| From: | Noah Misch <noah(at)leadboat(dot)com> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | Michael Paquier <michael(at)paquier(dot)xyz>, Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: OpenSSL randomness seeding |
| Date: | 2020-08-02 06:48:23 |
| Message-ID: | 20200802064823.GB2207@rfd.leadboat.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jul 30, 2020 at 11:42:16PM +0200, Daniel Gustafsson wrote:
> Somewhat on topic though, 1.1.1 adds a RAND_priv_bytes function for random
> numbers that are supposed to be private and extra protected via it's own DRBG.
> Maybe we should use that for SCRAM salts etc in case we detect 1.1.1?
Maybe. Would you have a separate pg_private_random() function, or just use
RAND_priv_bytes() for pg_strong_random()? No pg_strong_random() caller is
clearly disinterested in privacy; gen_random_uuid() may come closest.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Paquier | 2020-08-02 07:05:03 | Re: OpenSSL randomness seeding |
| Previous Message | Noah Misch | 2020-08-02 06:11:42 | Re: SimpleLruTruncate() mutual exclusion |