From 8011801549beddbb4565b64496994c4d3746c24d Mon Sep 17 00:00:00 2001
From: Kovid Goyal <kovid@kovidgoyal.net>
Date: Tue, 5 Jul 2022 21:42:38 +0530
Subject: [PATCH] re-init openssl PRNG when forking for prewarm

---
 kitty/prewarm.py | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/kitty/prewarm.py b/kitty/prewarm.py
index 508571bd4..17a0adbee 100644
--- a/kitty/prewarm.py
+++ b/kitty/prewarm.py
@@ -53,6 +53,11 @@ class Child:
     child_process_pid: int
 
 
+def reinit_openssl_prng() -> None:
+    import ssl
+    ssl.RAND_add(os.urandom(64), 0.0)
+
+
 def wait_for_child_death(child_pid: int, timeout: float = 1) -> Optional[int]:
     st = time.monotonic()
     while time.monotonic() - st < timeout:
@@ -326,6 +331,7 @@ def fork(shm_address: str, free_non_child_resources: Callable[[], None]) -> Tupl
         # master process
         os.close(w)
         os.close(ready_fd_read)
+        reinit_openssl_prng()
         poll = select.poll()
         poll.register(r, select.POLLIN)
         tuple(poll.poll())
@@ -441,8 +447,9 @@ class SocketChild:
         r, w = safe_pipe()
         self.pid = os.fork()
         if self.pid > 0:
-            os.close(w)
             # master process
+            os.close(w)
+            reinit_openssl_prng()
             if self.stdin > -1:
                 os.close(self.stdin)
                 self.stdin = -1
@@ -799,6 +806,7 @@ def fork_prewarm_process(opts: Options, use_exec: bool = False) -> Optional[Prew
         child_pid = os.fork()
     if child_pid:
         # master
+        reinit_openssl_prng()
         if not use_exec:
             unix_socket.close()
         os.close(stdin_read)