BUG #4167: When generating UUID using UUID-OSSP module, UUIDs are not unique on Windows
The following bug has been logged online:
Bug reference: 4167
Logged by: nicoanto
Email address: na@mnm-consulting.com
PostgreSQL version: 8.3.1.0
Operating system: Windows
Description: When generating UUID using UUID-OSSP module, UUIDs are
not unique on Windows
Details:
Hi all,
I am using the 8.3.1 version of PostgreSQL. I wrote a simple function on
order to generate UUID values using the UUID-OSSP module
The code of the function is the following one :
CREATE FUNCTION uuidgen() RETURNS CHAR(36) AS $$
BEGIN
RETURN uuid_generate_v4()::CHAR(36);
END;
$$ LANGUAGE 'plpgsql';
When using it in a loop, I have got 2 different behaviors :
* on an Ubuntu platform, the generated UUID values are unique
* on a Windows platform, the generated UUID values are not unique most of
the time.
Do you have any idea on how to fix that bug on a Windows platform ?
Regards,
Nicoanto
Am Mittwoch, 14. Mai 2008 schrieb nicoanto:
I am using the 8.3.1 version of PostgreSQL. I wrote a simple function on
order to generate UUID values using the UUID-OSSP module
The code of the function is the following one :� � CREATE FUNCTION uuidgen() RETURNS CHAR(36) AS $$
� � � �BEGIN
� � � � � RETURN uuid_generate_v4()::CHAR(36);
� � � �END;
� � $$ LANGUAGE 'plpgsql';When using it in a loop, I have got 2 different behaviors :
* on an Ubuntu platform, the generated UUID values are unique
* on a Windows platform, the generated UUID values are not unique most of
the time.Do you have any idea on how to fix that bug on a Windows platform ?
Congratulations, you have just independently rediscovered the Debian OpenSSL
vulnerability, see http://www.debian.org/security/2008/dsa-1571. Get a new
libssl package from the Ubuntu security repository. It's not a Windows bug;
the numbers are supposed to be different.
Peter Eisentraut wrote:
Am Mittwoch, 14. Mai 2008 schrieb nicoanto:
I am using the 8.3.1 version of PostgreSQL. I wrote a simple function on
order to generate UUID values using the UUID-OSSP module
The code of the function is the following one :� � CREATE FUNCTION uuidgen() RETURNS CHAR(36) AS $$
� � � �BEGIN
� � � � � RETURN uuid_generate_v4()::CHAR(36);
� � � �END;
� � $$ LANGUAGE 'plpgsql';When using it in a loop, I have got 2 different behaviors :
* on an Ubuntu platform, the generated UUID values are unique
* on a Windows platform, the generated UUID values are not unique most of
the time.Do you have any idea on how to fix that bug on a Windows platform ?
Congratulations, you have just independently rediscovered the Debian OpenSSL
vulnerability, see http://www.debian.org/security/2008/dsa-1571. Get a new
libssl package from the Ubuntu security repository. It's not a Windows bug;
the numbers are supposed to be different.
Hmm, surely the problem is unrelated? He gets the same numbers on
_Windows_, whereas Ubuntu shows the good behavior.
Also, OOSP-UUID does not depend on OpenSSL AFAIR.
--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.
Peter Eisentraut wrote:
Am Mittwoch, 14. Mai 2008 schrieb nicoanto:
I am using the 8.3.1 version of PostgreSQL. I wrote a simple function on
order to generate UUID values using the UUID-OSSP module
The code of the function is the following one :CREATE FUNCTION uuidgen() RETURNS CHAR(36) AS $$
BEGIN
RETURN uuid_generate_v4()::CHAR(36);
END;
$$ LANGUAGE 'plpgsql';When using it in a loop, I have got 2 different behaviors :
* on an Ubuntu platform, the generated UUID values are unique
* on a Windows platform, the generated UUID values are not unique most of
the time.Do you have any idea on how to fix that bug on a Windows platform ?
Congratulations, you have just independently rediscovered the Debian OpenSSL
vulnerability, see http://www.debian.org/security/2008/dsa-1571. Get a new
libssl package from the Ubuntu security repository. It's not a Windows bug;
the numbers are supposed to be different.
I doubt that. There's no dependency from uuid library to openssl. And if
that was related, I would've expected to see non-unique values on
Ubuntu, not Windows.
Seems rather like a weakness in the Windows port of the ossp-uuid
library to me.
--
Heikki Linnakangas
EnterpriseDB http://www.enterprisedb.com
Am Mittwoch, 14. Mai 2008 schrieb Alvaro Herrera:
Hmm, surely the problem is unrelated? He gets the same numbers on
_Windows_, whereas Ubuntu shows the good behavior.
Oh, I read it backwards. So then the random number generator on Windows is
the problem in this case.
Also, OOSP-UUID does not depend on OpenSSL AFAIR.
Written by the same guy anyway. :-/
Peter Eisentraut wrote:
Am Mittwoch, 14. Mai 2008 schrieb Alvaro Herrera:
Hmm, surely the problem is unrelated? He gets the same numbers on
_Windows_, whereas Ubuntu shows the good behavior.Oh, I read it backwards. So then the random number generator on Windows is
the problem in this case.
Right.
Actually what I would suggest is using the Windows API for generating
UUIDs instead of OOSP-UUID.
Also, OOSP-UUID does not depend on OpenSSL AFAIR.
Written by the same guy anyway. :-/
Oh, right ...
--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.
Peter Eisentraut <peter_e@gmx.net> writes:
Am Mittwoch, 14. Mai 2008 schrieb Alvaro Herrera:
Hmm, surely the problem is unrelated? He gets the same numbers on
_Windows_, whereas Ubuntu shows the good behavior.
Oh, I read it backwards. So then the random number generator on Windows is
the problem in this case.
Also, OOSP-UUID does not depend on OpenSSL AFAIR.
Written by the same guy anyway. :-/
Well, in any case this is surely a bug in the Windows port of
libossp-uuid, and so needs to be reported to them not us.
regards, tom lane
Hi
Ahhh, This problem is reproduced. :-(
Sorry, I neglect it. Then, the following is considered as management.
http://winpg.jp/~saito/pg_work/OSSP_win32/getrand.c
I will consult to Ralf-san tonight. or weekend...
Regards,
Hiroshi Saito
----- Original Message -----
From: "Tom Lane" <tgl@sss.pgh.pa.us>
Show quoted text
Peter Eisentraut <peter_e@gmx.net> writes:
Am Mittwoch, 14. Mai 2008 schrieb Alvaro Herrera:
Hmm, surely the problem is unrelated? He gets the same numbers on
_Windows_, whereas Ubuntu shows the good behavior.Oh, I read it backwards. So then the random number generator on Windows is
the problem in this case.Also, OOSP-UUID does not depend on OpenSSL AFAIR.
Written by the same guy anyway. :-/
Well, in any case this is surely a bug in the Windows port of
libossp-uuid, and so needs to be reported to them not us.regards, tom lane
Any news about a fix for this bug ?
Regards,
Nicolas ANTONINI
Hiroshi Saito a �crit :
Hi
Ahhh, This problem is reproduced. :-(
Sorry, I neglect it. Then, the following is considered as management.
http://winpg.jp/~saito/pg_work/OSSP_win32/getrand.c
I will consult to Ralf-san tonight. or weekend...Regards,
Hiroshi Saito----- Original Message ----- From: "Tom Lane" <tgl@sss.pgh.pa.us>
Peter Eisentraut <peter_e@gmx.net> writes:
Am Mittwoch, 14. Mai 2008 schrieb Alvaro Herrera:
Hmm, surely the problem is unrelated? He gets the same numbers on
_Windows_, whereas Ubuntu shows the good behavior.Oh, I read it backwards. So then the random number generator on
Windows is the problem in this case.Also, OOSP-UUID does not depend on OpenSSL AFAIR.
Written by the same guy anyway. :-/
Well, in any case this is surely a bug in the Windows port of
libossp-uuid, and so needs to be reported to them not us.regards, tom lane
--
Nicolas ANTONINI
Directeur Technique
MNM Consulting
98, rue de S�vres
75007 PARIS
T : + 33 (0)3 85 55 36 64
P : + 33 (0)6 23 71 85 24
Hi.
Sorry, late reaction....Now, private time has only a few.
I will investigate at a weekend again.
Regards,
Hiroshi Saito
----- Original Message -----
From: "Nicolas ANTONINI" <nicolas.antonini@mnm-consulting.com>
Show quoted text
Any news about a fix for this bug ?
Regards,
Nicolas ANTONINI
Hiroshi Saito a �crit :
Hi
Ahhh, This problem is reproduced. :-(
Sorry, I neglect it. Then, the following is considered as management.
http://winpg.jp/~saito/pg_work/OSSP_win32/getrand.c
I will consult to Ralf-san tonight. or weekend...Regards,
Hiroshi Saito----- Original Message ----- From: "Tom Lane" <tgl@sss.pgh.pa.us>
Peter Eisentraut <peter_e@gmx.net> writes:
Am Mittwoch, 14. Mai 2008 schrieb Alvaro Herrera:
Hmm, surely the problem is unrelated? He gets the same numbers on
_Windows_, whereas Ubuntu shows the good behavior.Oh, I read it backwards. So then the random number generator on Windows is the problem
in this case.Also, OOSP-UUID does not depend on OpenSSL AFAIR.
Written by the same guy anyway. :-/
Well, in any case this is surely a bug in the Windows port of
libossp-uuid, and so needs to be reported to them not us.regards, tom lane
--
Nicolas ANTONINI
Directeur Technique
MNM Consulting
98, rue de S�vres
75007 PARIS
T : + 33 (0)3 85 55 36 64
P : + 33 (0)6 23 71 85 24--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs