summaryrefslogtreecommitdiffstats
path: root/Modules/_ssl.c
diff options
context:
space:
mode:
authorChristian Heimes <christian@cheimes.de>2013-08-22 11:19:56 (GMT)
committerChristian Heimes <christian@cheimes.de>2013-08-22 11:19:56 (GMT)
commitf54c24628b080002100b9ee4506387ac48551736 (patch)
tree7a0776f81fad10385026635deff7c33491045743 /Modules/_ssl.c
parent7d2d43c0b15b8062c9b5d672a78e653abe2e1d91 (diff)
parent80c5de93f99f348553346f15a697c1acc0b9c612 (diff)
downloadcpython-f54c24628b080002100b9ee4506387ac48551736.zip
cpython-f54c24628b080002100b9ee4506387ac48551736.tar.gz
cpython-f54c24628b080002100b9ee4506387ac48551736.tar.bz2
Issue #18747: Use a parent atfork handler instead of a child atfork handler.
fork() is suppose to be async-signal safe but the handler calls unsafe functions. A parent handler mitigates the issue.
Diffstat (limited to 'Modules/_ssl.c')
-rw-r--r--Modules/_ssl.c21
1 files changed, 9 insertions, 12 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 3eb03a7..f84ef92 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -2943,23 +2943,25 @@ fails or if it does not provide enough data to seed PRNG.");
/* Seed OpenSSL's PRNG at fork(), http://bugs.python.org/issue18747
*
- * The child handler seeds the PRNG from pseudo-random data like pid, the
- * current time (nanoseconds, miliseconds or seconds) and an uninitialized
- * array. The array contains stack variables that are impossible to predict
+ * The parent handler seeds the PRNG from pseudo-random data like pid, the
+ * current time (miliseconds or seconds) and an uninitialized arry.
+ * The array contains stack variables that are impossible to predict
* on most systems, e.g. function return address (subject to ASLR), the
* stack protection canary and automatic variables.
* The code is inspired by Apache's ssl_rand_seed() function.
*
* Note:
* The code uses pthread_atfork() until Python has a proper atfork API. The
- * handlers are not removed from the child process.
+ * handlers are not removed from the child process. A parent handler is used
+ * instead of a child handler because fork() is suppose to be async-signal
+ * safe but the handler calls unsafe functions.
*/
#if defined(HAVE_PTHREAD_ATFORK) && defined(WITH_THREAD)
#define PYSSL_RAND_ATFORK 1
static void
-PySSL_RAND_atfork_child(void)
+PySSL_RAND_atfork_parent(void)
{
struct {
char stack[128]; /* uninitialized (!) stack data, 128 is an
@@ -2973,11 +2975,6 @@ PySSL_RAND_atfork_child(void)
#endif
seed.pid = getpid();
_PyTime_gettimeofday(&(seed.tp));
-
-#if 0
- fprintf(stderr, "PySSL_RAND_atfork_child() seeds %i bytes in pid %i\n",
- (int)sizeof(seed), seed.pid);
-#endif
RAND_add((unsigned char *)&seed, sizeof(seed), 0.0);
}
@@ -2991,8 +2988,8 @@ PySSL_RAND_atfork(void)
return 0;
retval = pthread_atfork(NULL, /* prepare */
- NULL, /* parent */
- PySSL_RAND_atfork_child); /* child */
+ PySSL_RAND_atfork_parent, /* parent */
+ NULL); /* child */
if (retval != 0) {
PyErr_SetFromErrno(PyExc_OSError);
return -1;