrypt.h>
#endif
-#ifdef USE_WIN32_RANDOM
+#ifdef WIN32
/*
* Cache a global crypto provider that only gets freed when the process
* exits, in case we need random numbers more than once.
@@ -39,7 +39,7 @@
static HCRYPTPROV hProvider = 0;
#endif
-#if defined(USE_DEV_URANDOM)
+#if !defined(WIN32) && !defined(USE_OPENSSL)
/*
* Read (random) bytes from a file.
*/
@@ -87,35 +87,18 @@ pg_strong_random_init(void)
{
#if defined(USE_OPENSSL)
/*
- * Make sure processes do not share OpenSSL randomness state. We need to
- * call this even if pg_strong_random is implemented using another source
- * for random numbers to ensure fork-safety in our TLS backend. This is no
+ * Make sure processes do not share OpenSSL randomness state. This is no
* longer required in OpenSSL 1.1.1 and later versions, but until we drop
* support for version < 1.1.1 we need to do this.
*/
RAND_poll();
-#endif
-#if defined(USE_OPENSSL_RANDOM)
- /*
- * In case the backend is using the PRNG from OpenSSL without being built
- * with support for OpenSSL, make sure to perform post-fork initialization.
- * If the backend is using OpenSSL then we have already performed this
- * step. The same version caveat as discussed in the comment above applies
- * here as well.
- */
-#ifndef USE_OPENSSL
- RAND_poll();
-#endif
-
-#elif defined(USE_WIN32_RANDOM)
+#elif WIN32
/* no initialization needed for WIN32 */
-#elif defined(USE_DEV_URANDOM)
+#else
/* no initialization needed for /dev/urandom */
-#else
-#error no source of random numbers configured
#endif
}
@@ -146,7 +129,7 @@ pg_strong_random(void *buf, size_t len)
/*
* When built with OpenSSL, use OpenSSL's RAND_bytes function.
*/
-#if defined(USE_OPENSSL_RANDOM)
+#if defined(USE_OPENSSL)
int i;
/*
@@ -178,7 +161,7 @@ pg_strong_random(void *buf, size_t len)
/*
* Windows has CryptoAPI for strong cryptographic numbers.
*/
-#elif defined(USE_WIN32_RANDOM)
+#elif WIN32
if (hProvider == 0)
{
if (!CryptAcquireContext(&hProvider,
@@ -205,13 +188,10 @@ pg_strong_random(void *buf, size_t len)
/*
* Read /dev/urandom ourselves.
*/
-#elif defined(USE_DEV_URANDOM)
+#else
if (random_from_file("/dev/urandom", buf, len))
return true;
return false;
-#else
- /* The autoconf script should not have allowed this */
-#error no source of random numbers configured
#endif
}
diff --git a/configure b/configure
index ace4ed5dec..100a98ebbb 100755
--- a/configure
+++ b/configure
@@ -18055,19 +18055,21 @@ $as_echo "#define USE_WIN32_SHARED_MEMORY 1" >>confdefs.h
SHMEM_IMPLEMENTATION="src/backend/port/win32_shmem.c"
fi
-# Select random number source
-#
-# You can override this logic by setting the appropriate USE_*RANDOM flag to 1
-# in the template or configure command line.
-
-# If not selected manually, try to select a source automatically.
-if test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
- if test x"$with_openssl" = x"yes" ; then
- USE_OPENSSL_RANDOM=1
- elif test "$PORTNAME" = "win32" ; then
- USE_WIN32_RANDOM=1
- else
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for /dev/urandom" >&5
+# Select random number source. If a TLS library is used then it will be the
+# first choice, else the native platform sources (Windows API or /dev/urandom)
+# will be used.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking which random number source to use" >&5
+$as_echo_n "checking which random number source to use... " >&6; }
+if test x"$with_openssl" = x"yes" ; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5
+$as_echo "OpenSSL" >&6; }
+elif test x"$PORTNAME" = x"win32" ; then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5
+$as_echo "Windows native" >&6; }
+else
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: /dev/urandom" >&5
+$as_echo "/dev/urandom" >&6; }
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for /dev/urandom" >&5
$as_echo_n "checking for /dev/urandom... " >&6; }
if ${ac_cv_file__dev_urandom+:} false; then :
$as_echo_n "(cached) " >&6
@@ -18087,36 +18089,11 @@ if test "x$ac_cv_file__dev_urandom" = xyes; then :
fi
- if test x"$ac_cv_file__dev_urandom" = x"yes" ; then
- USE_DEV_URANDOM=1
- fi
- fi
-fi
-
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking which random number source to use" >&5
-$as_echo_n "checking which random number source to use... " >&6; }
-if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
-
-$as_echo "#define USE_OPENSSL_RANDOM 1" >>confdefs.h
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5
-$as_echo "OpenSSL" >&6; }
-elif test x"$USE_WIN32_RANDOM" = x"1" ; then
-
-$as_echo "#define USE_WIN32_RANDOM 1" >>confdefs.h
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5
-$as_echo "Windows native" >&6; }
-elif test x"$USE_DEV_URANDOM" = x"1" ; then
-
-$as_echo "#define USE_DEV_URANDOM 1" >>confdefs.h
-
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: /dev/urandom" >&5
-$as_echo "/dev/urandom" >&6; }
-else
- as_fn_error $? "
+ if test x"$ac_cv_file__dev_urandom" = x"no" ; then
+ as_fn_error $? "
no source of strong random numbers was found
-PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers." "$LINENO" 5
+PostgreSQL can use OpenSSL, native Windows API or /dev/urandom as a source of random numbers." "$LINENO" 5
+ fi
fi
# If not set in template file, set bytes to use libc memset()
diff --git a/configure.ac b/configure.ac
index 5b91c83fd0..473ee779ea 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2152,40 +2152,23 @@ else
SHMEM_IMPLEMENTATION="src/backend/port/win32_shmem.c"
fi
-# Select random number source
-#
-# You can override this logic by setting the appropriate USE_*RANDOM flag to 1
-# in the template or configure command line.
-
-# If not selected manually, try to select a source automatically.
-if test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
- if test x"$with_openssl" = x"yes" ; then
- USE_OPENSSL_RANDOM=1
- elif test "$PORTNAME" = "win32" ; then
- USE_WIN32_RANDOM=1
- else
- AC_CHECK_FILE([/dev/urandom], [], [])
-
- if test x"$ac_cv_file__dev_urandom" = x"yes" ; then
- USE_DEV_URANDOM=1
- fi
- fi
-fi
-
+# Select random number source. If a TLS library is used then it will be the
+# first choice, else the native platform sources (Windows API or /dev/urandom)
+# will be used.
AC_MSG_CHECKING([which random number source to use])
-if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
- AC_DEFINE(USE_OPENSSL_RANDOM, 1, [Define to use OpenSSL for random number generation])
+if test x"$with_openssl" = x"yes" ; then
AC_MSG_RESULT([OpenSSL])
-elif test x"$USE_WIN32_RANDOM" = x"1" ; then
- AC_DEFINE(USE_WIN32_RANDOM, 1, [Define to use native Windows API for random number generation])
+elif test x"$PORTNAME" = x"win32" ; then
AC_MSG_RESULT([Windows native])
-elif test x"$USE_DEV_URANDOM" = x"1" ; then
- AC_DEFINE(USE_DEV_URANDOM, 1, [Define to use /dev/urandom for random number generation])
- AC_MSG_RESULT([/dev/urandom])
else
- AC_MSG_ERROR([
+ AC_MSG_RESULT([/dev/urandom])
+ AC_CHECK_FILE([/dev/urandom], [], [])
+
+ if test x"$ac_cv_file__dev_urandom" = x"no" ; then
+ AC_MSG_ERROR([
no source of strong random numbers was found
-PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers.])
+PostgreSQL can use OpenSSL, native Windows API or /dev/urandom as a source of random numbers.])
+ fi
fi
# If not set in template file, set bytes to use libc memset()
diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm
index 17e480546c..22d6abd367 100644
--- a/src/tools/msvc/Solution.pm
+++ b/src/tools/msvc/Solution.pm
@@ -475,7 +475,6 @@ sub GenerateFiles
USE_ASSERT_CHECKING => $self->{options}->{asserts} ? 1 : undef,
USE_BONJOUR => undef,
USE_BSD_AUTH => undef,
- USE_DEV_URANDOM => undef,
USE_ICU => $self->{options}->{icu} ? 1 : undef,
USE_LIBXML => undef,
USE_LIBXSLT => undef,
@@ -483,7 +482,6 @@ sub GenerateFiles
USE_LLVM => undef,
USE_NAMED_POSIX_SEMAPHORES => undef,
USE_OPENSSL => undef,
- USE_OPENSSL_RANDOM => undef,
USE_PAM => undef,
USE_SLICING_BY_8_CRC32C => undef,
USE_SSE42_CRC32C => undef,
@@ -492,7 +490,6 @@ sub GenerateFiles
USE_SYSV_SEMAPHORES => undef,
USE_SYSV_SHARED_MEMORY => undef,
USE_UNNAMED_POSIX_SEMAPHORES => undef,
- USE_WIN32_RANDOM => 1,
USE_WIN32_SEMAPHORES => 1,
USE_WIN32_SHARED_MEMORY => 1,
WCSTOMBS_L_IN_XLOCALE => undef,
--
2.29.2
signature.asc
Description: PGP signature
