Quick Links

Re: patch contrib/pgcrypto for win32 (2)

Lists:	pgsql-patches

From:	"Korea PostgreSQL Users' Group" <pgsql-kr(at)postgresql(dot)or(dot)kr>
To:	<pgsql-patches(at)postgresql(dot)org>
Subject:	patch contrib/pgcrypto for win32 (2)
Date:	2004-12-05 15:51:28
Message-ID:	001f01c4dae2$4863a350$cdcb56dc@paolo.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Lists:	pgsql-patches

I found that function gen_salt() in contrib/pgcrypto had bug on win32.

I patched contrib/pgcrypto/random.c file.

Attachment	Content-Type	Size
pgcrypto_random.patch	application/octet-stream	573 bytes

From:	Andrew Dunstan <andrew(at)dunslane(dot)net>
To:	"Korea PostgreSQL Users' Group" <pgsql-kr(at)postgresql(dot)or(dot)kr>
Cc:	pgsql-patches(at)postgresql(dot)org
Subject:	Re: patch contrib/pgcrypto for win32 (2)
Date:	2004-12-05 19:06:05
Message-ID:	41B35C1D.7010700@dunslane.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Lists:	pgsql-patches

Korea PostgreSQL Users' Group wrote:

> I found that function gen_salt() in contrib/pgcrypto had bug on win32.
>
> I patched contrib/pgcrypto/random.c file.
>

What is the purpose of this addition?

+ srandom(time(NULL));
+

Is resetting the seed on each call a good idea?

cheers

andrew

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	"Korea PostgreSQL Users' Group" <pgsql-kr(at)postgresql(dot)or(dot)kr>
Cc:	pgsql-patches(at)postgresql(dot)org
Subject:	Re: patch contrib/pgcrypto for win32 (2)
Date:	2004-12-05 19:33:18
Message-ID:	17896.1102275198@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Lists:	pgsql-patches

"Korea PostgreSQL Users' Group" <pgsql-kr(at)postgresql(dot)or(dot)kr> writes:
> SSBmb3VuZCB0aGF0IGZ1bmN0aW9uIGdlbl9zYWx0KCkgaW4gY29udHJpYi9w
> Z2NyeXB0byBoYWQgYnVnIG9uIHdpbjMyLg0KDQpJIHBhdGNoZWQgY29udHJp
> Yi9wZ2NyeXB0by9yYW5kb20uYyBmaWxlLg0KDQo=

Unencoded text would be nicer to reply to ...

But anyway, why are you inserting an srandom() call? That changes the
behavior on all platforms not just win32. And I don't think the % 255
change is right either; doesn't that make it impossible to produce 255
as an output byte?

regards, tom lane

From:	Marko Kreen <marko(at)l-t(dot)ee>
To:	Korea PostgreSQL Users' Group <pgsql-kr(at)postgresql(dot)or(dot)kr>
Cc:	pgsql-patches(at)postgresql(dot)org
Subject:	Re: patch contrib/pgcrypto for win32 (2)
Date:	2004-12-05 23:27:27
Message-ID:	20041205232727.GA10439@l-t.ee
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Lists:	pgsql-patches

On Mon, Dec 06, 2004 at 12:51:28AM +0900, Korea PostgreSQL Users' Group wrote:
> I found that function gen_salt() in contrib/pgcrypto had bug on win32.
>
> I patched contrib/pgcrypto/random.c file.

Could you describe the bug bit more?

As for srandom, src/backend/postmaster/postmaster.c does it
already, and doing it more will make matters only worse.

I would not object to just sticking '& 255' there, but if
current code has problems then I imagine lot more code could be
affected. Or are you just silencing some warning?

--
marko

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Marko Kreen <marko(at)l-t(dot)ee>
Cc:	"Korea PostgreSQL Users' Group" <pgsql-kr(at)postgresql(dot)or(dot)kr>, pgsql-patches(at)postgresql(dot)org
Subject:	Re: patch contrib/pgcrypto for win32 (2)
Date:	2004-12-05 23:36:38
Message-ID:	19744.1102289798@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Lists:	pgsql-patches

Marko Kreen <marko(at)l-t(dot)ee> writes:
> As for srandom, src/backend/postmaster/postmaster.c does it
> already, and doing it more will make matters only worse.

Yes. I think we had some discussion about that already, and concluded
it was a bad idea to insert ad-hoc srandom calls.

> I would not object to just sticking '& 255' there,

The patch actually says '% 255' which is a whole different animal;
it still requires explaining though.

regards, tom lane

From:	Marko Kreen <marko(at)l-t(dot)ee>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	Korea PostgreSQL Users' Group <pgsql-kr(at)postgresql(dot)or(dot)kr>, pgsql-patches(at)postgresql(dot)org
Subject:	Re: patch contrib/pgcrypto for win32 (2)
Date:	2004-12-05 23:54:14
Message-ID:	20041205235414.GA11125@l-t.ee
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Lists:	pgsql-patches

On Sun, Dec 05, 2004 at 06:36:38PM -0500, Tom Lane wrote:
> Marko Kreen <marko(at)l-t(dot)ee> writes:
> > I would not object to just sticking '& 255' there,
>
> The patch actually says '% 255' which is a whole different animal;
> it still requires explaining though.

Yeah, I was hinting that '& 255' I could accept with less
explaining...

--
marko

From:	"Korea PostgreSQL Users' Group" <pgsql-kr(at)postgresql(dot)or(dot)kr>
To:	<pgsql-patches(at)postgresql(dot)org>
Subject:	Re: patch contrib/pgcrypto for win32 (2) - bug report
Date:	2004-12-06 16:18:41
Message-ID:	001a01c4dbaf$40862770$cdcb56dc@paolo.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Lists:	pgsql-patches

this bug is only for win32 system.

On mingw32 random() function have to be initialized by srandom().
so, I put srandom(time(NULL)) line.
and,
Because random() function return integer (2byte), this return integer number need filtering.
so, I changed random() % 255 line.

on win32, original code gen_salt() function allways returned "$1$/2E./2E.".
this string made by same return value by random() function. (sorry, I can't express in good English)

plz, check and properly fix this bug.

I tried "& 255" operation. but this bug is still.

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	"Korea PostgreSQL Users' Group" <pgsql-kr(at)postgresql(dot)or(dot)kr>
Cc:	pgsql-patches(at)postgresql(dot)org
Subject:	Re: patch contrib/pgcrypto for win32 (2) - bug report
Date:	2004-12-06 16:32:25
Message-ID:	2301.1102350745@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Lists:	pgsql-patches

"Korea PostgreSQL Users' Group" <pgsql-kr(at)postgresql(dot)or(dot)kr> writes:
> this bug is only for win32 system.
> On mingw32 random() function have to be initialized by srandom().
> so, I put srandom(time(NULL)) line.

But there is already an srandom() call during backend startup.

> Because random() function return integer (2byte), this return integer number need filtering.
> so, I changed random() % 255 line.

But the value will automatically be converted to a single byte when it's
stored into a uint8 variable.

> plz, check and properly fix this bug.

I see no bug here.

regards, tom lane

From:	Marko Kreen <marko(at)l-t(dot)ee>
To:	Korea PostgreSQL Users' Group <pgsql-kr(at)postgresql(dot)or(dot)kr>
Cc:	pgsql-patches(at)postgresql(dot)org
Subject:	Re: patch contrib/pgcrypto for win32 (2) - bug report
Date:	2004-12-06 19:20:45
Message-ID:	20041206192045.GA12778@l-t.ee
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Lists:	pgsql-patches

On Tue, Dec 07, 2004 at 01:18:41AM +0900, Korea PostgreSQL Users' Group wrote:
> this bug is only for win32 system.
>
> On mingw32 random() function have to be initialized by srandom().
> so, I put srandom(time(NULL)) line.
> and,
> Because random() function return integer (2byte), this return integer number need filtering.
> so, I changed random() % 255 line.
>
> on win32, original code gen_salt() function allways returned "$1$/2E./2E.".
> this string made by same return value by random() function. (sorry, I can't express in good English)

This seems really suspicious. My explanation would be, that
Win32 starup somehow skips the srandom call.

Or could the (MyProcPid ^ port->session_start.tv_usec) be
constant on win32?

> plz, check and properly fix this bug.
>
> I tried "& 255" operation. but this bug is still.

I dont understand. Does that mean that

random()
random() & 255

are buggy, but

random() % 255

is not?

--
marko