diff options
-rw-r--r-- | random/unix/apr_random.c | 5 | ||||
-rw-r--r-- | threadproc/unix/proc.c | 10 |
2 files changed, 8 insertions, 7 deletions
diff --git a/random/unix/apr_random.c b/random/unix/apr_random.c index c6d671c6b..852cfd6e3 100644 --- a/random/unix/apr_random.c +++ b/random/unix/apr_random.c @@ -159,6 +159,11 @@ APR_DECLARE(void) apr_random_after_fork(apr_proc_t *proc) apr_random_t *r; for (r = all_random; r; r = r->next) + /* + * XXX Note: the pid does not provide sufficient entropy to + * actually call this secure. See Ben's paper referenced at + * the top of this file. + */ mixer(r,proc->pid); } diff --git a/threadproc/unix/proc.c b/threadproc/unix/proc.c index 69d3690ce..3588a86b0 100644 --- a/threadproc/unix/proc.c +++ b/threadproc/unix/proc.c @@ -219,15 +219,14 @@ APR_DECLARE(apr_status_t) apr_procattr_detach_set(apr_procattr_t *attr, APR_DECLARE(apr_status_t) apr_proc_fork(apr_proc_t *proc, apr_pool_t *pool) { int pid; + + memset(proc, 0, sizeof(apr_proc_t)); if ((pid = fork()) < 0) { return errno; } else if (pid == 0) { - proc->pid = pid; - proc->in = NULL; - proc->out = NULL; - proc->err = NULL; + proc->pid = getpid(); apr_random_after_fork(proc); @@ -235,9 +234,6 @@ APR_DECLARE(apr_status_t) apr_proc_fork(apr_proc_t *proc, apr_pool_t *pool) } proc->pid = pid; - proc->in = NULL; - proc->out = NULL; - proc->err = NULL; return APR_INPARENT; } |