Reject bogus output from uuid_create(3).

When using the BSD UUID functions, contrib/uuid-ossp expects
uuid_create() to produce a version-1 UUID.  FreeBSD still does so,
but in recent NetBSD releases that function produces a version-4
(random) UUID instead.  That's not acceptable for our purposes:
if the user wanted v4 she would have asked for v4, not v1.
Hence, check the version digit and complain if it's not '1'.

Also drop the documentation's claim that the NetBSD implementation
is usable.  It might be, depending on which OS version you're using,
but we're not going to get into that kind of detail.

(Maybe someday we should ditch all these external libraries
and just write our own UUID code, but today is not that day.)

Nazir Bilal Yavuz, with cosmetic adjustments and docs by me.
Backpatch to all supported versions.

Discussion: https://postgr.es/m/3848059.1661038772@sss.pgh.pa.us
Discussion: https://postgr.es/m/17358-89806e7420797025@postgresql.org

diff --git a/contrib/uuid-ossp/uuid-ossp.c b/contrib/uuid-ossp/uuid-ossp.c
index 55bc60941588f80227e6249407a1379da184ada4..4fd8cc6cd10de94db2d7445127edb7e05e7b8174 100644 (file)
--- a/contrib/uuid-ossp/uuid-ossp.c
+++ b/contrib/uuid-ossp/uuid-ossp.c
@@ -295,6 +295,18 @@ uuid_generate_internal(int v, unsigned char *ns, char *ptr, int len)
                    {
                        strlcpy(strbuf, str, 37);
 
+                       /*
+                        * In recent NetBSD, uuid_create() has started
+                        * producing v4 instead of v1 UUIDs.  Check the
+                        * version field and complain if it's not v1.
+                        */
+                       if (strbuf[14] != '1')
+                           ereport(ERROR,
+                                   (errcode(ERRCODE_EXTERNAL_ROUTINE_EXCEPTION),
+                           /* translator: %c will be a hex digit */
+                                    errmsg("uuid_create() produced a version %c UUID instead of the expected version 1",
+                                           strbuf[14])));
+
                        /*
                         * PTR, if set, replaces the trailing characters of
                         * the uuid; this is to support v1mc, where a random

diff --git a/doc/src/sgml/installation.sgml b/doc/src/sgml/installation.sgml
index 7cde895bd8635805917d04894200ff78c4776fda..2571493cee5c6fe5fc8dfffc846cc64599d702da 100644 (file)
--- a/doc/src/sgml/installation.sgml
+++ b/doc/src/sgml/installation.sgml
@@ -920,7 +920,7 @@ su - postgres
         <itemizedlist>
          <listitem>
           <para>
-           <option>bsd</> to use the UUID functions found in FreeBSD, NetBSD,
+           <option>bsd</> to use the UUID functions found in FreeBSD
            and some other BSD-derived systems
           </para>
          </listitem>

diff --git a/doc/src/sgml/uuid-ossp.sgml b/doc/src/sgml/uuid-ossp.sgml
index 227d4a839c8488dbb93a02a2a55ba2a2ad8d4365..0faf19ec4447ebf16a1a375d66f80b508a8bde24 100644 (file)
--- a/doc/src/sgml/uuid-ossp.sgml
+++ b/doc/src/sgml/uuid-ossp.sgml
@@ -167,7 +167,7 @@ SELECT uuid_generate_v3(uuid_ns_url(), 'http://www.postgresql.org');
    at <ulink url="http://www.ossp.org/pkg/lib/uuid/"></ulink>, it is not well
    maintained, and is becoming increasingly difficult to port to newer
    platforms.  <filename>uuid-ossp</> can now be built without the OSSP
-   library on some platforms.  On FreeBSD, NetBSD, and some other BSD-derived
+   library on some platforms.  On FreeBSD and some other BSD-derived
    platforms, suitable UUID creation functions are included in the
    core <filename>libc</> library.  On Linux, macOS, and some other
    platforms, suitable functions are provided in the <filename>libuuid</>