Re: [HACKERS] Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran

2016-10-18 Thread Michael Paquier
On Tue, Oct 18, 2016 at 12:34 PM, Tom Lane wrote: > Michael Paquier writes: >> And actually, enabling prngd would need to be controlled by a >> configure switch as well disabled by default, no? > > AFAICT, openssl has no configuration options

Re: [HACKERS] Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran

2016-10-17 Thread Tom Lane
Michael Paquier writes: > And actually, enabling prngd would need to be controlled by a > configure switch as well disabled by default, no? AFAICT, openssl has no configuration options related to prngd; they seem to be able to use it automatically when /dev/[u]random

Re: [HACKERS] Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran

2016-10-17 Thread Michael Paquier
On Tue, Oct 18, 2016 at 5:35 AM, Tom Lane wrote: > If we want it to fail, and don't want to retire pademelon, there are > multiple ways we could get to that goal: > > * Enable --with-openssl in pademelon's build (don't really want to do > this, since I believe almost all the

Re: [HACKERS] Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran

2016-10-17 Thread Tom Lane
Robert Haas writes: > On Mon, Oct 17, 2016 at 1:48 PM, Heikki Linnakangas wrote: >> I'm going to try implementing prngd support. It seems easy enough, and prngd >> can be run on modern systems too, which is important for testing it. > TBH, if pandemolon

Re: [HACKERS] Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran

2016-10-17 Thread Robert Haas
On Mon, Oct 17, 2016 at 1:48 PM, Heikki Linnakangas wrote: > I'm going to try implementing prngd support. It seems easy enough, and prngd > can be run on modern systems too, which is important for testing it. TBH, if pandemolon is the only system in the BF that doesn't have any

Re: [HACKERS] Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran

2016-10-17 Thread Robert Haas
On Mon, Oct 17, 2016 at 2:14 PM, Tom Lane wrote: > But in general, I think that being this picky about cancel keys on systems > that are too old to have /dev/random is not really helpful to anybody. > I don't recall any reports of anyone ever having a DOS situation from > weak

Re: [HACKERS] Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran

2016-10-17 Thread Tom Lane
Heikki Linnakangas writes: > I'm going to try implementing prngd support. It seems easy enough, and > prngd can be run on modern systems too, which is important for testing it. OK, if you feel like doing the work. However: > In addition to that, I'm going to see if we can

[HACKERS] Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran

2016-10-17 Thread Heikki Linnakangas
On 10/17/2016 06:21 PM, Tom Lane wrote: Heikki Linnakangas writes: On 10/17/2016 05:50 PM, Tom Lane wrote: The real issue here is whether we are willing to say that Postgres simply does not work anymore on machines without standard entropy sources. Doesn't matter whether the

Re: [HACKERS] Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran

2016-10-17 Thread Stephen Frost
* Heikki Linnakangas (hlinn...@iki.fi) wrote: > On 10/17/2016 05:50 PM, Tom Lane wrote: > >Heikki Linnakangas writes: > >>Replace PostmasterRandom() with a stronger way of generating randomness. > > > >This patch broke padmeleon: > > > >016-10-17 09:57:17.782 EDT

[HACKERS] Re: [COMMITTERS] pgsql: Replace PostmasterRandom() with a stronger way of generating ran

2016-10-17 Thread Heikki Linnakangas
On 10/17/2016 05:50 PM, Tom Lane wrote: Heikki Linnakangas writes: Replace PostmasterRandom() with a stronger way of generating randomness. This patch broke padmeleon: 016-10-17 09:57:17.782 EDT [5804d8bd.57c2:1] LOG: database system was shut down at 2016-10-17