I understand the concern. The issue I am wrestling with is strict
compatibility with the existing code. Does anyone really *want* the RNG’s to
not reseed on fork? It’s hard to imagine, but maybe somewhere someone is. And
then it’s not about just reseeding, but what about when (if) we add other
things, like whether or not the secure arena gets zero’d in a child?
So let me phrase it this way: does anyone object to changing the default so
NO_ATFORK must be used to avoid the reseeding and other things we might add
later?
By the way I noticed that openssl_init_fork_handlers() is not guarded by
RUN_ONCE(). This should be fixed, too.
Yeah, I’ll fix that; thanks.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
