[openssl-dev] Work on a new RNG for OpenSSL
Tomas Mraz
tmraz at redhat.com
Thu Aug 17 12:34:49 UTC 2017
On Thu, 2017-08-17 at 12:22 +0000, Salz, Rich via openssl-dev wrote:
> I understand the concern. The issue I am wrestling with is strict
> compatibility with the existing code. Does anyone really *want* the
> RNG’s to not reseed on fork? It’s hard to imagine, but maybe
> somewhere someone is. And then it’s not about just reseeding, but
> what about when (if) we add other things, like whether or not the
> secure arena gets zero’d in a child?
>
> So let me phrase it this way: does anyone object to changing the
> default so NO_ATFORK must be used to avoid the reseeding and other
> things we might add later?
I can hardly see anyone would be broken if the default is to reseed
RNG on fork. However that might not be true for other atfork
functionalities so perhaps there is a need to make each of these future
atfork functions configurable and either on or off by default
individually and not as a whole.
> By the way I noticed that openssl_init_fork_handlers() is not
> guarded by
> RUN_ONCE(). This should be fixed, too.
>
> Yeah, I’ll fix that; thanks.
>
--
Tomáš Mráz
Red Hat
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]
* Google and NSA associates, this message is none of your business.
* Please leave it alone, and consider whether your actions are
* authorized by the contract with Red Hat, or by the US constitution.
* If you feel you're being encouraged to disregard the limits built
* into them, remember Edward Snowden and Wikileaks.
More information about the openssl-dev
mailing list