> Just a quick single-issue review, but I agree with Maxim that having
> one PRNG, seeded once, would be simpler
I don't agree that it's simpler. Because now there's a mutex you have
to manage, and honestly cross-platform threading in C is not simple.
However, I attached two additional patches that implement this
approach on top of the previous patchset. Just to make sure that
this patch is not blocked on this.
> with the tangible benefit that it would eliminate weird behavior on
> simultaneous connections when the client isn't using OpenSSL.
This is true, but still I think in practice very few people have a libpq
that's compiled without OpenSSL support.
> I'm guessing a simple lock on a
> global PRNG would be less overhead than the per-connection
> strong_random machinery, too, but I have no data to back that up.
It might very well have less overhead, but neither of them should take
up any significant amount of time during connection establishment.
> The test seed could then be handled globally as well (envvar?) so that you
> don't have to introduce a debug-only option into the connection string.
Why is a debug-only envvar any better than a debug-only connection option?
For now I kept the connection option approach, since to me they seem pretty
much equivalent.
