treewide: reseed RNG in child processes

This prevents name conflicts leading to retries and slowdowns in
temporary file name generation.  No actual data corruption
resulted because all temporary files are opened with O_EXCL
anyways.

This may increase security for IMAP, NNTP, and HTTPS sessions
using TLS, but it's all public data anyways.

diff --git a/lib/PublicInbox/Daemon.pm b/lib/PublicInbox/Daemon.pm
index f5543c85cee03b45845a5d0cdb806e175b7a4949..b5f97d81bebf57256a3b3a520c1a95dd37b87d93 100644 (file)
--- a/lib/PublicInbox/Daemon.pm
+++ b/lib/PublicInbox/Daemon.pm
@@ -533,10 +533,13 @@ EOF
                if ($n <= $want) {
                        PublicInbox::DS::block_signals() if !$sigfd;
                        for my $i ($n..$want) {
+                               my $seed = rand(0xffffffff);
                                my $pid = fork;
                                if (!defined $pid) {
                                        warn "failed to fork worker[$i]: $!\n";
                                } elsif ($pid == 0) {
+                                       srand($seed);
+                                       eval { Net::SSLeay::randomize() };
                                        $set_user->() if $set_user;
                                        return $p0; # run normal work code
                                } else {

diff --git a/lib/PublicInbox/IPC.pm b/lib/PublicInbox/IPC.pm
index dbb87e4ebedb006dbaa22d11786fd8d2cc686d3d..6efaff3827ce101db268826332e671927dfcae31 100644 (file)
--- a/lib/PublicInbox/IPC.pm
+++ b/lib/PublicInbox/IPC.pm
@@ -105,8 +105,10 @@ sub ipc_worker_spawn {
        pipe(my ($r_res, $w_res)) or die "pipe: $!";
        my $sigset = $oldset // PublicInbox::DS::block_signals();
        $self->ipc_atfork_prepare;
-       defined(my $pid = fork) or die "fork: $!";
+       my $seed = rand(0xffffffff);
+       my $pid = fork // die "fork: $!";
        if ($pid == 0) {
+               srand($seed);
                eval { PublicInbox::DS->Reset };
                delete @$self{qw(-wq_s1 -wq_workers -wq_ppid)};
                $w_req = $r_res = undef;
@@ -286,8 +288,10 @@ sub wq_do { # always async
 
 sub _wq_worker_start ($$) {
        my ($self, $oldset) = @_;
+       my $seed = rand(0xffffffff);
        my $pid = fork // die "fork: $!";
        if ($pid == 0) {
+               srand($seed);
                eval { PublicInbox::DS->Reset };
                delete @$self{qw(-wq_s1 -wq_workers -wq_ppid)};
                $SIG{$_} = 'IGNORE' for (qw(PIPE TTOU TTIN));

diff --git a/lib/PublicInbox/Watch.pm b/lib/PublicInbox/Watch.pm
index 9a7291404404cdddd8250f2ba29bd02dac7de31e..1de5018d0230b1a4bee9d96080dd30cdaa4b9fdb 100644 (file)
--- a/lib/PublicInbox/Watch.pm
+++ b/lib/PublicInbox/Watch.pm
@@ -625,8 +625,11 @@ sub imap_idle_fork ($$) {
        my ($self, $url_intvl) = @_;
        my ($url, $intvl) = @$url_intvl;
        pipe(my ($r, $w)) or die "pipe: $!";
+       my $seed = rand(0xffffffff);
        defined(my $pid = fork) or die "fork: $!";
        if ($pid == 0) {
+               srand($seed);
+               eval { Net::SSLeay::randomize() };
                close $r;
                watch_atfork_child($self);
                watch_imap_idle_1($self, $url, $intvl);
@@ -704,8 +707,11 @@ sub poll_fetch_fork ($) { # DS::add_timer callback
        return if $self->{quit};
        pipe(my ($r, $w)) or die "pipe: $!";
        my $oldset = watch_atfork_parent($self);
+       my $seed = rand(0xffffffff);
        my $pid = fork;
        if (defined($pid) && $pid == 0) {
+               srand($seed);
+               eval { Net::SSLeay::randomize() };
                close $r;
                watch_atfork_child($self);
                if ($urls->[0] =~ m!\Aimaps?://!i) {

diff --git a/lib/PublicInbox/Xapcmd.pm b/lib/PublicInbox/Xapcmd.pm
index 8de516ef5ace4f2c52ca840f52f7fe6ec3979944..269aa99af16f80da3ab3266a524978b9b32202d2 100644 (file)
--- a/lib/PublicInbox/Xapcmd.pm
+++ b/lib/PublicInbox/Xapcmd.pm
@@ -89,8 +89,10 @@ sub commit_changes ($$$$) {
 
 sub cb_spawn {
        my ($cb, $args, $opt) = @_; # $cb = cpdb() or compact()
-       defined(my $pid = fork) or die "fork: $!";
+       my $seed = rand(0xffffffff);
+       my $pid = fork // die "fork: $!";
        return $pid if $pid > 0;
+       srand($seed);
        $cb->($args, $opt);
        POSIX::_exit(0);
 }