Add pg_strong_random_init function to initialize random number generator

Currently only OpenSSL requires this initialization, but in the future
other SSL implementations are likely to need it as well. Abstracting
this functionality out into a separate function makes this cleaner and
more clear, and also removes the dependency on OpenSSL headers from
fork_process.c.

OpenSSL is special in that we need to initialize this random number
generator even if we're not going to use it directly, until we drop
support for everything prior to OpenSSL 1.1.1. (And of course also if we
actually use it). All other implementations are left empty at this time,
but more are expected to be added in the future.

Author: Daniel Gustafsson <daniel@yesql.se>, Michael Paquier <michael@paquier.xyz>
Reviewed-By: Magnus Hagander <magnus@hagander.net>
Discussion: https://postgr.es/m/F6291C3C-747C-4C93-BCE0-28BB420B1FF5@yesql.se
This commit is contained in:
Magnus Hagander 2020-11-06 13:21:28 +01:00
parent 4f841ce3f7
commit 5ee180a394
3 changed files with 48 additions and 12 deletions

View File

@ -16,9 +16,6 @@
#include <sys/stat.h>
#include <sys/time.h>
#include <unistd.h>
#ifdef USE_OPENSSL
#include <openssl/rand.h>
#endif
#include "postmaster/fork_process.h"
@ -108,14 +105,8 @@ fork_process(void)
}
}
/*
* Make sure processes do not share OpenSSL randomness state. This is
* no longer required in OpenSSL 1.1.1 and later versions, but until
* we drop support for version < 1.1.1 we need to do this.
*/
#ifdef USE_OPENSSL
RAND_poll();
#endif
/* do post-fork initialization for random number generation */
pg_strong_random_init();
}
return result;

View File

@ -513,6 +513,7 @@ extern char *pg_inet_net_ntop(int af, const void *src, int bits,
char *dst, size_t size);
/* port/pg_strong_random.c */
extern void pg_strong_random_init(void);
extern bool pg_strong_random(void *buf, size_t len);
/*

View File

@ -24,7 +24,7 @@
#include <unistd.h>
#include <sys/time.h>
#ifdef USE_OPENSSL
#ifdef USE_OPENSSL_RANDOM
#include <openssl/rand.h>
#endif
#ifdef USE_WIN32_RANDOM
@ -75,6 +75,50 @@ random_from_file(const char *filename, void *buf, size_t len)
}
#endif
/*
* pg_strong_random_init
*
* Initialize the randomness state of "strong" random numbers. This is invoked
* *after* forking a process, and should include initialization steps specific
* to the chosen random source to prove fork-safety.
*/
void
pg_strong_random_init(void)
{
#if defined(USE_OPENSSL)
/*
* Make sure processes do not share OpenSSL randomness state. We need to
* call this even if pg_strong_random is implemented using another source
* for random numbers to ensure fork-safety in our TLS backend. This is no
* longer required in OpenSSL 1.1.1 and later versions, but until we drop
* support for version < 1.1.1 we need to do this.
*/
RAND_poll();
#endif
#if defined(USE_OPENSSL_RANDOM)
/*
* In case the backend is using the PRNG from OpenSSL without being built
* with support for OpenSSL, make sure to perform post-fork initialization.
* If the backend is using OpenSSL then we have already performed this
* step. The same version caveat as discussed in the comment above applies
* here as well.
*/
#ifndef USE_OPENSSL
RAND_poll();
#endif
#elif defined(USE_WIN32_RANDOM)
/* no initialization needed for WIN32 */
#elif defined(USE_DEV_URANDOM)
/* no initialization needed for /dev/urandom */
#else
#error no source of random numbers configured
#endif
}
/*
* pg_strong_random
*