Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 81be27d

Browse files
committed
Issue #19227: Try to fix deadlocks caused by re-seeding then OpenSSL
pseudo-random number generator on fork().
1 parent 045ee06 commit 81be27d

2 files changed

Lines changed: 11 additions & 7 deletions

File tree

Misc/NEWS

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -81,6 +81,9 @@ Core and Builtins
8181
Library
8282
-------
8383

84+
- Issue #19227: Try to fix deadlocks caused by re-seeding then OpenSSL
85+
pseudo-random number generator on fork().
86+
8487
- Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than
8588
100 headers are read. Adapted from patch by Jyrki Pulliainen.
8689

Modules/_ssl.c

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -2586,7 +2586,7 @@ fails or if it does not provide enough data to seed PRNG.");
25862586

25872587
/* Seed OpenSSL's PRNG at fork(), http://bugs.python.org/issue18747
25882588
*
2589-
* The parent handler seeds the PRNG from pseudo-random data like pid, the
2589+
* The prepare handler seeds the PRNG from pseudo-random data like pid, the
25902590
* current time (miliseconds or seconds) and an uninitialized array.
25912591
* The array contains stack variables that are impossible to predict
25922592
* on most systems, e.g. function return address (subject to ASLR), the
@@ -2595,16 +2595,17 @@ fails or if it does not provide enough data to seed PRNG.");
25952595
*
25962596
* Note:
25972597
* The code uses pthread_atfork() until Python has a proper atfork API. The
2598-
* handlers are not removed from the child process. A parent handler is used
2598+
* handlers are not removed from the child process. A prepare handler is used
25992599
* instead of a child handler because fork() is supposed to be async-signal
2600-
* safe but the handler calls unsafe functions.
2600+
* safe but the handler calls unsafe functions. A parent handler has caused
2601+
* other problems, see issue #19227.
26012602
*/
26022603

26032604
#if defined(HAVE_PTHREAD_ATFORK) && defined(WITH_THREAD)
26042605
#define PYSSL_RAND_ATFORK 1
26052606

26062607
static void
2607-
PySSL_RAND_atfork_parent(void)
2608+
PySSL_RAND_atfork_prepare(void)
26082609
{
26092610
struct {
26102611
char stack[128]; /* uninitialized (!) stack data, 128 is an
@@ -2630,9 +2631,9 @@ PySSL_RAND_atfork(void)
26302631
if (registered)
26312632
return 0;
26322633

2633-
retval = pthread_atfork(NULL, /* prepare */
2634-
PySSL_RAND_atfork_parent, /* parent */
2635-
NULL); /* child */
2634+
retval = pthread_atfork(PySSL_RAND_atfork_prepare, /* prepare */
2635+
NULL, /* parent */
2636+
NULL); /* child */
26362637
if (retval != 0) {
26372638
PyErr_SetFromErrno(PyExc_OSError);
26382639
return -1;

0 commit comments

Comments
 (0)