random-util: call initialize_srand() after fork()

diff --git a/src/basic/random-util.c b/src/basic/random-util.c
index cdc2a164cbe2e3eb34db363e50b9514bc3e19145..eae488ae5d921bb449d01b461cd7840815d1abef 100644 (file)
--- a/src/basic/random-util.c
+++ b/src/basic/random-util.c
@@ -7,6 +7,7 @@
 #include <elf.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <pthread.h>
 #include <stdbool.h>
 #include <stdint.h>
 #include <stdlib.h>
@@ -28,6 +29,8 @@
 #include "siphash24.h"
 #include "time-util.h"
 
+static bool srand_called = false;
+
 int rdrand(unsigned long *ret) {
 
         /* So, you are a "security researcher", and you wonder why we bother with using raw RDRAND here,
@@ -272,8 +275,12 @@ int genuine_random_bytes(void *p, size_t n, RandomFlags flags) {
         return loop_read_exact(fd, p, n, true);
 }
 
+static void clear_srand_initialization(void) {
+        srand_called = false;
+}
+
 void initialize_srand(void) {
-        static bool srand_called = false;
+        static bool pthread_atfork_registered = false;
         unsigned x;
 #if HAVE_SYS_AUXV_H
         const void *auxv;
@@ -309,6 +316,11 @@ void initialize_srand(void) {
 
         srand(x);
         srand_called = true;
+
+        if (!pthread_atfork_registered) {
+                (void) pthread_atfork(NULL, NULL, clear_srand_initialization);
+                pthread_atfork_registered = true;
+        }
 }
 
 /* INT_MAX gives us only 31 bits, so use 24 out of that. */