diff options
author | Noah Misch | 2020-07-25 21:50:59 +0000 |
---|---|---|
committer | Noah Misch | 2020-07-25 21:50:59 +0000 |
commit | 15e441972276e95639f8c3d9f5f66c2318fe9348 (patch) | |
tree | 7543302d33ef226e84769414c7c9bbb2e82cb91a | |
parent | ce4939ff70890fa658a4095b9fe457f8432b2575 (diff) |
Remove optimization for RAND_poll() failing.
The loop to generate seed data will exit on RAND_status(), so we don't
need to handle the case of RAND_poll() failing separately. Failures
here are rare, so this a code cleanup, essentially.
Daniel Gustafsson, reviewed by David Steele and Michael Paquier.
Discussion: https://postgr.es/m/[email protected]
-rw-r--r-- | src/port/pg_strong_random.c | 17 |
1 files changed, 6 insertions, 11 deletions
diff --git a/src/port/pg_strong_random.c b/src/port/pg_strong_random.c index eed8b878089..14e8382cd89 100644 --- a/src/port/pg_strong_random.c +++ b/src/port/pg_strong_random.c @@ -108,7 +108,11 @@ pg_strong_random(void *buf, size_t len) /* * Check that OpenSSL's CSPRNG has been sufficiently seeded, and if not * add more seed data using RAND_poll(). With some older versions of - * OpenSSL, it may be necessary to call RAND_poll() a number of times. + * OpenSSL, it may be necessary to call RAND_poll() a number of times. If + * RAND_poll() fails to generate seed data within the given amount of + * retries, subsequent RAND_bytes() calls will fail, but we allow that to + * happen to let pg_strong_random() callers handle that with appropriate + * error handling. */ #define NUM_RAND_POLL_RETRIES 8 @@ -120,16 +124,7 @@ pg_strong_random(void *buf, size_t len) break; } - if (RAND_poll() == 0) - { - /* - * RAND_poll() failed to generate any seed data, which means that - * RAND_bytes() will probably fail. For now, just fall through - * and let that happen. XXX: maybe we could seed it some other - * way. - */ - break; - } + RAND_poll(); } if (RAND_bytes(buf, len) == 1) |