[pgpool-hackers: 4595] Re: Shuffle random functions and use better random numbers

Martijn van Duren pgpool at list.imperialat.at
Tue May 20 06:07:38 JST 2025 

For what it's worth: looks good to me.

On Mon, 2025-05-19 at 10:37 +0900, Tatsuo Ishii wrote:
> > > Thanks for the patches. After reading them. I visited PostgreSQL
> > > source code and found followings.
> > > 
> > > - Our PostmasterRandmon() was imported from PostgreSQL long time ago
> > >   (2016). In the same year PostgreSQL replaced PostmasterRandmon()
> > >   with pg_strong_random().(src/port/pg_strong_random.c.
> > >   pg_strong_random() looks better than PostmasterRandmon(), since it's
> > >   more secure and portable. Moreover no initialization is necessary.
> > > 
> > > - PostgreSQL introduced Pseudo-Random Number Generator in 2021
> > >   (src/common/pg_prng.c). In the commet:
> > > 
> > >  * Pseudo-Random Number Generator
> > >  *
> > >  * We use Blackman and Vigna's xoroshiro128** 1.0 algorithm
> > >  * to have a small, fast PRNG suitable for generating reasonably
> > >  * good-quality 64-bit data.  This should not be considered
> > >  * cryptographically strong, however.
> > >  *
> > >  * About these generators: https://prng.di.unimi.it/
> > >  * See also https://en.wikipedia.org/wiki/List_of_random_number_generators
> > > 
> > >  This is used for SQL functions in PostgreSQL. Looks pretty portable
> > >  and maybe faster than standard random() function in some
> > >  platforms. One bonus is, your select_rand_weight() is already
> > >  implemneted in it: pg_prng_double().
> > > 
> > > Probably we should import pg_strong_random.c and pg_prng.c, then
> > > change pgpool to use pg_strong_random() for generating salts,
> > > pg_prng_double() for generating random number between 0 and 1.0.
> > > 
> > > What do you think?
> > 
> > I'm definitely not opposed to this approach. I've given a shot at
> > importing these two files, but there's quite a bit of postgres
> > specifics in there. I could probably make it work, but it'll probably
> > be in such a convoluted way that it's going to need a full rewrite
> > anyway.
> > 
> > Some nitpicking could be done over some of the internals, but I
> > don't mind this color bikeshed.
> 
> Attached is a patch to replace PostmasterRandmon() with
> pg_strong_random(). I think this is not only useful to enhance the
> quality of random numbers generated for authentications (md5 and
> scram-sha-256) but is needed anyway if we import pg_prng.c as it
> relies on pg_strong_random().
> 
> I am going to push this if there's no objection.
> 
> Best regards,
> --
> Tatsuo Ishii
> SRA OSS K.K.
> English: http://www.sraoss.co.jp/index_en/
> Japanese:http://www.sraoss.co.jp

More information about the pgpool-hackers mailing list