Always hash the pid in the first iteration in ssleay_rand_bytes,

don't try to detect fork()s by looking at getpid(). The reason is that threads sharing the same memory can have different PIDs; it's inefficient to run RAND_seed each time a different thread calls RAND_bytes.

Always hash the pid in the first iteration in ssleay_rand_bytes,
don't try to detect fork()s by looking at getpid(). The reason is that threads sharing the same memory can have different PIDs; it's inefficient to run RAND_seed each time a different thread calls RAND_bytes.
62ac2938 · Bodo Möller · c1e744b9 · 62ac2938 · 62ac2938
隐藏空白更改
内联并排

Showing with 10 addition and 19 deletion

CHANGES CHANGES +1 -1

crypto/rand/md_rand.c crypto/rand/md_rand.c +9 -18

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -5,7 +5,7 @@
 Changes between 0.9.4 and 0.9.5  [xx XXX 1999]

  *) Make crypto/rand/md_rand.c more robust:
-     - Detect fork() and assure unique random states.
+     - Assure unique random numbers after fork().
     - Make sure that concurrent threads access the global counter and
       md serializably so that we never lose entropy in them
       or use exactly the same state in multiple threads.

--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -287,8 +287,7 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
 	static int init=1;
 	unsigned long l;
 #ifndef MSDOS
-	static pid_t prev_pid = 0;
-	pid_t curr_pid;
+	pid_t curr_pid = getpid();
 #endif
 #ifdef DEVRANDOM
 	FILE *fh;
@@ -329,8 +328,7 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
 		 * just this */
 		RAND_seed(&m,sizeof(m));
 #ifndef MSDOS
-		prev_pid = getpid();
-		l=prev_pid;
+		l=curr_pid;
 		RAND_seed(&l,sizeof(l));
 		l=getuid();
 		RAND_seed(&l,sizeof(l));
@@ -367,20 +365,6 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
 		init=0;
 		}

-#ifndef MSDOS
-	/* make sure we have unique states when a program forks
-	 * (new with OpenSSL 0.9.5; for earlier versions, applications
-	 * must take care of this) */
-	curr_pid = getpid();
-	if (prev_pid != curr_pid)
-		{
-		prev_pid = curr_pid;
-		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
-		RAND_seed(&curr_pid, sizeof curr_pid);
-		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
-		}
-#endif
-
 	st_idx=state_index;
 	st_num=state_num;
 	md_c[0] = md_count[0];
@@ -402,6 +386,13 @@ static void ssleay_rand_bytes(unsigned char *buf, int num)
 		j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
 		num-=j;
 		MD_Init(&m);
+#ifndef MSDOS
+		if (curr_pid) /* just in the first iteration to save time */
+			{
+			MD_Update(&m,(unsigned char*)&curr_pid,sizeof curr_pid);
+			curr_pid = 0;
+			}
+#endif
 		MD_Update(&m,&(local_md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2);
 		MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
 #ifndef PURIFY