diff options
| author | Georg Brandl <georg@python.org> | 2013-10-27 06:56:11 (GMT) |
|---|---|---|
| committer | Georg Brandl <georg@python.org> | 2013-10-27 06:56:11 (GMT) |
| commit | 81be27d53e33b6eb5cedf75c17038673e1555145 (patch) | |
| tree | f8f495bc5cbda058fb2cacb781dbdcbc61284bc9 /Modules/_ssl.c | |
| parent | 045ee06ae91a1503a8d512929c54e16deabfe9a8 (diff) | |
| download | cpython-81be27d53e33b6eb5cedf75c17038673e1555145.zip cpython-81be27d53e33b6eb5cedf75c17038673e1555145.tar.gz cpython-81be27d53e33b6eb5cedf75c17038673e1555145.tar.bz2 | |
Issue #19227: Try to fix deadlocks caused by re-seeding then OpenSSL
pseudo-random number generator on fork().
Diffstat (limited to 'Modules/_ssl.c')
| -rw-r--r-- | Modules/_ssl.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 448114b..b791f28d 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -2586,7 +2586,7 @@ fails or if it does not provide enough data to seed PRNG."); /* Seed OpenSSL's PRNG at fork(), http://bugs.python.org/issue18747 * - * The parent handler seeds the PRNG from pseudo-random data like pid, the + * The prepare handler seeds the PRNG from pseudo-random data like pid, the * current time (miliseconds or seconds) and an uninitialized array. * The array contains stack variables that are impossible to predict * on most systems, e.g. function return address (subject to ASLR), the @@ -2595,16 +2595,17 @@ fails or if it does not provide enough data to seed PRNG."); * * Note: * The code uses pthread_atfork() until Python has a proper atfork API. The - * handlers are not removed from the child process. A parent handler is used + * handlers are not removed from the child process. A prepare handler is used * instead of a child handler because fork() is supposed to be async-signal - * safe but the handler calls unsafe functions. + * safe but the handler calls unsafe functions. A parent handler has caused + * other problems, see issue #19227. */ #if defined(HAVE_PTHREAD_ATFORK) && defined(WITH_THREAD) #define PYSSL_RAND_ATFORK 1 static void -PySSL_RAND_atfork_parent(void) +PySSL_RAND_atfork_prepare(void) { struct { char stack[128]; /* uninitialized (!) stack data, 128 is an @@ -2630,9 +2631,9 @@ PySSL_RAND_atfork(void) if (registered) return 0; - retval = pthread_atfork(NULL, /* prepare */ - PySSL_RAND_atfork_parent, /* parent */ - NULL); /* child */ + retval = pthread_atfork(PySSL_RAND_atfork_prepare, /* prepare */ + NULL, /* parent */ + NULL); /* child */ if (retval != 0) { PyErr_SetFromErrno(PyExc_OSError); return -1; |