diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/Makefile.global.in | 1 | ||||
| -rw-r--r-- | src/backend/access/transam/xlog.c | 3 | ||||
| -rw-r--r-- | src/backend/libpq/auth-scram.c | 5 | ||||
| -rw-r--r-- | src/backend/libpq/auth.c | 5 | ||||
| -rw-r--r-- | src/backend/postmaster/postmaster.c | 62 | ||||
| -rw-r--r-- | src/backend/storage/ipc/ipci.c | 3 | ||||
| -rw-r--r-- | src/backend/storage/lmgr/lwlocknames.txt | 5 | ||||
| -rw-r--r-- | src/backend/utils/adt/float.c | 3 | ||||
| -rw-r--r-- | src/backend/utils/misc/Makefile | 6 | ||||
| -rw-r--r-- | src/backend/utils/misc/backend_random.c | 158 | ||||
| -rw-r--r-- | src/bin/pgbench/pgbench.c | 6 | ||||
| -rw-r--r-- | src/include/pg_config.h.in | 3 | ||||
| -rw-r--r-- | src/include/pg_config.h.win32 | 3 | ||||
| -rw-r--r-- | src/include/port.h | 7 | ||||
| -rw-r--r-- | src/include/utils/backend_random.h | 19 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-auth-scram.c | 62 | ||||
| -rw-r--r-- | src/port/Makefile | 6 |
17 files changed, 21 insertions, 336 deletions
diff --git a/src/Makefile.global.in b/src/Makefile.global.in index b47971edef5..4b6bab37dc9 100644 --- a/src/Makefile.global.in +++ b/src/Makefile.global.in @@ -203,7 +203,6 @@ enable_dtrace = @enable_dtrace@ enable_coverage = @enable_coverage@ enable_tap_tests = @enable_tap_tests@ enable_thread_safety = @enable_thread_safety@ -enable_strong_random = @enable_strong_random@ python_includespec = @python_includespec@ python_libdir = @python_libdir@ diff --git a/src/backend/access/transam/xlog.c b/src/backend/access/transam/xlog.c index 998818cbacc..26b4977acbe 100644 --- a/src/backend/access/transam/xlog.c +++ b/src/backend/access/transam/xlog.c @@ -65,7 +65,6 @@ #include "storage/reinit.h" #include "storage/smgr.h" #include "storage/spin.h" -#include "utils/backend_random.h" #include "utils/builtins.h" #include "utils/guc.h" #include "utils/memutils.h" @@ -5132,7 +5131,7 @@ BootStrapXLOG(void) * a genuine-looking password challenge for the non-existent user, in lieu * of an actual stored password. */ - if (!pg_backend_random(mock_auth_nonce, MOCK_AUTH_NONCE_LEN)) + if (!pg_strong_random(mock_auth_nonce, MOCK_AUTH_NONCE_LEN)) ereport(PANIC, (errcode(ERRCODE_INTERNAL_ERROR), errmsg("could not generate secret authorization token"))); diff --git a/src/backend/libpq/auth-scram.c b/src/backend/libpq/auth-scram.c index e997c946001..9a969a7029e 100644 --- a/src/backend/libpq/auth-scram.c +++ b/src/backend/libpq/auth-scram.c @@ -102,7 +102,6 @@ #include "libpq/crypt.h" #include "libpq/scram.h" #include "miscadmin.h" -#include "utils/backend_random.h" #include "utils/builtins.h" #include "utils/timestamp.h" @@ -468,7 +467,7 @@ pg_be_scram_build_verifier(const char *password) password = (const char *) prep_password; /* Generate random salt */ - if (!pg_backend_random(saltbuf, SCRAM_DEFAULT_SALT_LEN)) + if (!pg_strong_random(saltbuf, SCRAM_DEFAULT_SALT_LEN)) ereport(ERROR, (errcode(ERRCODE_INTERNAL_ERROR), errmsg("could not generate random salt"))); @@ -1123,7 +1122,7 @@ build_server_first_message(scram_state *state) char raw_nonce[SCRAM_RAW_NONCE_LEN]; int encoded_len; - if (!pg_backend_random(raw_nonce, SCRAM_RAW_NONCE_LEN)) + if (!pg_strong_random(raw_nonce, SCRAM_RAW_NONCE_LEN)) ereport(ERROR, (errcode(ERRCODE_INTERNAL_ERROR), errmsg("could not generate random nonce"))); diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index ff0832dba8b..0c2ca39d1bd 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -36,7 +36,6 @@ #include "port/pg_bswap.h" #include "replication/walsender.h" #include "storage/ipc.h" -#include "utils/backend_random.h" #include "utils/timestamp.h" @@ -835,7 +834,7 @@ CheckMD5Auth(Port *port, char *shadow_pass, char **logdetail) errmsg("MD5 authentication is not supported when \"db_user_namespace\" is enabled"))); /* include the salt to use for computing the response */ - if (!pg_backend_random(md5Salt, 4)) + if (!pg_strong_random(md5Salt, 4)) { ereport(LOG, (errmsg("could not generate random MD5 salt"))); @@ -3036,7 +3035,7 @@ PerformRadiusTransaction(const char *server, const char *secret, const char *por /* Construct RADIUS packet */ packet->code = RADIUS_ACCESS_REQUEST; packet->length = RADIUS_HEADER_LENGTH; - if (!pg_backend_random((char *) packet->vector, RADIUS_VECTOR_LENGTH)) + if (!pg_strong_random(packet->vector, RADIUS_VECTOR_LENGTH)) { ereport(LOG, (errmsg("could not generate random encryption vector"))); diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c index 2d5a0ac7d3b..406cc2cf2d4 100644 --- a/src/backend/postmaster/postmaster.c +++ b/src/backend/postmaster/postmaster.c @@ -367,16 +367,6 @@ static volatile sig_atomic_t WalReceiverRequested = false; static volatile bool StartWorkerNeeded = true; static volatile bool HaveCrashedWorker = false; -#ifndef HAVE_STRONG_RANDOM -/* - * State for assigning cancel keys. - * Also, the global MyCancelKey passes the cancel key assigned to a given - * backend from the postmaster to that backend (via fork). - */ -static unsigned int random_seed = 0; -static struct timeval random_start_time; -#endif - #ifdef USE_SSL /* Set when and if SSL has been initialized properly */ static bool LoadedSSL = false; @@ -1361,10 +1351,6 @@ PostmasterMain(int argc, char *argv[]) * Remember postmaster startup time */ PgStartTime = GetCurrentTimestamp(); -#ifndef HAVE_STRONG_RANDOM - /* RandomCancelKey wants its own copy */ - gettimeofday(&random_start_time, NULL); -#endif /* * Report postmaster status in the postmaster.pid file, to allow pg_ctl to @@ -2532,26 +2518,11 @@ InitProcessGlobals(void) MyStartTime = timestamptz_to_time_t(MyStartTimestamp); /* - * Don't want backend to be able to see the postmaster random number - * generator state. We have to clobber the static random_seed. - */ -#ifndef HAVE_STRONG_RANDOM - random_seed = 0; - random_start_time.tv_usec = 0; -#endif - - /* * Set a different seed for random() in every process. We want something * unpredictable, so if possible, use high-quality random bits for the * seed. Otherwise, fall back to a seed based on timestamp and PID. - * - * Note we can't use pg_backend_random here, since this is used in the - * postmaster, and even in a backend we might not be attached to shared - * memory yet. */ -#ifdef HAVE_STRONG_RANDOM if (!pg_strong_random(&rseed, sizeof(rseed))) -#endif { /* * Since PIDs and timestamps tend to change more frequently in their @@ -5256,38 +5227,7 @@ StartupPacketTimeoutHandler(void) static bool RandomCancelKey(int32 *cancel_key) { -#ifdef HAVE_STRONG_RANDOM - return pg_strong_random((char *) cancel_key, sizeof(int32)); -#else - - /* - * If built with --disable-strong-random, use plain old erand48. - * - * We cannot use pg_backend_random() in postmaster, because it stores its - * state in shared memory. - */ - static unsigned short seed[3]; - - /* - * Select a random seed at the time of first receiving a request. - */ - if (random_seed == 0) - { - struct timeval random_stop_time; - - gettimeofday(&random_stop_time, NULL); - - seed[0] = (unsigned short) random_start_time.tv_usec; - seed[1] = (unsigned short) (random_stop_time.tv_usec) ^ (random_start_time.tv_usec >> 16); - seed[2] = (unsigned short) (random_stop_time.tv_usec >> 16); - - random_seed = 1; - } - - *cancel_key = pg_jrand48(seed); - - return true; -#endif + return pg_strong_random(cancel_key, sizeof(int32)); } /* diff --git a/src/backend/storage/ipc/ipci.c b/src/backend/storage/ipc/ipci.c index 0c86a581c03..473513a9272 100644 --- a/src/backend/storage/ipc/ipci.c +++ b/src/backend/storage/ipc/ipci.c @@ -44,7 +44,6 @@ #include "storage/procsignal.h" #include "storage/sinvaladt.h" #include "storage/spin.h" -#include "utils/backend_random.h" #include "utils/snapmgr.h" @@ -149,7 +148,6 @@ CreateSharedMemoryAndSemaphores(bool makePrivate, int port) size = add_size(size, BTreeShmemSize()); size = add_size(size, SyncScanShmemSize()); size = add_size(size, AsyncShmemSize()); - size = add_size(size, BackendRandomShmemSize()); #ifdef EXEC_BACKEND size = add_size(size, ShmemBackendArraySize()); #endif @@ -269,7 +267,6 @@ CreateSharedMemoryAndSemaphores(bool makePrivate, int port) BTreeShmemInit(); SyncScanShmemInit(); AsyncShmemInit(); - BackendRandomShmemInit(); #ifdef EXEC_BACKEND diff --git a/src/backend/storage/lmgr/lwlocknames.txt b/src/backend/storage/lmgr/lwlocknames.txt index e6025ecedb3..db478432291 100644 --- a/src/backend/storage/lmgr/lwlocknames.txt +++ b/src/backend/storage/lmgr/lwlocknames.txt @@ -47,6 +47,5 @@ CommitTsLock 39 ReplicationOriginLock 40 MultiXactTruncationLock 41 OldSnapshotTimeMapLock 42 -BackendRandomLock 43 -LogicalRepWorkerLock 44 -CLogTruncationLock 45 +LogicalRepWorkerLock 43 +CLogTruncationLock 44 diff --git a/src/backend/utils/adt/float.c b/src/backend/utils/adt/float.c index add099ec9dc..1407f9612ca 100644 --- a/src/backend/utils/adt/float.c +++ b/src/backend/utils/adt/float.c @@ -24,7 +24,6 @@ #include "libpq/pqformat.h" #include "miscadmin.h" #include "utils/array.h" -#include "utils/backend_random.h" #include "utils/float.h" #include "utils/fmgrprotos.h" #include "utils/sortsupport.h" @@ -2393,7 +2392,7 @@ drandom(PG_FUNCTION_ARGS) * Should that fail for some reason, we fall back on a lower-quality * seed based on current time and PID. */ - if (!pg_backend_random((char *) drandom_seed, sizeof(drandom_seed))) + if (!pg_strong_random(drandom_seed, sizeof(drandom_seed))) { TimestampTz now = GetCurrentTimestamp(); uint64 iseed; diff --git a/src/backend/utils/misc/Makefile b/src/backend/utils/misc/Makefile index a53fcdf1889..ec7ec131e5a 100644 --- a/src/backend/utils/misc/Makefile +++ b/src/backend/utils/misc/Makefile @@ -14,9 +14,9 @@ include $(top_builddir)/src/Makefile.global override CPPFLAGS := -I. -I$(srcdir) $(CPPFLAGS) -OBJS = backend_random.o guc.o help_config.o pg_config.o pg_controldata.o \ - pg_rusage.o ps_status.o queryenvironment.o rls.o sampling.o \ - superuser.o timeout.o tzparser.o +OBJS = guc.o help_config.o pg_config.o pg_controldata.o pg_rusage.o \ + ps_status.o queryenvironment.o rls.o sampling.o superuser.o \ + timeout.o tzparser.o # This location might depend on the installation directories. Therefore # we can't substitute it into pg_config.h. diff --git a/src/backend/utils/misc/backend_random.c b/src/backend/utils/misc/backend_random.c deleted file mode 100644 index a64f3ac3980..00000000000 --- a/src/backend/utils/misc/backend_random.c +++ /dev/null @@ -1,158 +0,0 @@ -/*------------------------------------------------------------------------- - * - * backend_random.c - * Backend random number generation routine. - * - * pg_backend_random() function fills a buffer with random bytes. Normally, - * it is just a thin wrapper around pg_strong_random(), but when compiled - * with --disable-strong-random, we provide a built-in implementation. - * - * This function is used for generating nonces in authentication, and for - * random salt generation in pgcrypto. The built-in implementation is not - * cryptographically strong, but if the user asked for it, we'll go ahead - * and use it anyway. - * - * The built-in implementation uses the standard erand48 algorithm, with - * a seed shared between all backends. - * - * Portions Copyright (c) 1996-2018, PostgreSQL Global Development Group - * Portions Copyright (c) 1994, Regents of the University of California - * - * - * IDENTIFICATION - * src/backend/utils/misc/backend_random.c - * - *------------------------------------------------------------------------- - */ - -#include "postgres.h" - -#include <sys/time.h> - -#include "miscadmin.h" -#include "storage/lwlock.h" -#include "storage/shmem.h" -#include "utils/backend_random.h" -#include "utils/timestamp.h" - -#ifdef HAVE_STRONG_RANDOM - -Size -BackendRandomShmemSize(void) -{ - return 0; -} - -void -BackendRandomShmemInit(void) -{ - /* do nothing */ -} - -bool -pg_backend_random(char *dst, int len) -{ - /* should not be called in postmaster */ - Assert(IsUnderPostmaster || !IsPostmasterEnvironment); - - return pg_strong_random(dst, len); -} - -#else - -/* - * Seed for the PRNG, stored in shared memory. - * - * Protected by BackendRandomLock. - */ -typedef struct -{ - bool initialized; - unsigned short seed[3]; -} BackendRandomShmemStruct; - -static BackendRandomShmemStruct * BackendRandomShmem; - -Size -BackendRandomShmemSize(void) -{ - return sizeof(BackendRandomShmemStruct); -} - -void -BackendRandomShmemInit(void) -{ - bool found; - - BackendRandomShmem = (BackendRandomShmemStruct *) - ShmemInitStruct("Backend PRNG state", - BackendRandomShmemSize(), - &found); - - if (!IsUnderPostmaster) - { - Assert(!found); - - BackendRandomShmem->initialized = false; - } - else - Assert(found); -} - -bool -pg_backend_random(char *dst, int len) -{ - int i; - char *end = dst + len; - - /* should not be called in postmaster */ - Assert(IsUnderPostmaster || !IsPostmasterEnvironment); - - LWLockAcquire(BackendRandomLock, LW_EXCLUSIVE); - - /* - * Seed the PRNG on the first use. - */ - if (!BackendRandomShmem->initialized) - { - struct timeval now; - - gettimeofday(&now, NULL); - - BackendRandomShmem->seed[0] = now.tv_sec; - BackendRandomShmem->seed[1] = (unsigned short) (now.tv_usec); - BackendRandomShmem->seed[2] = (unsigned short) (now.tv_usec >> 16); - - /* - * Mix in the cancel key, generated by the postmaster. This adds what - * little entropy the postmaster had to the seed. - */ - BackendRandomShmem->seed[0] ^= (MyCancelKey); - BackendRandomShmem->seed[1] ^= (MyCancelKey >> 16); - - BackendRandomShmem->initialized = true; - } - - for (i = 0; dst < end; i++) - { - uint32 r; - int j; - - /* - * pg_jrand48 returns a 32-bit integer. Fill the next 4 bytes from it. - */ - r = (uint32) pg_jrand48(BackendRandomShmem->seed); - - for (j = 0; j < 4 && dst < end; j++) - { - *(dst++) = (char) (r & 0xFF); - r >>= 8; - } - } - LWLockRelease(BackendRandomLock); - - return true; -} - - -#endif /* HAVE_STRONG_RANDOM */ diff --git a/src/bin/pgbench/pgbench.c b/src/bin/pgbench/pgbench.c index c64e16187ad..f3f4ac3e3c2 100644 --- a/src/bin/pgbench/pgbench.c +++ b/src/bin/pgbench/pgbench.c @@ -4844,13 +4844,9 @@ set_random_seed(const char *seed) else if (strcmp(seed, "rand") == 0) { /* use some "strong" random source */ -#ifdef HAVE_STRONG_RANDOM if (!pg_strong_random(&iseed, sizeof(iseed))) -#endif { - fprintf(stderr, - "cannot seed random from a strong source, none available: " - "use \"time\" or an unsigned integer value.\n"); + fprintf(stderr, "could not generate random seed.\n"); return false; } } diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in index 76bd81e9bf2..9d99816eae9 100644 --- a/src/include/pg_config.h.in +++ b/src/include/pg_config.h.in @@ -552,9 +552,6 @@ /* Define to 1 if you have the `strnlen' function. */ #undef HAVE_STRNLEN -/* Define to use have a strong random number source */ -#undef HAVE_STRONG_RANDOM - /* Define to 1 if you have the `strsignal' function. */ #undef HAVE_STRSIGNAL diff --git a/src/include/pg_config.h.win32 b/src/include/pg_config.h.win32 index de0c4d9997b..1a89a8c24e2 100644 --- a/src/include/pg_config.h.win32 +++ b/src/include/pg_config.h.win32 @@ -412,9 +412,6 @@ /* Define to 1 if you have the <string.h> header file. */ #define HAVE_STRING_H 1 -/* Define to use have a strong random number source */ -#define HAVE_STRONG_RANDOM 1 - /* Define to 1 if you have the `strsignal' function. */ /* #undef HAVE_STRSIGNAL */ diff --git a/src/include/port.h b/src/include/port.h index 570a9052a28..ebf9d55979d 100644 --- a/src/include/port.h +++ b/src/include/port.h @@ -498,9 +498,12 @@ extern char *inet_net_ntop(int af, const void *src, int bits, char *dst, size_t size); /* port/pg_strong_random.c */ -#ifdef HAVE_STRONG_RANDOM extern bool pg_strong_random(void *buf, size_t len); -#endif +/* + * pg_backend_random used to be a wrapper for pg_strong_random before + * Postgres 12 for the backend code. + */ +#define pg_backend_random pg_strong_random /* port/pgcheckdir.c */ extern int pg_check_dir(const char *dir); diff --git a/src/include/utils/backend_random.h b/src/include/utils/backend_random.h deleted file mode 100644 index 99ea2cb9fb5..00000000000 --- a/src/include/utils/backend_random.h +++ /dev/null @@ -1,19 +0,0 @@ -/*------------------------------------------------------------------------- - * - * backend_random.h - * Declarations for backend random number generation - * - * Portions Copyright (c) 1996-2018, PostgreSQL Global Development Group - * - * src/include/utils/backend_random.h - * - *------------------------------------------------------------------------- - */ -#ifndef BACKEND_RANDOM_H -#define BACKEND_RANDOM_H - -extern Size BackendRandomShmemSize(void); -extern void BackendRandomShmemInit(void); -extern bool pg_backend_random(char *dst, int len); - -#endif /* BACKEND_RANDOM_H */ diff --git a/src/interfaces/libpq/fe-auth-scram.c b/src/interfaces/libpq/fe-auth-scram.c index 603ef4c0020..6f9e6789d56 100644 --- a/src/interfaces/libpq/fe-auth-scram.c +++ b/src/interfaces/libpq/fe-auth-scram.c @@ -19,11 +19,6 @@ #include "common/scram-common.h" #include "fe-auth.h" -/* These are needed for getpid(), in the fallback implementation */ -#ifndef HAVE_STRONG_RANDOM -#include <sys/types.h> -#include <unistd.h> -#endif /* * Status of exchange messages used for SCRAM authentication via the @@ -72,7 +67,6 @@ static bool verify_server_signature(fe_scram_state *state); static void calculate_client_proof(fe_scram_state *state, const char *client_final_message_without_proof, uint8 *result); -static bool pg_frontend_random(char *dst, int len); /* * Initialize SCRAM exchange status. @@ -320,7 +314,7 @@ build_client_first_message(fe_scram_state *state) * Generate a "raw" nonce. This is converted to ASCII-printable form by * base64-encoding it. */ - if (!pg_frontend_random(raw_nonce, SCRAM_RAW_NONCE_LEN)) + if (!pg_strong_random(raw_nonce, SCRAM_RAW_NONCE_LEN)) { printfPQExpBuffer(&conn->errorMessage, libpq_gettext("could not generate nonce\n")); @@ -764,7 +758,7 @@ pg_fe_scram_build_verifier(const char *password) password = (const char *) prep_password; /* Generate a random salt */ - if (!pg_frontend_random(saltbuf, SCRAM_DEFAULT_SALT_LEN)) + if (!pg_strong_random(saltbuf, SCRAM_DEFAULT_SALT_LEN)) { if (prep_password) free(prep_password); @@ -779,55 +773,3 @@ pg_fe_scram_build_verifier(const char *password) return result; } - -/* - * Random number generator. - */ -static bool -pg_frontend_random(char *dst, int len) -{ -#ifdef HAVE_STRONG_RANDOM - return pg_strong_random(dst, len); -#else - int i; - char *end = dst + len; - - static unsigned short seed[3]; - static int mypid = 0; - - pglock_thread(); - - if (mypid != getpid()) - { - struct timeval now; - - gettimeofday(&now, NULL); - - seed[0] = now.tv_sec ^ getpid(); - seed[1] = (unsigned short) (now.tv_usec); - seed[2] = (unsigned short) (now.tv_usec >> 16); - } - - for (i = 0; dst < end; i++) - { - uint32 r; - int j; - - /* - * pg_jrand48 returns a 32-bit integer. Fill the next 4 bytes from - * it. - */ - r = (uint32) pg_jrand48(seed); - - for (j = 0; j < 4 && dst < end; j++) - { - *(dst++) = (char) (r & 0xFF); - r >>= 8; - } - } - - pgunlock_thread(); - - return true; -#endif -} diff --git a/src/port/Makefile b/src/port/Makefile index ae3f973ae14..9cfc0f92796 100644 --- a/src/port/Makefile +++ b/src/port/Makefile @@ -37,14 +37,10 @@ LIBS += $(PTHREAD_LIBS) OBJS = $(LIBOBJS) $(PG_CRC32C_OBJS) chklocale.o erand48.o inet_net_ntop.o \ noblock.o path.o pgcheckdir.o pgmkdirp.o pgsleep.o \ - pgstrcasecmp.o pgstrsignal.o pqsignal.o \ + pg_strong_random.o pgstrcasecmp.o pgstrsignal.o pqsignal.o \ qsort.o qsort_arg.o quotes.o snprintf.o sprompt.o strerror.o \ tar.o thread.o -ifeq ($(enable_strong_random), yes) -OBJS += pg_strong_random.o -endif - # libpgport.a, libpgport_shlib.a, and libpgport_srv.a contain the same files # foo.o, foo_shlib.o, and foo_srv.o are all built from foo.c OBJS_SHLIB = $(OBJS:%.o=%_shlib.o) |