Message195250
> The ssl module exposes OpenSSL's PRNG and advertises the API as secure
> CPRNG: http://docs.python.org/3/library/ssl.html#random-generation
AFAICT, Python's PRNG isn't reset after fork, so I don't think OpenSSL's
should be reset.
OTOH, multiprocessing does reseed the random module after fork, so it
should also do so for the ssl module if already loaded.
We may add a note in the ssl docs stating that it's better to reseed
after fork(). |
|
Date |
User |
Action |
Args |
2013-08-15 12:50:23 | pitrou | set | recipients:
+ pitrou, vstinner, christian.heimes, neologix, sbt |
2013-08-15 12:50:23 | pitrou | link | issue18747 messages |
2013-08-15 12:50:23 | pitrou | create | |
|