pgcrypto update:

Reserve px_get_random_bytes() for strong randomness, add new function px_get_pseudo_random_bytes() for weak randomness and use it in gen_salt(). On openssl case, use RAND_pseudo_bytes() for px_get_pseudo_random_bytes(). Final result is that is user has not configured random souce but kept the 'silly' one, gen_salt() keeps working, but pgp_encrypt() will throw error. Marko Kreen
2025-07-27 12:41:57 +03:00 · 2005-03-21 05:22:14 +00:00
parent 1ea9169b42
commit 19b676869a
4 changed files with 48 additions and 16 deletions
--- a/contrib/pgcrypto/px-crypt.c
+++ b/contrib/pgcrypto/px-crypt.c
@ -26,7 +26,7 @@
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.10 2005/03/21 05:19:55 neilc Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.11 2005/03/21 05:22:14 neilc Exp $
 */

 #include <postgres.h>
@ -171,7 +171,7 @@ px_gen_salt(const char *salt_type, char *buf, int rounds)
 			return PXE_BAD_SALT_ROUNDS;
 	}

-	res = px_get_random_bytes(rbuf, g->input_len);
+	res = px_get_pseudo_random_bytes(rbuf, g->input_len);
 	if (res < 0)
 		return res;