Gitweb:
http://git.exim.org/exim.git/commitdiff/de6135a0cbbeb4fbae7233a40563a241de1c237b
Commit: de6135a0cbbeb4fbae7233a40563a241de1c237b
Parent: 700d22f3fc0cc559170e8085a1b799b61dceb738
Author: Phil Pennock <pdp@???>
AuthorDate: Tue Apr 2 12:37:03 2013 -0400
Committer: Phil Pennock <pdp@???>
CommitDate: Tue Apr 2 12:37:03 2013 -0400
Ensure OpenSSL entropy state reset across forks.
Note that this function is never going to be called pre-fork unless the
admin is doing something highly unusual with ${randint:..} in a context
evaluated in the listening daemon. Other forks should result in a
re-exec(), thus resetting state.
Nonetheless, be more cautious, explicitly reset state.
Fix per PostgreSQL.
PS: why does OpenSSL not document RAND_cleanup() on the same page as all
the other entropy pool maintenance functions?
---
src/src/tls-openssl.c | 14 ++++++++++++++
1 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 42afd39..18cb787 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1753,12 +1753,26 @@ vaguely_random_number(int max)
{
unsigned int r;
int i, needed_len;
+static pid_t pidlast = 0;
+pid_t pidnow;
uschar *p;
uschar smallbuf[sizeof(r)];
if (max <= 1)
return 0;
+pidnow = getpid();
+if (pidnow != pidlast)
+ {
+ /* Although OpenSSL documents that "OpenSSL makes sure that the PRNG state
+ is unique for each thread", this doesn't apparently apply across processes,
+ so our own warning from vaguely_random_number_fallback() applies here too.
+ Fix per PostgreSQL. */
+ if (pidlast != 0)
+ RAND_cleanup();
+ pidlast = pidnow;
+ }
+
/* OpenSSL auto-seeds from /dev/random, etc, but this a double-check. */
if (!RAND_status())
{
