Replace PostmasterRandom() with a stronger way of generating randomness.

This adds a new routine, pg_strong_random() for generating random bytes, for use in both frontend and backend. At the moment, it's only used in the backend, but the upcoming SCRAM authentication patches need strong random numbers in libpq as well. pg_strong_random() is based on, and replaces, the existing implementation in pgcrypto. It can acquire strong random numbers from a number of sources, depending on what's available: - OpenSSL RAND_bytes(), if built with OpenSSL - On Windows, the native cryptographic functions are used - /dev/urandom - /dev/random Original patch by Magnus Hagander, with further work by Michael Paquier and me. Discussion: <CAB7nPqRy3krN8quR9XujMVVHYtXJ0_60nqgVc6oUk8ygyVkZsA@mail.gmail.com>
2025-09-02 04:21:28 +03:00 · 2016-10-17 11:52:50 +03:00
parent 5dfc198146
commit 9e083fd468
9 changed files with 246 additions and 386 deletions
--- a/src/backend/libpq/auth.c
+++ b/src/backend/libpq/auth.c
@@ -45,6 +45,12 @@ static void auth_failed(Port *port, int status, char *logdetail);
 static char *recv_password_packet(Port *port);
 static int	recv_and_check_password_packet(Port *port, char **logdetail);

+/*----------------------------------------------------------------
+ * MD5 authentication
+ *----------------------------------------------------------------
+ */
+static int	CheckMD5Auth(Port *port, char **logdetail);
+

 /*----------------------------------------------------------------
 * Ident authentication
@@ -535,9 +541,7 @@ ClientAuthentication(Port *port)
 				ereport(FATAL,
 						(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
 						 errmsg("MD5 authentication is not supported when \"db_user_namespace\" is enabled")));
-			/* include the salt to use for computing the response */
-			sendAuthRequest(port, AUTH_REQ_MD5, port->md5Salt, 4);
-			status = recv_and_check_password_packet(port, &logdetail);
+			status = CheckMD5Auth(port, &logdetail);
 			break;

 		case uaPassword:
@@ -692,10 +696,25 @@ recv_password_packet(Port *port)


 /*----------------------------------------------------------------
- * MD5 authentication
+ * MD5 and password authentication
 *----------------------------------------------------------------
 */

+static int
+CheckMD5Auth(Port *port, char **logdetail)
+{
+	/* include the salt to use for computing the response */
+	if (!pg_strong_random(port->md5Salt, sizeof(port->md5Salt)))
+	{
+		*logdetail = psprintf(_("Could not generate random salt"));
+		return STATUS_ERROR;
+	}
+
+	sendAuthRequest(port, AUTH_REQ_MD5, port->md5Salt, 4);
+	return recv_and_check_password_packet(port, logdetail);
+}
+
+
 /*
 * Called when we have sent an authorization request for a password.
 * Get the response and check it.