diff options
author | Christian Heimes <christian@cheimes.de> | 2013-08-22 11:19:48 (GMT) |
---|---|---|
committer | Christian Heimes <christian@cheimes.de> | 2013-08-22 11:19:48 (GMT) |
commit | 80c5de93f99f348553346f15a697c1acc0b9c612 (patch) | |
tree | f3a2f1c354992dd9f8eef2edacaf69a4cdf73716 /Modules/_ssl.c | |
parent | 00ae435deef434f471e39bea3f3ab3a3e3cd90fe (diff) | |
download | cpython-80c5de93f99f348553346f15a697c1acc0b9c612.zip cpython-80c5de93f99f348553346f15a697c1acc0b9c612.tar.gz cpython-80c5de93f99f348553346f15a697c1acc0b9c612.tar.bz2 |
Issue #18747: Use a parent atfork handler instead of a child atfork handler.
fork() is suppose to be async-signal safe but the handler calls unsafe functions. A parent handler mitigates the issue.
Diffstat (limited to 'Modules/_ssl.c')
-rw-r--r-- | Modules/_ssl.c | 21 |
1 files changed, 9 insertions, 12 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c index cd6640f..97934d9 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -2585,23 +2585,25 @@ fails or if it does not provide enough data to seed PRNG."); /* Seed OpenSSL's PRNG at fork(), http://bugs.python.org/issue18747 * - * The child handler seeds the PRNG from pseudo-random data like pid, the - * current time (nanoseconds, miliseconds or seconds) and an uninitialized - * array. The array contains stack variables that are impossible to predict + * The parent handler seeds the PRNG from pseudo-random data like pid, the + * current time (miliseconds or seconds) and an uninitialized arry. + * The array contains stack variables that are impossible to predict * on most systems, e.g. function return address (subject to ASLR), the * stack protection canary and automatic variables. * The code is inspired by Apache's ssl_rand_seed() function. * * Note: * The code uses pthread_atfork() until Python has a proper atfork API. The - * handlers are not removed from the child process. + * handlers are not removed from the child process. A parent handler is used + * instead of a child handler because fork() is suppose to be async-signal + * safe but the handler calls unsafe functions. */ #if defined(HAVE_PTHREAD_ATFORK) && defined(WITH_THREAD) #define PYSSL_RAND_ATFORK 1 static void -PySSL_RAND_atfork_child(void) +PySSL_RAND_atfork_parent(void) { struct { char stack[128]; /* uninitialized (!) stack data, 128 is an @@ -2615,11 +2617,6 @@ PySSL_RAND_atfork_child(void) #endif seed.pid = getpid(); _PyTime_gettimeofday(&(seed.tp)); - -#if 0 - fprintf(stderr, "PySSL_RAND_atfork_child() seeds %i bytes in pid %i\n", - (int)sizeof(seed), seed.pid); -#endif RAND_add((unsigned char *)&seed, sizeof(seed), 0.0); } @@ -2633,8 +2630,8 @@ PySSL_RAND_atfork(void) return 0; retval = pthread_atfork(NULL, /* prepare */ - NULL, /* parent */ - PySSL_RAND_atfork_child); /* child */ + PySSL_RAND_atfork_parent, /* parent */ + NULL); /* child */ if (retval != 0) { PyErr_SetFromErrno(PyExc_OSError); return -1; |