mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2025-02-25 15:10:48 +01:00
Drop thread-local fast_rng on fork.
This will cause the child process to construct a new one in a nice safe way. Closes ticket 29668; bug not in any released Tor.
This commit is contained in:
parent
db2e916afe
commit
ab6ad3c040
1 changed files with 6 additions and 0 deletions
|
@ -152,6 +152,12 @@ crypto_prefork(void)
|
||||||
#ifdef ENABLE_NSS
|
#ifdef ENABLE_NSS
|
||||||
crypto_nss_prefork();
|
crypto_nss_prefork();
|
||||||
#endif
|
#endif
|
||||||
|
/* It is not safe to share a fast_rng object across a fork boundary unless
|
||||||
|
* we actually have zero-on-fork support in map_anon.c. If we have
|
||||||
|
* drop-on-fork support, we will crash; if we have neither, we will yield
|
||||||
|
* a copy of the parent process's rng, which is scary and insecure.
|
||||||
|
*/
|
||||||
|
destroy_thread_fast_rng();
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Run operations that the crypto library requires to be happy again
|
/** Run operations that the crypto library requires to be happy again
|
||||||
|
|
Loading…
Add table
Reference in a new issue