diff options
Diffstat (limited to 'Modules/_ssl.c')
| -rw-r--r-- | Modules/_ssl.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/Modules/_ssl.c b/Modules/_ssl.c index 448114b..b791f28d 100644 --- a/Modules/_ssl.c +++ b/Modules/_ssl.c @@ -2586,7 +2586,7 @@ fails or if it does not provide enough data to seed PRNG."); /* Seed OpenSSL's PRNG at fork(), http://bugs.python.org/issue18747 * - * The parent handler seeds the PRNG from pseudo-random data like pid, the + * The prepare handler seeds the PRNG from pseudo-random data like pid, the * current time (miliseconds or seconds) and an uninitialized array. * The array contains stack variables that are impossible to predict * on most systems, e.g. function return address (subject to ASLR), the @@ -2595,16 +2595,17 @@ fails or if it does not provide enough data to seed PRNG."); * * Note: * The code uses pthread_atfork() until Python has a proper atfork API. The - * handlers are not removed from the child process. A parent handler is used + * handlers are not removed from the child process. A prepare handler is used * instead of a child handler because fork() is supposed to be async-signal - * safe but the handler calls unsafe functions. + * safe but the handler calls unsafe functions. A parent handler has caused + * other problems, see issue #19227. */ #if defined(HAVE_PTHREAD_ATFORK) && defined(WITH_THREAD) #define PYSSL_RAND_ATFORK 1 static void -PySSL_RAND_atfork_parent(void) +PySSL_RAND_atfork_prepare(void) { struct { char stack[128]; /* uninitialized (!) stack data, 128 is an @@ -2630,9 +2631,9 @@ PySSL_RAND_atfork(void) if (registered) return 0; - retval = pthread_atfork(NULL, /* prepare */ - PySSL_RAND_atfork_parent, /* parent */ - NULL); /* child */ + retval = pthread_atfork(PySSL_RAND_atfork_prepare, /* prepare */ + NULL, /* parent */ + NULL); /* child */ if (retval != 0) { PyErr_SetFromErrno(PyExc_OSError); return -1; |