diff options
| author | Michael Paquier | 2019-01-01 11:05:51 +0000 |
|---|---|---|
| committer | Michael Paquier | 2019-01-01 11:05:51 +0000 |
| commit | 1707a0d2aa6b2bcfe78f63836c769943a1a6b9e0 (patch) | |
| tree | 2e4acf6889358493cfda78582d54b8b751c3fbe5 /configure.in | |
| parent | d880b208e5fcf55e3ae396d5fc5fa6639f58205f (diff) | |
Remove configure switch --disable-strong-random
This removes a portion of infrastructure introduced by fe0a0b5 to allow
compilation of Postgres in environments where no strong random source is
available, meaning that there is no linking to OpenSSL and no
/dev/urandom (Windows having its own CryptoAPI). No systems shipped
this century lack /dev/urandom, and the buildfarm is actually not
testing this switch at all, so just remove it. This simplifies
particularly some backend code which included a fallback implementation
using shared memory, and removes a set of alternate regression output
files from pgcrypto.
Author: Michael Paquier
Reviewed-by: Tom Lane
Discussion: https://postgr.es/m/20181230063219.GG608@paquier.xyz
Diffstat (limited to 'configure.in')
| -rw-r--r-- | configure.in | 42 |
1 files changed, 13 insertions, 29 deletions
diff --git a/configure.in b/configure.in index 89a0fb2470..5084cddea3 100644 --- a/configure.in +++ b/configure.in @@ -194,13 +194,6 @@ PGAC_ARG_BOOL(enable, atomics, yes, [do not use atomic operations]) # -# Random number generation -# -PGAC_ARG_BOOL(enable, strong-random, yes, - [do not use a strong random number source]) -AC_SUBST(enable_strong_random) - -# # --enable-debug adds -g to compiler flags # PGAC_ARG_BOOL(enable, debug, no, @@ -2151,7 +2144,7 @@ fi # in the template or configure command line. # If not selected manually, try to select a source automatically. -if test "$enable_strong_random" = "yes" && test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then +if test x"$USE_OPENSSL_RANDOM" = x"" && test x"$USE_WIN32_RANDOM" = x"" && test x"$USE_DEV_URANDOM" = x"" ; then if test x"$with_openssl" = x"yes" ; then USE_OPENSSL_RANDOM=1 elif test "$PORTNAME" = "win32" ; then @@ -2166,28 +2159,19 @@ if test "$enable_strong_random" = "yes" && test x"$USE_OPENSSL_RANDOM" = x"" && fi AC_MSG_CHECKING([which random number source to use]) -if test "$enable_strong_random" = yes ; then - if test x"$USE_OPENSSL_RANDOM" = x"1" ; then - AC_DEFINE(USE_OPENSSL_RANDOM, 1, [Define to use OpenSSL for random number generation]) - AC_MSG_RESULT([OpenSSL]) - elif test x"$USE_WIN32_RANDOM" = x"1" ; then - AC_DEFINE(USE_WIN32_RANDOM, 1, [Define to use native Windows API for random number generation]) - AC_MSG_RESULT([Windows native]) - elif test x"$USE_DEV_URANDOM" = x"1" ; then - AC_DEFINE(USE_DEV_URANDOM, 1, [Define to use /dev/urandom for random number generation]) - AC_MSG_RESULT([/dev/urandom]) - else - AC_MSG_ERROR([ -no source of strong random numbers was found -PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers, -for authentication protocols. You can use --disable-strong-random to use a -built-in pseudo random number generator, but that may be insecure.]) - fi - AC_DEFINE(HAVE_STRONG_RANDOM, 1, [Define to use have a strong random number source]) +if test x"$USE_OPENSSL_RANDOM" = x"1" ; then + AC_DEFINE(USE_OPENSSL_RANDOM, 1, [Define to use OpenSSL for random number generation]) + AC_MSG_RESULT([OpenSSL]) +elif test x"$USE_WIN32_RANDOM" = x"1" ; then + AC_DEFINE(USE_WIN32_RANDOM, 1, [Define to use native Windows API for random number generation]) + AC_MSG_RESULT([Windows native]) +elif test x"$USE_DEV_URANDOM" = x"1" ; then + AC_DEFINE(USE_DEV_URANDOM, 1, [Define to use /dev/urandom for random number generation]) + AC_MSG_RESULT([/dev/urandom]) else - AC_MSG_RESULT([weak builtin PRNG]) - AC_MSG_WARN([ -*** Not using a strong random number source may be insecure.]) + AC_MSG_ERROR([ +no source of strong random numbers was found +PostgreSQL can use OpenSSL or /dev/urandom as a source of random numbers.]) fi # If not set in template file, set bytes to use libc memset() |