database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-01-05 23:38:41 +03:00
Code Activity

Forbid gen_random_uuid() with --disable-strong-random

Browse Source 
Previously, gen_random_uuid() would fall back to a weak random number
generator, unlike gen_random_bytes() which would just fail. And this was
not made very clear in the docs. For consistency, also make
gen_random_uuid() fail outright, if compiled with --disable-strong-random.

Re-word the error message you get with --disable-strong-random. It is also
used by pgp functions that require random salts, and now also
gen_random_uuid().

Reported by Radek Slupik.

Discussion: https://www.postgresql.org/message-id/20170101232054.10135.50528@wrigleys.postgresql.org
This commit is contained in:
Heikki Linnakangas
2017-07-03 12:10:11 +03:00
parent 647675228f
commit bf723a274c
6 changed files with 41 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
contrib/pgcrypto/expected/pgp-compression_1.out
View File

@@ -17,19 +17,19 @@ DMcmR53SXfLoDJOv/M8uKj3QSq7oWNIp95pxfA==
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret message', 'key', 'compress-algo=0'),
'key', 'expect-compress-algo=0');
ERROR: pg_random_bytes() is not supported by this build
ERROR: generating random data is not supported by this build
DETAIL: This functionality requires a source of strong random numbers
HINT: You need to rebuild PostgreSQL using --enable-strong-random
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret message', 'key', 'compress-algo=1'),
'key', 'expect-compress-algo=1');
ERROR: pg_random_bytes() is not supported by this build
ERROR: generating random data is not supported by this build
DETAIL: This functionality requires a source of strong random numbers
HINT: You need to rebuild PostgreSQL using --enable-strong-random
select pgp_sym_decrypt(
pgp_sym_encrypt('Secret message', 'key', 'compress-algo=2'),
'key', 'expect-compress-algo=2');
ERROR: pg_random_bytes() is not supported by this build
ERROR: generating random data is not supported by this build
DETAIL: This functionality requires a source of strong random numbers
HINT: You need to rebuild PostgreSQL using --enable-strong-random
-- level=0 should turn compression off
@@ -37,6 +37,6 @@ select pgp_sym_decrypt(
pgp_sym_encrypt('Secret message', 'key',
'compress-algo=2, compress-level=0'),
'key', 'expect-compress-algo=0');
ERROR: pg_random_bytes() is not supported by this build
ERROR: generating random data is not supported by this build
DETAIL: This functionality requires a source of strong random numbers
HINT: You need to rebuild PostgreSQL using --enable-strong-random