pgcrypto update:

Reserve px_get_random_bytes() for strong randomness, add new function px_get_pseudo_random_bytes() for weak randomness and use it in gen_salt(). On openssl case, use RAND_pseudo_bytes() for px_get_pseudo_random_bytes(). Final result is that is user has not configured random souce but kept the 'silly' one, gen_salt() keeps working, but pgp_encrypt() will throw error. Marko Kreen
author: Neil Conway 2005-03-21 05:22:14 +0000
committer: Neil Conway 2005-03-21 05:22:14 +0000
commit: 19b676869a1d9c1bf25a2332bdbe04bb9027c340 (patch)
tree: bf12fc5bff3da3f6d6ac93a9d8ed7aa220f4bd52 /contrib/pgcrypto/px-crypt.c
parent: 1ea9169b420bea40228f2a8e5df28b886a099134 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/contrib/pgcrypto/px-crypt.c b/contrib/pgcrypto/px-crypt.c
index 8b398c38a0c..5b99d1d0468 100644
--- a/contrib/pgcrypto/px-crypt.c
+++ b/contrib/pgcrypto/px-crypt.c
@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.10 2005/03/21 05:19:55 neilc Exp $
+ * $PostgreSQL: pgsql/contrib/pgcrypto/px-crypt.c,v 1.11 2005/03/21 05:22:14 neilc Exp $
  */
 
 #include <postgres.h>
@@ -171,7 +171,7 @@ px_gen_salt(const char *salt_type, char *buf, int rounds)
 			return PXE_BAD_SALT_ROUNDS;
 	}
 
-	res = px_get_random_bytes(rbuf, g->input_len);
+	res = px_get_pseudo_random_bytes(rbuf, g->input_len);
 	if (res < 0)
 		return res;
author	Neil Conway	2005-03-21 05:22:14 +0000
committer	Neil Conway	2005-03-21 05:22:14 +0000
commit	19b676869a1d9c1bf25a2332bdbe04bb9027c340 (patch)
tree	bf12fc5bff3da3f6d6ac93a9d8ed7aa220f4bd52 /contrib/pgcrypto/px-crypt.c
parent	1ea9169b420bea40228f2a8e5df28b886a099134 (diff)