On 10/17/2016 12:27 PM, Heikki Linnakangas wrote:
> On 10/17/2016 12:18 PM, Michael Paquier wrote:
>> You removed the part of pgcrypto in charge of randomness, nice move. I
>> was wondering about how to do with the perfc and the unix_std at some
>> point, and ripping them off as you did is fine for me.
>
> Yeah. I didn't understand the need for the perfc stuff. Are there
> Windows systems that don't have the Crypto APIs? I doubt it, but the
> buildfarm will tell us in a moment if there are.
>
> And if we don't have a good source of randomness like /dev/random, I
> think it's better to fail, than try to collect entropy ourselves (which
> is what unix_std did). If there's a platform where that doesn't work,
> someone will hopefully send us a patch, rather than silently fall back
> to an iffy implementation.
Looks like Tom's old HP-UX box, pademelon, is not happy about this. Does
(that version of) HP-UX not have /dev/urandom?
I think we're going to need a bit more logging if no randomness source
is available. What we have now is just "could not generate random query
cancel key", which isn't very informative. Perhaps we should also call
pg_strong_random() once at postmaster startup, to check that it works,
instead of starting up but not accepting any connections.
- Heikki