On Sun, Nov 15, 2020 at 12:16:56PM -0500, Tom Lane wrote: > The obvious problem with this is that if !USE_OPENSSL, we will not have > pulled in openssl's headers.
FWIW, I argued upthread against including this part because it is useless: if not building with OpenSSL, we'll never have the base to be able to use RAND_poll(). > However ... all these machines are pointing at line 96, which is not > that one but the one under "#if defined(USE_OPENSSL)". So I'm not sure > what to make of that, except that a bit more finesse seems required. The build scripts of src/tools/msvc/ choose to not use OpenSSL as strong random source even if building with OpenSSL. The top of the file only includes openssl/rand.h if using USE_OPENSSL_RANDOM. Thinking about that afresh, I think that we got that wrong here on three points: - If attempting to use OpenSSL on Windows, let's just bite the bullet and use OpenSSL as random source, using Windows as source only when not building with OpenSSL. - Instead of using a call to RAND_poll() that we know will never work, let's just issue a compilation failure if attempting to use USE_OPENSSL_RANDOM without USE_OPENSSL. - rand.h needs to be included under USE_OPENSSL. -- Michael
diff --git a/src/port/pg_strong_random.c b/src/port/pg_strong_random.c
index 6d85f50b7c..c5dfe4b072 100644
--- a/src/port/pg_strong_random.c
+++ b/src/port/pg_strong_random.c
@@ -24,7 +24,7 @@
#include <unistd.h>
#include <sys/time.h>
-#ifdef USE_OPENSSL_RANDOM
+#ifdef USE_OPENSSL
#include <openssl/rand.h>
#endif
#ifdef USE_WIN32_RANDOM
@@ -98,14 +98,11 @@ pg_strong_random_init(void)
#if defined(USE_OPENSSL_RANDOM)
/*
- * In case the backend is using the PRNG from OpenSSL without being built
- * with support for OpenSSL, make sure to perform post-fork initialization.
- * If the backend is using OpenSSL then we have already performed this
- * step. The same version caveat as discussed in the comment above applies
- * here as well.
+ * If attempting to use OpenSSL as random source without support for it,
+ * consider this combination as invalid.
*/
#ifndef USE_OPENSSL
- RAND_poll();
+#error cannot use OpenSSL as random source without building with it.
#endif
#elif defined(USE_WIN32_RANDOM)
diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm
index 17e480546c..cb01902ae9 100644
--- a/src/tools/msvc/Solution.pm
+++ b/src/tools/msvc/Solution.pm
@@ -525,6 +525,7 @@ sub GenerateFiles
if ($self->{options}->{openssl})
{
$define{USE_OPENSSL} = 1;
+ $define{USE_OPENSSL_RANDOM} = 1;
my ($digit1, $digit2, $digit3) = $self->GetOpenSSLVersion();
signature.asc
Description: PGP signature
