util: reset GetRandom functions in helpers after fork

DWS/chrony

mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 16:35:06 -05:00

Close /dev/urandom and drop cached getrandom() data after forking helper
processes to avoid them getting the same sequence of random numbers
(e.g. two NTS-KE helpers generating cookies with identical nonces).
arc4random() is assumed to be able to detect forks and reseed
automatically.

This is not strictly necessary with the current code, which does not use
the GetRandom functions before the NTS-KE helper processes are forked,
but that could change in future.

Also, call the reset function before exit to close /dev/urandom in order
to avoid valgrind reporting the file object as "still reachable".

This commit is contained in:

Miroslav Lichvar

2021-11-23 13:17:26 +01:00

parent 09067e06d3

commit a0a9560258

6 changed files with 48 additions and 9 deletions

									
										2

main.c
									
												View File
												
				@@ -141,6 +141,8 @@ MAI_CleanupAndExit(void)

				  HSH_Finalise();

				  LOG_Finalise();

				  UTI_ResetGetRandomFunctions();

				  exit(exit_status);

				}

util: reset GetRandom functions in helpers after fork

2 main.c Unescape Escape View File

2

main.c

View File