From 001bdb315118a574aaab852f2931545671d2f61f Mon Sep 17 00:00:00 2001 From: Daniel Gustafsson Date: Tue, 17 Nov 2020 18:20:21 +0100 Subject: [PATCH] Remove ability to choose randomness source There existed a possibility to mix and match the randomness source with the TLS library via USE_*RANDOM defines when running configure. This had little benefit in practice, and required complicated logic in the strong_random code. This removes the ability to choose in favor of always using the TLS library as a source of randomness iff PostgreSQL is built with TLS, else the native platform source. --- configure | 62 +++++++++++++------------------------ configure.ac | 41 ++++++++---------------- src/include/pg_config.h.in | 3 -- src/port/pg_strong_random.c | 21 ++----------- src/tools/msvc/Solution.pm | 1 - 5 files changed, 37 insertions(+), 91 deletions(-) diff --git a/configure b/configure index ace4ed5dec..8ba0f36b5b 100755 --- a/configure +++ b/configure @@ -18055,19 +18055,22 @@ $as_echo "#define USE_WIN32_SHARED_MEMORY 1" >>confdefs.h SHMEM_IMPLEMENTATION="src/backend/port/win32_shmem.c" fi -# Select random number source -# -# You can override this logic by setting the appropriate USE_*RANDOM flag to 1 -# in the template or configure command line. +# Select random number source. If a TLS library is used then it will be the +# first choice, else the native platform sources (Windows API or /dev/urandom) +# will be used. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking which random number source to use" >&5 +$as_echo_n "checking which random number source to use... " >&6; } +if test x"$with_openssl" = x"yes" ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5 +$as_echo "OpenSSL" >&6; } +elif test x"$PORTANME" = x"win32" ; then -# If not selected manually, try to select a source automatically. -if test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then - if test x"$with_openssl" = x"yes" ; then - USE_OPENSSL_RANDOM=1 - elif test "$PORTNAME" = "win32" ; then - USE_WIN32_RANDOM=1 - else - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for /dev/urandom" >&5 +$as_echo "#define USE_WIN32_RANDOM 1" >>confdefs.h + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5 +$as_echo "Windows native" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for /dev/urandom" >&5 $as_echo_n "checking for /dev/urandom... " >&6; } if ${ac_cv_file__dev_urandom+:} false; then : $as_echo_n "(cached) " >&6 @@ -18087,36 +18090,13 @@ if test "x$ac_cv_file__dev_urandom" = xyes; then : fi - if test x"$ac_cv_file__dev_urandom" = x"yes" ; then - USE_DEV_URANDOM=1 - fi - fi -fi - -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking which random number source to use" >&5 -$as_echo_n "checking which random number source to use... " >&6; } -if test x"$USE_OPENSSL_RANDOM" = x"1" ; then - -$as_echo "#define USE_OPENSSL_RANDOM 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: OpenSSL" >&5 -$as_echo "OpenSSL" >&6; } -elif test x"$USE_WIN32_RANDOM" = x"1" ; then - -$as_echo "#define USE_WIN32_RANDOM 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: Windows native" >&5 -$as_echo "Windows native" >&6; } -elif test x"$USE_DEV_URANDOM" = x"1" ; then - -$as_echo "#define USE_DEV_URANDOM 1" >>confdefs.h - - { $as_echo "$as_me:${as_lineno-$LINENO}: result: /dev/urandom" >&5 -$as_echo "/dev/urandom" >&6; } -else - as_fn_error $? " + if test x"$ac_cv_file__dev_urandom" = x"yes" ; then + USE_DEV_URANDOM=1 + else + as_fn_error $? " no source of strong random numbers was found -PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers." "$LINENO" 5 +PostgreSQL can use OpenSSL, native Windows API or /dev/urandom as a source of random numbers." "$LINENO" 5 + fi fi # If not set in template file, set bytes to use libc memset() diff --git a/configure.ac b/configure.ac index 5b91c83fd0..43f5863871 100644 --- a/configure.ac +++ b/configure.ac @@ -2152,40 +2152,25 @@ else SHMEM_IMPLEMENTATION="src/backend/port/win32_shmem.c" fi -# Select random number source -# -# You can override this logic by setting the appropriate USE_*RANDOM flag to 1 -# in the template or configure command line. - -# If not selected manually, try to select a source automatically. -if test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then - if test x"$with_openssl" = x"yes" ; then - USE_OPENSSL_RANDOM=1 - elif test "$PORTNAME" = "win32" ; then - USE_WIN32_RANDOM=1 - else - AC_CHECK_FILE([/dev/urandom], [], []) - - if test x"$ac_cv_file__dev_urandom" = x"yes" ; then - USE_DEV_URANDOM=1 - fi - fi -fi - +# Select random number source. If a TLS library is used then it will be the +# first choice, else the native platform sources (Windows API or /dev/urandom) +# will be used. AC_MSG_CHECKING([which random number source to use]) -if test x"$USE_OPENSSL_RANDOM" = x"1" ; then - AC_DEFINE(USE_OPENSSL_RANDOM, 1, [Define to use OpenSSL for random number generation]) +if test x"$with_openssl" = x"yes" ; then AC_MSG_RESULT([OpenSSL]) -elif test x"$USE_WIN32_RANDOM" = x"1" ; then +elif test x"$PORTANME" = x"win32" ; then AC_DEFINE(USE_WIN32_RANDOM, 1, [Define to use native Windows API for random number generation]) AC_MSG_RESULT([Windows native]) -elif test x"$USE_DEV_URANDOM" = x"1" ; then - AC_DEFINE(USE_DEV_URANDOM, 1, [Define to use /dev/urandom for random number generation]) - AC_MSG_RESULT([/dev/urandom]) else - AC_MSG_ERROR([ + AC_CHECK_FILE([/dev/urandom], [], []) + + if test x"$ac_cv_file__dev_urandom" = x"yes" ; then + USE_DEV_URANDOM=1 + else + AC_MSG_ERROR([ no source of strong random numbers was found -PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers.]) +PostgreSQL can use OpenSSL, native Windows API or /dev/urandom as a source of random numbers.]) + fi fi # If not set in template file, set bytes to use libc memset() diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in index fb270df678..74771910f9 100644 --- a/src/include/pg_config.h.in +++ b/src/include/pg_config.h.in @@ -887,9 +887,6 @@ /* Define to build with OpenSSL support. (--with-openssl) */ #undef USE_OPENSSL -/* Define to use OpenSSL for random number generation */ -#undef USE_OPENSSL_RANDOM - /* Define to 1 to build with PAM support. (--with-pam) */ #undef USE_PAM diff --git a/src/port/pg_strong_random.c b/src/port/pg_strong_random.c index 6d85f50b7c..8bf7e1e36c 100644 --- a/src/port/pg_strong_random.c +++ b/src/port/pg_strong_random.c @@ -24,7 +24,7 @@ #include #include -#ifdef USE_OPENSSL_RANDOM +#ifdef USE_OPENSSL #include #endif #ifdef USE_WIN32_RANDOM @@ -87,26 +87,11 @@ pg_strong_random_init(void) { #if defined(USE_OPENSSL) /* - * Make sure processes do not share OpenSSL randomness state. We need to - * call this even if pg_strong_random is implemented using another source - * for random numbers to ensure fork-safety in our TLS backend. This is no + * Make sure processes do not share OpenSSL randomness state. This is no * longer required in OpenSSL 1.1.1 and later versions, but until we drop * support for version < 1.1.1 we need to do this. */ RAND_poll(); -#endif - -#if defined(USE_OPENSSL_RANDOM) - /* - * In case the backend is using the PRNG from OpenSSL without being built - * with support for OpenSSL, make sure to perform post-fork initialization. - * If the backend is using OpenSSL then we have already performed this - * step. The same version caveat as discussed in the comment above applies - * here as well. - */ -#ifndef USE_OPENSSL - RAND_poll(); -#endif #elif defined(USE_WIN32_RANDOM) /* no initialization needed for WIN32 */ @@ -146,7 +131,7 @@ pg_strong_random(void *buf, size_t len) /* * When built with OpenSSL, use OpenSSL's RAND_bytes function. */ -#if defined(USE_OPENSSL_RANDOM) +#if defined(USE_OPENSSL) int i; /* diff --git a/src/tools/msvc/Solution.pm b/src/tools/msvc/Solution.pm index 17e480546c..aec1ef2046 100644 --- a/src/tools/msvc/Solution.pm +++ b/src/tools/msvc/Solution.pm @@ -483,7 +483,6 @@ sub GenerateFiles USE_LLVM => undef, USE_NAMED_POSIX_SEMAPHORES => undef, USE_OPENSSL => undef, - USE_OPENSSL_RANDOM => undef, USE_PAM => undef, USE_SLICING_BY_8_CRC32C => undef, USE_SSE42_CRC32C => undef, -- 2.21.1 (Apple Git-122.3)