summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPhil Pennock <pdp@exim.org>2013-04-02 12:37:03 -0400
committerPhil Pennock <pdp@exim.org>2013-04-02 12:37:03 -0400
commitde6135a0cbbeb4fbae7233a40563a241de1c237b (patch)
treecc6753844f8b0da3e6abafe9ec5ea662eeb297ff
parent700d22f3fc0cc559170e8085a1b799b61dceb738 (diff)
Ensure OpenSSL entropy state reset across forks.
Note that this function is never going to be called pre-fork unless the admin is doing something highly unusual with ${randint:..} in a context evaluated in the listening daemon. Other forks should result in a re-exec(), thus resetting state. Nonetheless, be more cautious, explicitly reset state. Fix per PostgreSQL. PS: why does OpenSSL not document RAND_cleanup() on the same page as all the other entropy pool maintenance functions?
-rw-r--r--src/src/tls-openssl.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 42afd3949..18cb787a5 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -1753,12 +1753,26 @@ vaguely_random_number(int max)
{
unsigned int r;
int i, needed_len;
+static pid_t pidlast = 0;
+pid_t pidnow;
uschar *p;
uschar smallbuf[sizeof(r)];
if (max <= 1)
return 0;
+pidnow = getpid();
+if (pidnow != pidlast)
+ {
+ /* Although OpenSSL documents that "OpenSSL makes sure that the PRNG state
+ is unique for each thread", this doesn't apparently apply across processes,
+ so our own warning from vaguely_random_number_fallback() applies here too.
+ Fix per PostgreSQL. */
+ if (pidlast != 0)
+ RAND_cleanup();
+ pidlast = pidnow;
+ }
+
/* OpenSSL auto-seeds from /dev/random, etc, but this a double-check. */
if (!RAND_status())
{