Home > mailing lists

Re: pgcrypto seeding problem when ssl=on - Mailing list pgsql-hackers

From	Noah Misch
Subject	Re: pgcrypto seeding problem when ssl=on
Date	December 21, 2012 23:27:45
Msg-id	20121221202737.GB18583@tornado.leadboat.com Whole thread Raw
In response to	pgcrypto seeding problem when ssl=on (Marko Kreen <markokr@gmail.com>)
Responses	Re: pgcrypto seeding problem when ssl=on (Marko Kreen <markokr@gmail.com>) Re: pgcrypto seeding problem when ssl=on (Marko Kreen <markokr@gmail.com>)
List	pgsql-hackers

Tree view

This should have gone to security@postgresql.org, instead.

On Fri, Dec 21, 2012 at 06:05:10PM +0200, Marko Kreen wrote:
> When there is 'ssl=on' then postmaster calls SSL_CTX_new(),
> which asks for random number, thus requiring initialization
> of randomness pool (RAND_poll).  After that all forked backends
> think pool is already initialized.  Thus they proceed with same
> fixed state they got from postmaster.

> Attached patch makes both gen_random_bytes() and pgp_encrypt()
> seed pool with output from gettimeofday(), thus getting pool
> off from fixed state.  Basically, this mirrors what SSL_accept()
> already does.

That adds only 10-20 bits of entropy.  Is that enough?

How about instead calling RAND_cleanup() after each backend fork?

Thanks,
nm

pgsql-hackers by date:

From: "Joshua D. Drake"
Date: 21 December 2012, 23:17:58
Subject: Re: Feature Request: pg_replication_master()

From: Andres Freund
Date: 21 December 2012, 23:37:50
Subject: Re: Patch fürMAP_HUGETLB for mmap() shared memory

Re: pgcrypto seeding problem when ssl=on - Mailing list pgsql-hackers

Previous

Next