Re: [DOCS] gen_random_uuid security not explicit in documentation

2017-07-03 Thread Heikki Linnakangas
On 06/23/2017 04:23 AM, Michael Paquier wrote: On Fri, Jun 23, 2017 at 3:02 AM, Heikki Linnakangas wrote: I'm inclined to change gen_random_uuid() to throw an error if the server is built with --disable-strong-random, like gen_random_bytes() does. That way, they would behave the same. No obje

Re: [DOCS] gen_random_uuid security not explicit in documentation

2017-06-29 Thread Heikki Linnakangas
On 30 June 2017 06:45:04 EEST, Noah Misch wrote: >This PostgreSQL 10 open item is past due for your status update. >Kindly send >a status update within 24 hours, and include a date for your subsequent >status >update. I'll fix this some time next week. (I'm on vacation right now) - Heikki

Re: [DOCS] gen_random_uuid security not explicit in documentation

2017-06-29 Thread Noah Misch
On Sun, Jun 25, 2017 at 09:26:28PM -0700, Noah Misch wrote: > On Fri, Jun 23, 2017 at 10:23:36AM +0900, Michael Paquier wrote: > > On Fri, Jun 23, 2017 at 3:02 AM, Heikki Linnakangas wrote: > > > I'm inclined to change gen_random_uuid() to throw an error if the server > > > is > > > built with --

Re: [DOCS] gen_random_uuid security not explicit in documentation

2017-06-25 Thread Noah Misch
On Fri, Jun 23, 2017 at 10:23:36AM +0900, Michael Paquier wrote: > On Fri, Jun 23, 2017 at 3:02 AM, Heikki Linnakangas wrote: > > I'm inclined to change gen_random_uuid() to throw an error if the server is > > built with --disable-strong-random, like gen_random_bytes() does. That way, > > they wou

Re: [DOCS] gen_random_uuid security not explicit in documentation

2017-06-22 Thread Michael Paquier
On Fri, Jun 23, 2017 at 3:02 AM, Heikki Linnakangas wrote: > I'm inclined to change gen_random_uuid() to throw an error if the server is > built with --disable-strong-random, like gen_random_bytes() does. That way, > they would behave the same. No objections to do that. I guess you don't need a p

Re: [DOCS] gen_random_uuid security not explicit in documentation

2017-06-22 Thread Heikki Linnakangas
On 01/03/2017 02:47 PM, Michael Paquier wrote: (Adding Heikki in CC who committed this code) On Mon, Jan 2, 2017 at 8:20 AM, wrote: The C source code of gen_random_uuid reads: /* * Generate random bits. pg_backend_random() will do here, we don't * promis UUIDs to be cryptographic

Re: [DOCS] gen_random_uuid security not explicit in documentation

2017-01-03 Thread Michael Paquier
(Adding Heikki in CC who committed this code) On Mon, Jan 2, 2017 at 8:20 AM, wrote: > The C source code of gen_random_uuid reads: > > /* > * Generate random bits. pg_backend_random() will do here, we don't > * promis UUIDs to be cryptographically random, when built with > * --di

[DOCS] gen_random_uuid security not explicit in documentation

2017-01-01 Thread rightfold
The following documentation comment has been logged on the website: Page: https://www.postgresql.org/docs/9.6/static/pgcrypto.html Description: Hello, The C source code of gen_random_uuid reads: /* * Generate random bits. pg_backend_random() will do here, we don't * promis UUIDs to