[New-bugs-announce] [issue18747] Re-seed OpenSSL's PRNG after fork

Christian Heimes report at bugs.python.org
Thu Aug 15 14:35:01 CEST 2013

New submission from Christian Heimes:

A couple of reports and check-in messages like

  Postgres / pgcrypto CVE-2013-1900

suggests that OpenSSL's PRNG should be reset or re-seeded after fork(). Otherwise child processes can generate the same or similar pseudo random values.

Python doesn't have an API to run code before and after fork yet. The patch uses pthread_atfork() for the task. It's available on all pthread platforms -- which are all official supported platforms that have fork(), too.

The patch doesn't use RAND_cleanup() like Postgres because child process would hav to initial the PRNG again by opening and reading from /dev/urandom. The atfork prepare hook pulls from random bytes from the PRNG and stores them in a static buffer. The child handler seeds the PRNG from that buffer + pid + current time. PID and current time are mixed into the state to extenuate race conditions.

components: Extension Modules
files: openssl_prng_atfork.patch
keywords: patch
messages: 195247
nosy: christian.heimes, haypo
priority: normal
severity: normal
stage: patch review
status: open
title: Re-seed OpenSSL's PRNG after fork
type: security
versions: Python 2.6, Python 2.7, Python 3.1, Python 3.2, Python 3.3, Python 3.4
Added file: http://bugs.python.org/file31300/openssl_prng_atfork.patch

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list