generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Always hash the pid in the first iteration in ssleay_rand_bytes,

Browse Source 
don't try to detect fork()s by looking at getpid().
The reason is that threads sharing the same memory can have different
PIDs; it's inefficient to run RAND_seed each time a different thread
calls RAND_bytes.
This commit is contained in:
Bodo Möller 1999-10-26 16:26:48 +00:00
parent c1e744b912
commit 62ac293801
2 changed files with 10 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGES
View File

@ -5,7 +5,7 @@
Changes between 0.9.4 and 0.9.5 [xx XXX 1999] Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
*) Make crypto/rand/md_rand.c more robust: *) Make crypto/rand/md_rand.c more robust:
- Detect fork() and assure unique random states. - Assure unique random numbers after fork().
- Make sure that concurrent threads access the global counter and - Make sure that concurrent threads access the global counter and
md serializably so that we never lose entropy in them md serializably so that we never lose entropy in them
or use exactly the same state in multiple threads. or use exactly the same state in multiple threads.

27
crypto/rand/md_rand.c
View File

@ -287,8 +287,7 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
static int init=1; static int init=1;
unsigned long l; unsigned long l;
#ifndef MSDOS #ifndef MSDOS
static pid_t prev_pid = 0; pid_t curr_pid = getpid();
pid_t curr_pid;
#endif #endif
#ifdef DEVRANDOM #ifdef DEVRANDOM
FILE *fh; FILE *fh;
@ -329,8 +328,7 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
* just this */ * just this */
RAND_seed(&m,sizeof(m)); RAND_seed(&m,sizeof(m));
#ifndef MSDOS #ifndef MSDOS
prev_pid = getpid(); l=curr_pid;
l=prev_pid;
RAND_seed(&l,sizeof(l)); RAND_seed(&l,sizeof(l));
l=getuid(); l=getuid();
RAND_seed(&l,sizeof(l)); RAND_seed(&l,sizeof(l));
@ -367,20 +365,6 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
init=0; init=0;
} }
#ifndef MSDOS
/* make sure we have unique states when a program forks
* (new with OpenSSL 0.9.5; for earlier versions, applications
* must take care of this) */
curr_pid = getpid();
if (prev_pid != curr_pid)
{
prev_pid = curr_pid;
CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
RAND_seed(&curr_pid, sizeof curr_pid);
CRYPTO_w_lock(CRYPTO_LOCK_RAND);
}
#endif
st_idx=state_index; st_idx=state_index;
st_num=state_num; st_num=state_num;
md_c[0] = md_count[0]; md_c[0] = md_count[0];
@ -402,6 +386,13 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num; j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
num-=j; num-=j;
MD_Init(&m); MD_Init(&m);
#ifndef MSDOS
if (curr_pid) /* just in the first iteration to save time */
{
MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid);
curr_pid = 0;
}
#endif
MD_Update(&m,&(local_md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2); MD_Update(&m,&(local_md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2);
MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c)); MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
#ifndef PURIFY #ifndef PURIFY