aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorNoah Misch <noah@leadboat.com>2020-07-25 14:50:59 -0700
committerNoah Misch <noah@leadboat.com>2020-07-25 14:50:59 -0700
commitce4939ff70890fa658a4095b9fe457f8432b2575 (patch)
treebc883e4de05b523f755a8bca5795ab280d67bf8a /src
parent0a0727ccfc5f4e2926623abe877bdc0b5bfd682e (diff)
downloadpostgresql-ce4939ff70890fa658a4095b9fe457f8432b2575.tar.gz
postgresql-ce4939ff70890fa658a4095b9fe457f8432b2575.zip
Use RAND_poll() for seeding randomness after fork().
OpenSSL deprecated RAND_cleanup(), and OpenSSL 1.1.0 made it into a no-op. Replace it with RAND_poll(), per an OpenSSL community recommendation. While this has no user-visible consequences under OpenSSL defaults, it might help under non-default settings. Daniel Gustafsson, reviewed by David Steele and Michael Paquier. Discussion: https://postgr.es/m/9B038FA5-23E8-40D0-B932-D515E1D8F66A@yesql.se
Diffstat (limited to 'src')
-rw-r--r--src/backend/postmaster/fork_process.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/backend/postmaster/fork_process.c b/src/backend/postmaster/fork_process.c
index def3cee37e2..15d63408007 100644
--- a/src/backend/postmaster/fork_process.c
+++ b/src/backend/postmaster/fork_process.c
@@ -109,10 +109,12 @@ fork_process(void)
}
/*
- * Make sure processes do not share OpenSSL randomness state.
+ * Make sure processes do not share OpenSSL randomness state. This is
+ * no longer required in OpenSSL 1.1.1 and later versions, but until
+ * we drop support for version < 1.1.1 we need to do this.
*/
#ifdef USE_OPENSSL
- RAND_cleanup();
+ RAND_poll();
#endif
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-23 03:28:14 +0000