This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author pitrou
Recipients christian.heimes, neologix, pitrou, sbt, vstinner
Date 2013-08-15.12:50:23
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1376571015.2755.3.camel@fsol>
In-reply-to <1376570790.44.0.281491407661.issue18747@psf.upfronthosting.co.za>
Content
> The ssl module exposes OpenSSL's PRNG and advertises the API as secure
> CPRNG: http://docs.python.org/3/library/ssl.html#random-generation

AFAICT, Python's PRNG isn't reset after fork, so I don't think OpenSSL's
should be reset.
OTOH, multiprocessing does reseed the random module after fork, so it
should also do so for the ssl module if already loaded.

We may add a note in the ssl docs stating that it's better to reseed
after fork().
History
Date User Action Args
2013-08-15 12:50:23pitrousetrecipients: + pitrou, vstinner, christian.heimes, neologix, sbt
2013-08-15 12:50:23pitroulinkissue18747 messages
2013-08-15 12:50:23pitroucreate