diff options
| -rw-r--r-- | Doc/library/os.rst | 4 | ||||
| -rw-r--r-- | Doc/library/ssl.rst | 8 | ||||
| -rw-r--r-- | Misc/NEWS | 3 | ||||
| -rw-r--r-- | Modules/_ssl.c | 67 |
4 files changed, 15 insertions, 67 deletions
diff --git a/Doc/library/os.rst b/Doc/library/os.rst index 466f242..f8b1025 100644 --- a/Doc/library/os.rst +++ b/Doc/library/os.rst @@ -2637,6 +2637,10 @@ written in Python, such as a mail server's external command delivery program. Note that some platforms including FreeBSD <= 6.3, Cygwin and OS/2 EMX have known issues when using fork() from a thread. + .. warning:: + + See :mod:`ssl` for applications that use the SSL module with fork(). + Availability: Unix. diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index e86da5f..e6f164d 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -29,6 +29,14 @@ probably additional platforms, as long as OpenSSL is installed on that platform. cause variations in behavior. For example, TLSv1.1 and TLSv1.2 come with openssl version 1.0.1. +.. warning:: + + OpenSSL's internal random number generator does not properly handle fork. + Applications must change the PRNG state of the parent process if they use + any SSL feature with with :func:`os.fork`. Any successful call of + :func:`~ssl.RAND_add`, :func:`~ssl.RAND_bytes` or + :func:`~ssl.RAND_pseudo_bytes` is sufficient. + This section documents the objects and functions in the ``ssl`` module; for more general information about TLS, SSL, and certificates, the reader is referred to the documents in the "See Also" section at the bottom. @@ -28,6 +28,9 @@ Core and Builtins Library ------- +- Issue #19227: Remove pthread_atfork() handler. The handler was added to + solve #18747 but has caused issues. + - Issue #19420: Fix reference leak in module initalization code of _hashopenssl.c diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 9343cb6..34a141b 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -19,9 +19,6 @@ #ifdef WITH_THREAD #include "pythread.h" -#ifdef HAVE_PTHREAD_ATFORK -# include <pthread.h> -#endif #define PySSL_BEGIN_ALLOW_THREADS_S(save) \ do { if (_ssl_locks_count>0) { (save) = PyEval_SaveThread(); } } while (0) @@ -2950,65 +2947,6 @@ Queries the entropy gather daemon (EGD) on the socket named by 'path'.\n\ Returns number of bytes read. Raises SSLError if connection to EGD\n\ fails or if it does not provide enough data to seed PRNG."); -/* Seed OpenSSL's PRNG at fork(), http://bugs.python.org/issue18747 - * - * The prepare handler seeds the PRNG from pseudo-random data like pid, the - * current time (miliseconds or seconds) and an uninitialized array. - * The array contains stack variables that are impossible to predict - * on most systems, e.g. function return address (subject to ASLR), the - * stack protection canary and automatic variables. - * The code is inspired by Apache's ssl_rand_seed() function. - * - * Note: - * The code uses pthread_atfork() until Python has a proper atfork API. The - * handlers are not removed from the child process. A prepare handler is used - * instead of a child handler because fork() is supposed to be async-signal - * safe but the handler calls unsafe functions. A parent handler has caused - * other problems, see issue #19227. - */ - -#if defined(HAVE_PTHREAD_ATFORK) && defined(WITH_THREAD) -#define PYSSL_RAND_ATFORK 1 - -static void -PySSL_RAND_atfork_prepare(void) -{ - struct { - char stack[128]; /* uninitialized (!) stack data, 128 is an - arbitrary number. */ - pid_t pid; /* current pid */ - _PyTime_timeval tp; /* current time */ - } seed; - -#ifdef WITH_VALGRIND - VALGRIND_MAKE_MEM_DEFINED(seed.stack, sizeof(seed.stack)); -#endif - seed.pid = getpid(); - _PyTime_gettimeofday(&(seed.tp)); - RAND_add((unsigned char *)&seed, sizeof(seed), 0.0); -} - -static int -PySSL_RAND_atfork(void) -{ - static int registered = 0; - int retval; - - if (registered) - return 0; - - retval = pthread_atfork(PySSL_RAND_atfork_prepare, /* prepare */ - NULL, /* parent */ - NULL); /* child */ - if (retval != 0) { - PyErr_SetFromErrno(PyExc_OSError); - return -1; - } - registered = 1; - return 0; -} -#endif /* HAVE_PTHREAD_ATFORK */ - #endif /* HAVE_OPENSSL_RAND */ @@ -3623,10 +3561,5 @@ PyInit__ssl(void) if (r == NULL || PyModule_AddObject(m, "_OPENSSL_API_VERSION", r)) return NULL; -#ifdef PYSSL_RAND_ATFORK - if (PySSL_RAND_atfork() == -1) - return NULL; -#endif - return m; } |