postmaster.c and random keys/salts
| От | Jeffrey Walton |
|---|---|
| Тема | postmaster.c and random keys/salts |
| Дата | |
| Msg-id | CAH8yC8=7h7aRJVMCjaxkNCDuntywa7fKfFmFR7J0JXJBmy0zmw@mail.gmail.com обсуждение исходный текст |
| Ответы |
Re: postmaster.c and random keys/salts
|
| Список | pgsql-bugs |
The following is used to key a channel (it appears to be used in the
AUTH_REQ_MD5 in fe-auth.c).
Four bytes is a tad bit small, and time based does not leave much to
the imagination. Also, it looks like its susceptible to VM roillbacks.
**********
static void
RandomSalt(char *md5Salt)
{
long rand;
/*
* We use % 255, sacrificing one possible byte value, so as to ensure that
* all bits of the random() value participate in the result. While at it,
* add one to avoid generating any null bytes.
*/
rand = PostmasterRandom();
md5Salt[0] = (rand % 255) + 1;
rand = PostmasterRandom();
md5Salt[1] = (rand % 255) + 1;
rand = PostmasterRandom();
md5Salt[2] = (rand % 255) + 1;
rand = PostmasterRandom();
md5Salt[3] = (rand % 255) + 1;
}
/*
* PostmasterRandom
*/
static long
PostmasterRandom(void)
{
/*
* Select a random seed at the time of first receiving a request.
*/
if (random_seed == 0)
{
do
{
struct timeval random_stop_time;
gettimeofday(&random_stop_time, NULL);
/*
* We are not sure how much precision is in tv_usec, so we swap
* the high and low 16 bits of 'random_stop_time' and XOR them
* with 'random_start_time'. On the off chance that the result is
* 0, we loop until it isn't.
*/
random_seed = random_start_time.tv_usec ^
((random_stop_time.tv_usec << 16) |
((random_stop_time.tv_usec >> 16) & 0xffff));
}
while (random_seed == 0);
srandom(random_seed);
}
return random();
}
В списке pgsql-bugs по дате отправления: