[svn] gcry - r1169 - in branches/LIBGCRYPT-1-2-BRANCH: . cipher

svn author wk cvs at cvs.gnupg.org
Wed Jul 26 10:54:01 CEST 2006


Author: wk
Date: 2006-07-26 10:54:00 +0200 (Wed, 26 Jul 2006)
New Revision: 1169

Modified:
   branches/LIBGCRYPT-1-2-BRANCH/THANKS
   branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog
   branches/LIBGCRYPT-1-2-BRANCH/cipher/random.c
Log:
Don't run post-fork reinitialization every time after a fork


Modified: branches/LIBGCRYPT-1-2-BRANCH/THANKS
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/THANKS	2006-07-12 20:59:54 UTC (rev 1168)
+++ branches/LIBGCRYPT-1-2-BRANCH/THANKS	2006-07-26 08:54:00 UTC (rev 1169)
@@ -126,6 +126,7 @@
 Thomas Mikkelsen	   tbm at image.dk
 Ulf Möller		   3umoelle at informatik.uni-hamburg.de
 Umberto Salsi		   salsi at icosaedro.it
+Uoti Urpala
 Urko Lusa		   ulusa at euskalnet.net
 Walter Koch		   koch at u32.de
 Werner Koch		   wk at gnupg.org

Modified: branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog	2006-07-12 20:59:54 UTC (rev 1168)
+++ branches/LIBGCRYPT-1-2-BRANCH/cipher/ChangeLog	2006-07-26 08:54:00 UTC (rev 1169)
@@ -1,3 +1,8 @@
+2006-07-26  Werner Koch  <wk at g10code.com>
+
+	* random.c (gcry_create_nonce): Update the pid after a fork.
+	Reported by Uoti Urpala.
+
 2005-09-13  Werner Koch  <wk at g10code.com>
 
 	* random.c (gcry_create_nonce): Detect a fork and re-seed.

Modified: branches/LIBGCRYPT-1-2-BRANCH/cipher/random.c
===================================================================
--- branches/LIBGCRYPT-1-2-BRANCH/cipher/random.c	2006-07-12 20:59:54 UTC (rev 1168)
+++ branches/LIBGCRYPT-1-2-BRANCH/cipher/random.c	2006-07-26 08:54:00 UTC (rev 1169)
@@ -1121,6 +1121,7 @@
                                    compiler does not optimize the code away
                                    in case the getpid function is badly
                                    attributed. */
+  volatile pid_t apid;
   unsigned char *p;
   size_t n;
   int err;
@@ -1135,11 +1136,12 @@
     log_fatal ("failed to acquire the nonce buffer lock: %s\n",
                strerror (err));
 
+  apid = getpid ();
   /* The first time intialize our buffer. */
   if (!nonce_buffer_initialized)
     {
-      pid_t apid = getpid ();
       time_t atime = time (NULL);
+      pid_t xpid = apid;
 
       my_pid = apid;
 
@@ -1150,8 +1152,8 @@
          a failure of gcry_randomize won't affect us too much.  Don't
          care about the uninitialized remaining bytes. */
       p = nonce_buffer;
-      memcpy (p, &apid, sizeof apid);
-      p += sizeof apid;
+      memcpy (p, &xpid, sizeof xpid);
+      p += sizeof xpid;
       memcpy (p, &atime, sizeof atime); 
 
       /* Initialize the never changing private part of 64 bits. */
@@ -1159,11 +1161,14 @@
 
       nonce_buffer_initialized = 1;
     }
-  else if ( my_pid != getpid () )
+  else if ( my_pid != apid )
     {
       /* We forked. Need to reseed the buffer - doing this for the
          private part should be sufficient. */
       gcry_randomize (nonce_buffer+20, 8, GCRY_WEAK_RANDOM);
+      /* Update the pid so that we won't run into here again and
+         again. */
+      my_pid = apid;
     }
 
   /* Create the nonce by hashing the entire buffer, returning the hash




More information about the Gnupg-commits mailing list