Re: Removing --disable-strong-random from the code
On Mon, Dec 31, 2018 at 10:20:28AM +0900, Michael Paquier wrote: > I am attaching an updated patch. I'll do an extra pass on it in the > next couple of days and commit if there is nothing. The diff stats > are nice: > 32 files changed, 60 insertions(+), 1181 deletions(-) And committed. -- Michael signature.asc Description: PGP signature
Re: Removing --disable-strong-random from the code
On Mon, Dec 31, 2018 at 10:20:28AM +0900, Michael Paquier wrote:
> On Sun, Dec 30, 2018 at 11:47:03AM -0500, Tom Lane wrote:
>> Not the fault of this patch, but surely this bit in pgcrypto's
>> pad_eme_pkcs1_v15()
>>
>> if (!pg_strong_random((char *) p, 1))
>> {
>> px_memset(buf, 0, res_len);
>> px_free(buf);
>> break;
>> }
>>
>> is insane, because the "break" makes it fall into code that will continue
>> to scribble on "buf". I think the "break" needs to be "return
>> PXE_NO_RANDOM", and probably we'd better back-patch that as a bug fix.
>> (I'm also failing to see the point of that px_memset before freeing the
>> buffer --- at this point, it contains no sensitive data, surely.)
>
> Good catch. As far as I understand this code, the message is not
> included yet and random bytes are just added to avoid having 0 in the
> padding. So I agree that the memset is not really meaningful to
> have on the whole buffer. I can take care of that as well, and of
> course you get the credits. If you want to commit and back-patch the
> fix yourself, please feel free to do so.
I have fixed this one and back-patched down to 10. In what has been
committed I have kept the memset which is a logic present since
e94dd6a back from 2005. On my second lookup, the logic is correct
without it, still it felt safer to keep it.
--
Michael
signature.asc
Description: PGP signature
Re: Removing --disable-strong-random from the code
On Sun, Dec 30, 2018 at 11:47:03AM -0500, Tom Lane wrote:
> Michael Paquier writes:
> > And attached is an updated patch with all those fixes included. Any
> > thoughts or opinions?
>
> contrib/pgcrypto has some variant expected-files for the no-strong-random
> case that could be removed now.
>
> BackendRandomLock should be removed, too.
Done and done.
> Since pg_strong_random is declared to take "void *", the places that
> cast arguments to "char *" could be simplified. (I guess that's a
> hangover from the rather random decision to make pg_backend_random
> take char *?)
Done.
> The wording for pgcrypto's PXE_NO_RANDOM error,
>
> {PXE_NO_RANDOM, "No strong random source"},
>
> perhaps needs to be changed --- maybe "Failed to generate strong
> random bits"?
Okay, changed this way. I looked previously at that description but
let it as-is.
> Not the fault of this patch, but surely this bit in pgcrypto's
> pad_eme_pkcs1_v15()
>
> if (!pg_strong_random((char *) p, 1))
> {
> px_memset(buf, 0, res_len);
> px_free(buf);
> break;
> }
>
> is insane, because the "break" makes it fall into code that will continue
> to scribble on "buf". I think the "break" needs to be "return
> PXE_NO_RANDOM", and probably we'd better back-patch that as a bug fix.
> (I'm also failing to see the point of that px_memset before freeing the
> buffer --- at this point, it contains no sensitive data, surely.)
Good catch. As far as I understand this code, the message is not
included yet and random bytes are just added to avoid having 0 in the
padding. So I agree that the memset is not really meaningful to
have on the whole buffer. I can take care of that as well, and of
course you get the credits. If you want to commit and back-patch the
fix yourself, please feel free to do so.
I am attaching an updated patch. I'll do an extra pass on it in the
next couple of days and commit if there is nothing. The diff stats
are nice:
32 files changed, 60 insertions(+), 1181 deletions(-)
Thanks a lot for the reviews!
--
Michael
diff --git a/configure b/configure
index ea40f5f03d..1e2238e3f5 100755
--- a/configure
+++ b/configure
@@ -761,7 +761,6 @@ GENHTML
LCOV
GCOV
enable_debug
-enable_strong_random
enable_rpath
default_port
WANTED_LANGUAGES
@@ -829,7 +828,6 @@ with_pgport
enable_rpath
enable_spinlocks
enable_atomics
-enable_strong_random
enable_debug
enable_profiling
enable_coverage
@@ -1512,7 +1510,6 @@ Optional Features:
executables
--disable-spinlocks do not use spinlocks
--disable-atomics do not use atomic operations
- --disable-strong-random do not use a strong random number source
--enable-debug build with debugging symbols (-g)
--enable-profiling build with profiling enabled
--enable-coverage build with coverage testing instrumentation
@@ -3272,34 +3269,6 @@ fi
-#
-# Random number generation
-#
-
-
-# Check whether --enable-strong-random was given.
-if test "${enable_strong_random+set}" = set; then :
- enableval=$enable_strong_random;
- case $enableval in
-yes)
- :
- ;;
-no)
- :
- ;;
-*)
- as_fn_error $? "no argument expected for --enable-strong-random option" "$LINENO" 5
- ;;
- esac
-
-else
- enable_strong_random=yes
-
-fi
-
-
-
-
#
# --enable-debug adds -g to compiler flags
#
@@ -17937,7 +17906,7 @@ fi
# in the template or configure command line.
# If not selected manually, try to select a source automatically.
-if test "$enable_strong_random" = "yes" && test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
+if test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
if test x"$with_openssl" = x"yes" ; then
USE_OPENSSL_RANDOM=1
elif test "$PORTNAME" = "win32" ; then
@@ -17971,42 +17940,29 @@ fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking which random number source to use" >&5
$as_echo_n "checking which random number source to use... " >&6; }
-if test "$enable_strong_random" = yes ; then
- if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
+if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
$as_echo "#define USE_OPENSSL_RANDOM 1" >>confdefs.h
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5
$as_echo "OpenSSL" >&6; }
- elif test x"$USE_WIN32_RANDOM" = x"1" ; then
+elif test x"$USE_WIN32_RANDOM" = x"1" ; then
$as_echo "#define USE_WIN32_RANDOM 1" >>confdefs.h
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5
$as_echo "Windows native" >&6; }
- elif test x"$USE_DEV_URANDOM" = x"1" ; then
+elif test x"$USE_DEV_URANDOM" = x"1" ; then
$as_echo "#define USE_DEV_URANDOM 1" >>confdefs.h
-
Re: Removing --disable-strong-random from the code
On Sun, Dec 30, 2018 at 11:56:48AM -0500, Tom Lane wrote: > Oh, one more thought: the removal of the --disable-strong-random > documentation stanza means there's no explanation of what to do > to build on platforms without /dev/urandom. Perhaps something > like this in installation.sgml: > > > - You need OpenSSL, if you want to support > - encrypted client connections. The minimum required version is > - 0.9.8. > + You need OpenSSL if you want to support > + encrypted client connections. OpenSSL > + is also required for random number generation on platforms that > + do not have /dev/urandom (except Windows). > + The minimum required version is 0.9.8. > Okay, I have included something among those lines. -- Michael signature.asc Description: PGP signature
Re: Removing --disable-strong-random from the code
I wrote: > LGTM otherwise. Oh, one more thought: the removal of the --disable-strong-random documentation stanza means there's no explanation of what to do to build on platforms without /dev/urandom. Perhaps something like this in installation.sgml: - You need OpenSSL, if you want to support - encrypted client connections. The minimum required version is - 0.9.8. + You need OpenSSL if you want to support + encrypted client connections. OpenSSL + is also required for random number generation on platforms that + do not have /dev/urandom (except Windows). + The minimum required version is 0.9.8. regards, tom lane
Re: Removing --disable-strong-random from the code
Michael Paquier writes:
> And attached is an updated patch with all those fixes included. Any
> thoughts or opinions?
contrib/pgcrypto has some variant expected-files for the no-strong-random
case that could be removed now.
BackendRandomLock should be removed, too.
Since pg_strong_random is declared to take "void *", the places that
cast arguments to "char *" could be simplified. (I guess that's a
hangover from the rather random decision to make pg_backend_random
take char *?)
The wording for pgcrypto's PXE_NO_RANDOM error,
{PXE_NO_RANDOM, "No strong random source"},
perhaps needs to be changed --- maybe "Failed to generate strong random bits"?
Not the fault of this patch, but surely this bit in pgcrypto's
pad_eme_pkcs1_v15()
if (!pg_strong_random((char *) p, 1))
{
px_memset(buf, 0, res_len);
px_free(buf);
break;
}
is insane, because the "break" makes it fall into code that will continue
to scribble on "buf". I think the "break" needs to be "return
PXE_NO_RANDOM", and probably we'd better back-patch that as a bug fix.
(I'm also failing to see the point of that px_memset before freeing the
buffer --- at this point, it contains no sensitive data, surely.)
LGTM otherwise.
regards, tom lane
Re: Removing --disable-strong-random from the code
On Sun, Dec 30, 2018 at 04:15:49PM +0900, Michael Paquier wrote:
> On Sun, Dec 30, 2018 at 01:45:42AM -0500, Tom Lane wrote:
>> Hah, I was just about to work on that myself --- glad I didn't get
>> to it quite yet. A couple of thoughts:
>>
>> 1. Surely there's documentation about --disable-strong-random
>> to clean up too?
>
> Oops, I forgot to grep on this one. Removed from my tree.
>
>> 2. I wonder whether it's worth adding this to port.h:
>>
>> extern bool pg_strong_random(void *buf, size_t len);
>> +/* pg_backend_random used to be a wrapper for pg_strong_random */
>> +#define pg_backend_random pg_strong_random
>>
>> to prevent unnecessary breakage in extensions that might be depending
>> on pg_backend_random.
>
> Sure, that makes sense. Added.
>
>> 3. Didn't look, but the MSVC build code might need a tweak too
>> now that pg_strong_random.o is built-always rather than conditional?
>
> There is nothing needed here as pg_strong_random.c has always been
> included into @pgportfiles as we assumed that Windows would always
> have a random source.
And attached is an updated patch with all those fixes included. Any
thoughts or opinions?
--
Michael
diff --git a/configure b/configure
index ea40f5f03d..1e2238e3f5 100755
--- a/configure
+++ b/configure
@@ -761,7 +761,6 @@ GENHTML
LCOV
GCOV
enable_debug
-enable_strong_random
enable_rpath
default_port
WANTED_LANGUAGES
@@ -829,7 +828,6 @@ with_pgport
enable_rpath
enable_spinlocks
enable_atomics
-enable_strong_random
enable_debug
enable_profiling
enable_coverage
@@ -1512,7 +1510,6 @@ Optional Features:
executables
--disable-spinlocks do not use spinlocks
--disable-atomics do not use atomic operations
- --disable-strong-random do not use a strong random number source
--enable-debug build with debugging symbols (-g)
--enable-profiling build with profiling enabled
--enable-coverage build with coverage testing instrumentation
@@ -3272,34 +3269,6 @@ fi
-#
-# Random number generation
-#
-
-
-# Check whether --enable-strong-random was given.
-if test "${enable_strong_random+set}" = set; then :
- enableval=$enable_strong_random;
- case $enableval in
-yes)
- :
- ;;
-no)
- :
- ;;
-*)
- as_fn_error $? "no argument expected for --enable-strong-random option" "$LINENO" 5
- ;;
- esac
-
-else
- enable_strong_random=yes
-
-fi
-
-
-
-
#
# --enable-debug adds -g to compiler flags
#
@@ -17937,7 +17906,7 @@ fi
# in the template or configure command line.
# If not selected manually, try to select a source automatically.
-if test "$enable_strong_random" = "yes" && test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
+if test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
if test x"$with_openssl" = x"yes" ; then
USE_OPENSSL_RANDOM=1
elif test "$PORTNAME" = "win32" ; then
@@ -17971,42 +17940,29 @@ fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking which random number source to use" >&5
$as_echo_n "checking which random number source to use... " >&6; }
-if test "$enable_strong_random" = yes ; then
- if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
+if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
$as_echo "#define USE_OPENSSL_RANDOM 1" >>confdefs.h
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5
$as_echo "OpenSSL" >&6; }
- elif test x"$USE_WIN32_RANDOM" = x"1" ; then
+elif test x"$USE_WIN32_RANDOM" = x"1" ; then
$as_echo "#define USE_WIN32_RANDOM 1" >>confdefs.h
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5
$as_echo "Windows native" >&6; }
- elif test x"$USE_DEV_URANDOM" = x"1" ; then
+elif test x"$USE_DEV_URANDOM" = x"1" ; then
$as_echo "#define USE_DEV_URANDOM 1" >>confdefs.h
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: /dev/urandom" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: /dev/urandom" >&5
$as_echo "/dev/urandom" >&6; }
- else
-as_fn_error $? "
+else
+ as_fn_error $? "
no source of strong random numbers was found
PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers,
-for authentication protocols. You can use --disable-strong-random to use a
-built-in pseudo random number generator, but that may be insecure." "$LINENO" 5
- fi
-
-$as_echo "#define HAVE_STRONG_RANDOM 1" >>confdefs.h
-
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: weak builtin PRNG" >&5
-$as_echo "weak builtin PRNG" >&6; }
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING:
-*** Not using a strong random number source may be insecure." >&5
-$as_echo "$as_me: WARNING:
-*** Not using a strong random number source may be insecure." >&2;}
+for authentication protocols." "$LINENO"
Re: Removing --disable-strong-random from the code
On Sun, Dec 30, 2018 at 01:45:42AM -0500, Tom Lane wrote: > Hah, I was just about to work on that myself --- glad I didn't get > to it quite yet. A couple of thoughts: > > 1. Surely there's documentation about --disable-strong-random > to clean up too? Oops, I forgot to grep on this one. Removed from my tree. > 2. I wonder whether it's worth adding this to port.h: > > extern bool pg_strong_random(void *buf, size_t len); > +/* pg_backend_random used to be a wrapper for pg_strong_random */ > +#define pg_backend_random pg_strong_random > > to prevent unnecessary breakage in extensions that might be depending > on pg_backend_random. Sure, that makes sense. Added. > 3. Didn't look, but the MSVC build code might need a tweak too > now that pg_strong_random.o is built-always rather than conditional? There is nothing needed here as pg_strong_random.c has always been included into @pgportfiles as we assumed that Windows would always have a random source. -- Michael signature.asc Description: PGP signature
Re: Removing --disable-strong-random from the code
Michael Paquier writes: > Attached is a patch to clean up the code, which removes all the code > specific to random generation for backends (no more shmem code paths > and such), as well as the pg_frontend_random() and > pg_backend_random(). Thoughts or opinions? Hah, I was just about to work on that myself --- glad I didn't get to it quite yet. A couple of thoughts: 1. Surely there's documentation about --disable-strong-random to clean up too? 2. I wonder whether it's worth adding this to port.h: extern bool pg_strong_random(void *buf, size_t len); +/* pg_backend_random used to be a wrapper for pg_strong_random */ +#define pg_backend_random pg_strong_random to prevent unnecessary breakage in extensions that might be depending on pg_backend_random. 3. Didn't look, but the MSVC build code might need a tweak too now that pg_strong_random.o is built-always rather than conditional? regards, tom lane
Removing --disable-strong-random from the code
Hi all
As mentioned here, there has been a discussion about $subject and the
fact that it may be rather useless:
https://www.postgresql.org/message-id/21150.1546010...@sss.pgh.pa.us
--disable-strong-random is also untested in the buildfarm.
Attached is a patch to clean up the code, which removes all the code
specific to random generation for backends (no more shmem code paths
and such), as well as the pg_frontend_random() and
pg_backend_random(). Thoughts or opinions?
Thanks,
--
Michael
diff --git a/configure b/configure
index ea40f5f03d..dc65f78019 100755
--- a/configure
+++ b/configure
@@ -761,7 +761,6 @@ GENHTML
LCOV
GCOV
enable_debug
-enable_strong_random
enable_rpath
default_port
WANTED_LANGUAGES
@@ -829,7 +828,6 @@ with_pgport
enable_rpath
enable_spinlocks
enable_atomics
-enable_strong_random
enable_debug
enable_profiling
enable_coverage
@@ -1512,7 +1510,6 @@ Optional Features:
executables
--disable-spinlocks do not use spinlocks
--disable-atomics do not use atomic operations
- --disable-strong-random do not use a strong random number source
--enable-debug build with debugging symbols (-g)
--enable-profiling build with profiling enabled
--enable-coverage build with coverage testing instrumentation
@@ -3272,34 +3269,6 @@ fi
-#
-# Random number generation
-#
-
-
-# Check whether --enable-strong-random was given.
-if test "${enable_strong_random+set}" = set; then :
- enableval=$enable_strong_random;
- case $enableval in
-yes)
- :
- ;;
-no)
- :
- ;;
-*)
- as_fn_error $? "no argument expected for --enable-strong-random option" "$LINENO" 5
- ;;
- esac
-
-else
- enable_strong_random=yes
-
-fi
-
-
-
-
#
# --enable-debug adds -g to compiler flags
#
@@ -17937,7 +17906,7 @@ fi
# in the template or configure command line.
# If not selected manually, try to select a source automatically.
-if test "$enable_strong_random" = "yes" && test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
+if test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then
if test x"$with_openssl" = x"yes" ; then
USE_OPENSSL_RANDOM=1
elif test "$PORTNAME" = "win32" ; then
@@ -17971,42 +17940,30 @@ fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking which random number source to use" >&5
$as_echo_n "checking which random number source to use... " >&6; }
-if test "$enable_strong_random" = yes ; then
- if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
+if test x"$USE_OPENSSL_RANDOM" = x"1" ; then
$as_echo "#define USE_OPENSSL_RANDOM 1" >>confdefs.h
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5
$as_echo "OpenSSL" >&6; }
- elif test x"$USE_WIN32_RANDOM" = x"1" ; then
+elif test x"$USE_WIN32_RANDOM" = x"1" ; then
$as_echo "#define USE_WIN32_RANDOM 1" >>confdefs.h
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5
$as_echo "Windows native" >&6; }
- elif test x"$USE_DEV_URANDOM" = x"1" ; then
+elif test x"$USE_DEV_URANDOM" = x"1" ; then
$as_echo "#define USE_DEV_URANDOM 1" >>confdefs.h
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: /dev/urandom" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: /dev/urandom" >&5
$as_echo "/dev/urandom" >&6; }
- else
-as_fn_error $? "
+else
+ as_fn_error $? "
no source of strong random numbers was found
PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers,
for authentication protocols. You can use --disable-strong-random to use a
built-in pseudo random number generator, but that may be insecure." "$LINENO" 5
- fi
-
-$as_echo "#define HAVE_STRONG_RANDOM 1" >>confdefs.h
-
-else
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: weak builtin PRNG" >&5
-$as_echo "weak builtin PRNG" >&6; }
-{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING:
-*** Not using a strong random number source may be insecure." >&5
-$as_echo "$as_me: WARNING:
-*** Not using a strong random number source may be insecure." >&2;}
fi
# If not set in template file, set bytes to use libc memset()
diff --git a/configure.in b/configure.in
index 89a0fb2470..2120669161 100644
--- a/configure.in
+++ b/configure.in
@@ -193,13 +193,6 @@ PGAC_ARG_BOOL(enable, spinlocks, yes,
PGAC_ARG_BOOL(enable, atomics, yes,
[do not use atomic operations])
-#
-# Random number generation
-#
-PGAC_ARG_BOOL(enable, strong-random, yes,
- [do not use a strong random number source])
-AC_SUBST(enable_strong_random)
-
#
# --enable-debug adds -g to compiler flags
#
@@ -2151,7 +2144,7 @@ fi
# in the template or configure command line.
# If not selected manually, try to select a source automatically.
-if test "$enable_strong_random" =
