| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Move OpenSSL random under USE_OPENSSL_RANDOM |
| Date: | 2020-11-05 12:18:15 |
| Message-ID: | 7001EB35-BF76-4DEA-A7AB-CA94BCAA64E3@yesql.se |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 5 Nov 2020, at 13:12, Michael Paquier <michael(at)paquier(dot)xyz> wrote:
>
> On Thu, Nov 05, 2020 at 10:49:45AM +0100, Daniel Gustafsson wrote:
>> This must check for USE_OPENSSL as well as per my original patch, since we'd
>> otherwise fail to perform post-fork initialization in case one use OpenSSL with
>> anothe PRNG for pg_strong_random. That might be theoretical at this point, but
>> if we ever support that and miss updating this it would be problematic.
>
> That's actually the same point I tried to make at the end of my last
> email, but worded differently, isn't it?
Ah, ok, then I failed to parse it that way. At least we are in agreement then
which is good.
> In short we have
> USE_OPENSSL, but !USE_OPENSSL_RANDOM and we still need an
> initialization. We could just do something like the following:
> #ifdef USE_OPENSSL
> RAND_poll();
> #endif
> #if defined(USE_OPENSSL_RANDOM)
> /* OpenSSL is done above, because blah.. */
> #elif etc..
> [...]
> #error missing an init, pal.
> #endif
>
> Or do you jave something else in mind?
What about the (hypothetical) situation where USE_OPENSSL_RANDOM is used
without USE_OPENSSL? Wouldn't the below make sure we cover all bases?
#if defined(USE_OPENSSL) || defined(USE_OPENSSL_RANDOM)
cheers ./daniel
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2020-11-05 12:27:21 | redundant error messages |
| Previous Message | Michael Paquier | 2020-11-05 12:12:53 | Re: Move OpenSSL random under USE_OPENSSL_RANDOM |