From 81be27d53e33b6eb5cedf75c17038673e1555145 Mon Sep 17 00:00:00 2001
From: Georg Brandl <georg@python.org>
Date: Sun, 27 Oct 2013 07:56:11 +0100
Subject: [PATCH] Issue #19227: Try to fix deadlocks caused by re-seeding then
 OpenSSL pseudo-random number generator on fork().

---
 Misc/NEWS      |  3 +++
 Modules/_ssl.c | 15 ++++++++-------
 2 files changed, 11 insertions(+), 7 deletions(-)

diff --git a/Misc/NEWS b/Misc/NEWS
index 6d01b355991..fe562528932 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -81,6 +81,9 @@ Core and Builtins
 Library
 -------
 
+- Issue #19227: Try to fix deadlocks caused by re-seeding then OpenSSL
+  pseudo-random number generator on fork().
+
 - Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than
   100 headers are read.  Adapted from patch by Jyrki Pulliainen.
 
diff --git a/Modules/_ssl.c b/Modules/_ssl.c
index 448114bd732..b791f28d087 100644
--- a/Modules/_ssl.c
+++ b/Modules/_ssl.c
@@ -2586,7 +2586,7 @@ fails or if it does not provide enough data to seed PRNG.");
 
 /* Seed OpenSSL's PRNG at fork(), http://bugs.python.org/issue18747
  *
- * The parent handler seeds the PRNG from pseudo-random data like pid, the
+ * The prepare handler seeds the PRNG from pseudo-random data like pid, the
  * current time (miliseconds or seconds) and an uninitialized array.
  * The array contains stack variables that are impossible to predict
  * on most systems, e.g. function return address (subject to ASLR), the
@@ -2595,16 +2595,17 @@ fails or if it does not provide enough data to seed PRNG.");
  *
  * Note:
  * The code uses pthread_atfork() until Python has a proper atfork API. The
- * handlers are not removed from the child process. A parent handler is used
+ * handlers are not removed from the child process. A prepare handler is used
  * instead of a child handler because fork() is supposed to be async-signal
- * safe but the handler calls unsafe functions.
+ * safe but the handler calls unsafe functions. A parent handler has caused
+ * other problems, see issue #19227.
  */
 
 #if defined(HAVE_PTHREAD_ATFORK) && defined(WITH_THREAD)
 #define PYSSL_RAND_ATFORK 1
 
 static void
-PySSL_RAND_atfork_parent(void)
+PySSL_RAND_atfork_prepare(void)
 {
     struct {
         char stack[128];    /* uninitialized (!) stack data, 128 is an
@@ -2630,9 +2631,9 @@ PySSL_RAND_atfork(void)
     if (registered)
         return 0;
 
-    retval = pthread_atfork(NULL,                     /* prepare */
-                            PySSL_RAND_atfork_parent, /* parent */
-                            NULL);                    /* child */
+    retval = pthread_atfork(PySSL_RAND_atfork_prepare, /* prepare */
+                            NULL,                      /* parent */
+                            NULL);                     /* child */
     if (retval != 0) {
         PyErr_SetFromErrno(PyExc_OSError);
         return -1;