Re: pgcrypto seeding problem when ssl=on

From: Noah Misch <noah(at)leadboat(dot)com>
To: Marko Kreen <markokr(at)gmail(dot)com>
Cc: Postgres Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: pgcrypto seeding problem when ssl=on
Date: 2012-12-21 20:27:37
Message-ID: 20121221202737.GB18583@tornado.leadboat.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

This should have gone to security(at)postgresql(dot)org, instead.

On Fri, Dec 21, 2012 at 06:05:10PM +0200, Marko Kreen wrote:
> When there is 'ssl=on' then postmaster calls SSL_CTX_new(),
> which asks for random number, thus requiring initialization
> of randomness pool (RAND_poll). After that all forked backends
> think pool is already initialized. Thus they proceed with same
> fixed state they got from postmaster.

> Attached patch makes both gen_random_bytes() and pgp_encrypt()
> seed pool with output from gettimeofday(), thus getting pool
> off from fixed state. Basically, this mirrors what SSL_accept()
> already does.

That adds only 10-20 bits of entropy. Is that enough?

How about instead calling RAND_cleanup() after each backend fork?

Thanks,
nm

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Andres Freund 2012-12-21 20:37:42 Re: Patch für MAP_HUGETLB for mmap() shared memory
Previous Message Joshua D. Drake 2012-12-21 20:17:45 Re: Feature Request: pg_replication_master()