fork_process.c and OpenSSL
I think this falls into the feature request category.
fork_process handles forking on *nix.
OpenSSL is not fork safe on the child side. I seem to recall Nico
Williams traced it back to non-safe async signal handling and the the
in-ability to replace the locks safely. See
http://wiki.openssl.org/index.php/Libcrypto_API#Fork_Safety.
In this case, they guys are recommending posix_spawn.
**********
fork_process finishes with the following:
#ifdef USE_SSL
RAND_cleanup();
#endif
It great to see the attention to detail.
RAND_cleanup may be heavier-weight than needed because it could
discard current generator state. In this case, if the state was good
before the fork, its probably good after the fork. So all that should
be needed is to mix in additional entropy to diversify states.
To mix in additional entropy (without discarding state), all that is
needed is a call to RAND_poll. See
http://wiki.openssl.org/index.php/Random_fork-safety.
Ben Laurie pushed a patch recently that might be of interest. It mixes
in the PID and Time from a high-res timer (if available) rather than
discarding state. See
https://github.com/openssl/openssl/commit/3cd8547a2018ada88a4303067a2aa15eadc17f39.
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs
On 11/13/13, 10:52 AM, Jeffrey Walton wrote:
I think this falls into the feature request category.
fork_process handles forking on *nix.
Given that the current setup has worked more or less for a very long
time, it's hard to get enthusiastic about making nonspecific changes on
less than air-tight evidence. We need to support many OpenSSL versions
on many platforms and many configurations. Again, if you think there is
an improvement to be made, please send specific patches with references
or performance measurements.
--
Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-bugs