[Python-checkins] cpython (merge 3.3 -> default): Issue #19227 / Issue #18747: Remove pthread_atfork() handler to remove OpenSSL
christian.heimes
python-checkins at python.org
Tue Oct 29 21:18:30 CET 2013
http://hg.python.org/cpython/rev/705f2addd0f0
changeset: 86752:705f2addd0f0
parent: 86735:6fdbb81b4020
parent: 86751:cd4007fb9c7e
user: Christian Heimes <christian at cheimes.de>
date: Tue Oct 29 21:11:55 2013 +0100
summary:
Issue #19227 / Issue #18747: Remove pthread_atfork() handler to remove OpenSSL re-seeding
It is causing trouble like e.g. hanging processes.
files:
Doc/library/os.rst | 4 +
Doc/library/ssl.rst | 8 +++
Misc/NEWS | 3 +
Modules/_ssl.c | 67 ---------------------------------
4 files changed, 15 insertions(+), 67 deletions(-)
diff --git a/Doc/library/os.rst b/Doc/library/os.rst
--- a/Doc/library/os.rst
+++ b/Doc/library/os.rst
@@ -2637,6 +2637,10 @@
Note that some platforms including FreeBSD <= 6.3, Cygwin and OS/2 EMX have
known issues when using fork() from a thread.
+ .. warning::
+
+ See :mod:`ssl` for applications that use the SSL module with fork().
+
Availability: Unix.
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@@ -29,6 +29,14 @@
cause variations in behavior. For example, TLSv1.1 and TLSv1.2 come with
openssl version 1.0.1.
+.. warning::
+
+ OpenSSL's internal random number generator does not properly handle fork.
+ Applications must change the PRNG state of the parent process if they use
+ any SSL feature with with :func:`os.fork`. Any successful call of
+ :func:`~ssl.RAND_add`, :func:`~ssl.RAND_bytes` or
+ :func:`~ssl.RAND_pseudo_bytes` is sufficient.
+
This section documents the objects and functions in the ``ssl`` module; for more
general information about TLS, SSL, and certificates, the reader is referred to
the documents in the "See Also" section at the bottom.
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -28,6 +28,9 @@
Library
-------
+- Issue #19227: Remove pthread_atfork() handler. The handler was added to
+ solve #18747 but has caused issues.
+
- Issue #19420: Fix reference leak in module initalization code of
_hashopenssl.c
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -19,9 +19,6 @@
#ifdef WITH_THREAD
#include "pythread.h"
-#ifdef HAVE_PTHREAD_ATFORK
-# include <pthread.h>
-#endif
#define PySSL_BEGIN_ALLOW_THREADS_S(save) \
do { if (_ssl_locks_count>0) { (save) = PyEval_SaveThread(); } } while (0)
@@ -2950,65 +2947,6 @@
Returns number of bytes read. Raises SSLError if connection to EGD\n\
fails or if it does not provide enough data to seed PRNG.");
-/* Seed OpenSSL's PRNG at fork(), http://bugs.python.org/issue18747
- *
- * The prepare handler seeds the PRNG from pseudo-random data like pid, the
- * current time (miliseconds or seconds) and an uninitialized array.
- * The array contains stack variables that are impossible to predict
- * on most systems, e.g. function return address (subject to ASLR), the
- * stack protection canary and automatic variables.
- * The code is inspired by Apache's ssl_rand_seed() function.
- *
- * Note:
- * The code uses pthread_atfork() until Python has a proper atfork API. The
- * handlers are not removed from the child process. A prepare handler is used
- * instead of a child handler because fork() is supposed to be async-signal
- * safe but the handler calls unsafe functions. A parent handler has caused
- * other problems, see issue #19227.
- */
-
-#if defined(HAVE_PTHREAD_ATFORK) && defined(WITH_THREAD)
-#define PYSSL_RAND_ATFORK 1
-
-static void
-PySSL_RAND_atfork_prepare(void)
-{
- struct {
- char stack[128]; /* uninitialized (!) stack data, 128 is an
- arbitrary number. */
- pid_t pid; /* current pid */
- _PyTime_timeval tp; /* current time */
- } seed;
-
-#ifdef WITH_VALGRIND
- VALGRIND_MAKE_MEM_DEFINED(seed.stack, sizeof(seed.stack));
-#endif
- seed.pid = getpid();
- _PyTime_gettimeofday(&(seed.tp));
- RAND_add((unsigned char *)&seed, sizeof(seed), 0.0);
-}
-
-static int
-PySSL_RAND_atfork(void)
-{
- static int registered = 0;
- int retval;
-
- if (registered)
- return 0;
-
- retval = pthread_atfork(PySSL_RAND_atfork_prepare, /* prepare */
- NULL, /* parent */
- NULL); /* child */
- if (retval != 0) {
- PyErr_SetFromErrno(PyExc_OSError);
- return -1;
- }
- registered = 1;
- return 0;
-}
-#endif /* HAVE_PTHREAD_ATFORK */
-
#endif /* HAVE_OPENSSL_RAND */
@@ -3623,10 +3561,5 @@
if (r == NULL || PyModule_AddObject(m, "_OPENSSL_API_VERSION", r))
return NULL;
-#ifdef PYSSL_RAND_ATFORK
- if (PySSL_RAND_atfork() == -1)
- return NULL;
-#endif
-
return m;
}
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list