1 files changed, 85 insertions, 82 deletions
diff --git a/Python/random.c b/Python/random.c
index 337be86087..2941ba16af 100644
--- a/Python/random.c
+++ b/Python/random.c
@@ -3,6 +3,9 @@
 #include <windows.h>
 #else
 #include <fcntl.h>
+#ifdef HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
 #endif
 
 #ifdef Py_DEBUG
@@ -12,13 +15,6 @@ static int _Py_HashSecret_Initialized = 0;
 #endif
 
 #ifdef MS_WINDOWS
-typedef BOOL (WINAPI *CRYPTACQUIRECONTEXTA)(HCRYPTPROV *phProv,\
-              LPCSTR pszContainer, LPCSTR pszProvider, DWORD dwProvType,\
-              DWORD dwFlags );
-typedef BOOL (WINAPI *CRYPTGENRANDOM)(HCRYPTPROV hProv, DWORD dwLen,\
-              BYTE *pbBuffer );
-
-static CRYPTGENRANDOM pCryptGenRandom = NULL;
 /* This handle is never explicitly released. Instead, the operating
    system will release it when the process terminates. */
 static HCRYPTPROV hCryptProv = 0;
@@ -26,29 +22,9 @@ static HCRYPTPROV hCryptProv = 0;
 static int
 win32_urandom_init(int raise)
 {
-    HINSTANCE hAdvAPI32 = NULL;
-    CRYPTACQUIRECONTEXTA pCryptAcquireContext = NULL;
-
-    /* Obtain handle to the DLL containing CryptoAPI. This should not fail. */
-    hAdvAPI32 = GetModuleHandle("advapi32.dll");
-    if(hAdvAPI32 == NULL)
-        goto error;
-
-    /* Obtain pointers to the CryptoAPI functions. This will fail on some early
-       versions of Win95. */
-    pCryptAcquireContext = (CRYPTACQUIRECONTEXTA)GetProcAddress(
-                               hAdvAPI32, "CryptAcquireContextA");
-    if (pCryptAcquireContext == NULL)
-        goto error;
-
-    pCryptGenRandom = (CRYPTGENRANDOM)GetProcAddress(hAdvAPI32,
-                                                     "CryptGenRandom");
-    if (pCryptGenRandom == NULL)
-        goto error;
-
     /* Acquire context */
-    if (! pCryptAcquireContext(&hCryptProv, NULL, NULL,
-                               PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
+    if (!CryptAcquireContext(&hCryptProv, NULL, NULL,
+                             PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
         goto error;
 
     return 0;
@@ -77,7 +53,7 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
     while (size > 0)
     {
         chunk = size > INT_MAX ? INT_MAX : size;
-        if (!pCryptGenRandom(hCryptProv, chunk, buffer))
+        if (!CryptGenRandom(hCryptProv, (DWORD)chunk, buffer))
         {
             /* CryptGenRandom() failed */
             if (raise)
@@ -95,40 +71,24 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
 #endif /* MS_WINDOWS */
 
 
-#ifdef __VMS
-/* Use openssl random routine */
-#include <openssl/rand.h>
-static int
-vms_urandom(unsigned char *buffer, Py_ssize_t size, int raise)
-{
-    if (RAND_pseudo_bytes(buffer, size) < 0) {
-        if (raise) {
-            PyErr_Format(PyExc_ValueError,
-                         "RAND_pseudo_bytes");
-        } else {
-            Py_FatalError("Failed to initialize the randomized hash "
-                          "secret using RAND_pseudo_bytes");
-        }
-        return -1;
-    }
-    return 0;
-}
-#endif /* __VMS */
-
-
-#if !defined(MS_WINDOWS) && !defined(__VMS)
+#ifndef MS_WINDOWS
+static struct {
+    int fd;
+    dev_t st_dev;
+    ino_t st_ino;
+} urandom_cache = { -1 };
 
 /* Read size bytes from /dev/urandom into buffer.
    Call Py_FatalError() on error. */
 static void
-dev_urandom_noraise(char *buffer, Py_ssize_t size)
+dev_urandom_noraise(unsigned char *buffer, Py_ssize_t size)
 {
     int fd;
     Py_ssize_t n;
 
     assert (0 < size);
 
-    fd = open("/dev/urandom", O_RDONLY);
+    fd = _Py_open("/dev/urandom", O_RDONLY);
     if (fd < 0)
         Py_FatalError("Failed to open /dev/urandom");
 
@@ -156,22 +116,56 @@ dev_urandom_python(char *buffer, Py_ssize_t size)
 {
     int fd;
     Py_ssize_t n;
+    struct stat st;
 
     if (size <= 0)
         return 0;
 
-    Py_BEGIN_ALLOW_THREADS
-    fd = open("/dev/urandom", O_RDONLY);
-    Py_END_ALLOW_THREADS
-    if (fd < 0)
-    {
-        if (errno == ENOENT || errno == ENXIO ||
-            errno == ENODEV || errno == EACCES)
-            PyErr_SetString(PyExc_NotImplementedError,
-                            "/dev/urandom (or equivalent) not found");
-        else
-            PyErr_SetFromErrno(PyExc_OSError);
-        return -1;
+    if (urandom_cache.fd >= 0) {
+        /* Does the fd point to the same thing as before? (issue #21207) */
+        if (fstat(urandom_cache.fd, &st)
+            || st.st_dev != urandom_cache.st_dev
+            || st.st_ino != urandom_cache.st_ino) {
+            /* Something changed: forget the cached fd (but don't close it,
+               since it probably points to something important for some
+               third-party code). */
+            urandom_cache.fd = -1;
+        }
+    }
+    if (urandom_cache.fd >= 0)
+        fd = urandom_cache.fd;
+    else {
+        Py_BEGIN_ALLOW_THREADS
+        fd = _Py_open("/dev/urandom", O_RDONLY);
+        Py_END_ALLOW_THREADS
+        if (fd < 0)
+        {
+            if (errno == ENOENT || errno == ENXIO ||
+                errno == ENODEV || errno == EACCES)
+                PyErr_SetString(PyExc_NotImplementedError,
+                                "/dev/urandom (or equivalent) not found");
+            else
+                PyErr_SetFromErrno(PyExc_OSError);
+            return -1;
+        }
+        if (urandom_cache.fd >= 0) {
+            /* urandom_fd was initialized by another thread while we were
+               not holding the GIL, keep it. */
+            close(fd);
+            fd = urandom_cache.fd;
+        }
+        else {
+            if (fstat(fd, &st)) {
+                PyErr_SetFromErrno(PyExc_OSError);
+                close(fd);
+                return -1;
+            }
+            else {
+                urandom_cache.fd = fd;
+                urandom_cache.st_dev = st.st_dev;
+                urandom_cache.st_ino = st.st_ino;
+            }
+        }
     }
 
     Py_BEGIN_ALLOW_THREADS
@@ -195,13 +189,21 @@ dev_urandom_python(char *buffer, Py_ssize_t size)
             PyErr_Format(PyExc_RuntimeError,
                          "Failed to read %zi bytes from /dev/urandom",
                          size);
-        close(fd);
         return -1;
     }
-    close(fd);
     return 0;
 }
-#endif /* !defined(MS_WINDOWS) && !defined(__VMS) */
+
+static void
+dev_urandom_close(void)
+{
+    if (urandom_cache.fd >= 0) {
+        close(urandom_cache.fd);
+        urandom_cache.fd = -1;
+    }
+}
+
+#endif /* MS_WINDOWS */
 
 /* Fill buffer with pseudo-random bytes generated by a linear congruent
    generator (LCG):
@@ -243,11 +245,7 @@ _PyOS_URandom(void *buffer, Py_ssize_t size)
 #ifdef MS_WINDOWS
     return win32_urandom((unsigned char *)buffer, size, 1);
 #else
-# ifdef __VMS
-    return vms_urandom((unsigned char *)buffer, size, 1);
-# else
     return dev_urandom_python((char*)buffer, size);
-# endif
 #endif
 }
 
@@ -255,8 +253,9 @@ void
 _PyRandom_Init(void)
 {
     char *env;
-    void *secret = &_Py_HashSecret;
+    unsigned char *secret = (unsigned char *)&_Py_HashSecret.uc;
     Py_ssize_t secret_size = sizeof(_Py_HashSecret_t);
+    assert(secret_size == sizeof(_Py_HashSecret.uc));
 
     if (_Py_HashSecret_Initialized)
         return;
@@ -284,18 +283,22 @@ _PyRandom_Init(void)
             memset(secret, 0, secret_size);
         }
         else {
-            lcg_urandom(seed, (unsigned char*)secret, secret_size);
+            lcg_urandom(seed, secret, secret_size);
         }
     }
     else {
 #ifdef MS_WINDOWS
-        (void)win32_urandom((unsigned char *)secret, secret_size, 0);
-#else /* #ifdef MS_WINDOWS */
-# ifdef __VMS
-        vms_urandom((unsigned char *)secret, secret_size, 0);
-# else
-        dev_urandom_noraise((char*)secret, secret_size);
-# endif
+        (void)win32_urandom(secret, secret_size, 0);
+#else
+        dev_urandom_noraise(secret, secret_size);
 #endif
     }
 }
+
+void
+_PyRandom_Fini(void)
+{
+#ifndef MS_WINDOWS
+    dev_urandom_close();
+#endif
+}