> Most other libraries I've seen handle this by saving the pid in a static > variable, and then comparing the current pid to it. This has the advantage > of not needing pthreads, and also of only adding the entropy to the child > if it is actually needed (i. e. it doesn't exec after fork). >
We may have to do that, but we'll still want to always use the current PID so that we don't end up relying on any kind of random device actually being present (not all environments have that, so while we can try to reseed, we can't be sure that this will work). By the way, in case you wonder why OpenSSL doesn't try to detect forking at all, that's because the PID may be differ between threads running on the same memory. If I remember correctly, that was the case for Linux threads in the ancient times when this code was written: http://cvs.openssl.org/chngview?cn=1519 http://cvs.openssl.org/chngview?cn=1520 Bodo
