nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-21 13:34:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

Drop thread-local fast_rng on fork.

Browse Source 
This will cause the child process to construct a new one in a nice
safe way.

Closes ticket 29668; bug not in any released Tor.
This commit is contained in:
Nick Mathewson 2019-03-06 09:59:10 -05:00
parent db2e916afe
commit ab6ad3c040
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/lib/crypt_ops/crypto_init.c
View File

@ -152,6 +152,12 @@ crypto_prefork(void)
#ifdef ENABLE_NSS
crypto_nss_prefork();
#endif
/* It is not safe to share a fast_rng object across a fork boundary unless
* we actually have zero-on-fork support in map_anon.c. If we have
* drop-on-fork support, we will crash; if we have neither, we will yield
* a copy of the parent process's rng, which is scary and insecure.
*/
destroy_thread_fast_rng();
}
/** Run operations that the crypto library requires to be happy again