Replace PostmasterRandom() with a stronger way of generating randomness. This adds a new routine, pg_strong_random() for generating random bytes, for use in both frontend and backend. At the moment, it's only used in the backend, but the upcoming SCRAM authentication patches need strong random numbers in libpq as well.
pg_strong_random() is based on, and replaces, the existing implementation in pgcrypto. It can acquire strong random numbers from a number of sources, depending on what's available: - OpenSSL RAND_bytes(), if built with OpenSSL - On Windows, the native cryptographic functions are used - /dev/urandom - /dev/random Original patch by Magnus Hagander, with further work by Michael Paquier and me. Discussion: <cab7npqry3krn8qur9xujmvvhytxj0_60nqgvc6ouk8ygyvk...@mail.gmail.com> Branch ------ master Details ------- http://git.postgresql.org/pg/commitdiff/9e083fd4683294f41544e6d0d72f6e258ff3a77c Modified Files -------------- contrib/pgcrypto/Makefile | 2 +- contrib/pgcrypto/internal.c | 40 +++--- contrib/pgcrypto/random.c | 247 ------------------------------------ src/backend/libpq/auth.c | 27 +++- src/backend/postmaster/postmaster.c | 153 ++++++---------------- src/include/port.h | 3 + src/port/Makefile | 2 +- src/port/pg_strong_random.c | 148 +++++++++++++++++++++ src/tools/msvc/Mkvcbuild.pm | 6 +- 9 files changed, 244 insertions(+), 384 deletions(-) -- Sent via pgsql-committers mailing list (pgsql-committers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers